Cloud Native Application Protection Platforms by Russ Miles

Author:Russ Miles
Language: eng
Format: epub
Publisher: O'Reilly Media
Published: 2024-09-19T00:00:00+00:00

Inadequate identity and access management

Do you know who, or what, did what? In a complex cloud native system, there is often a veritable smorgasbord6 of different accounts attributable to everything from humans to programmatic agents. Adequate cloud native identity and access management keeps abreast of all those potentially stale accounts, overly permissive identities, and dangerously shared identities, keeping tabs on them all with fast-adapting identity and access management tooling protocols.

Dependency chain abuse

Are you sure you’re getting the dependency you were expecting? With the vast numbers of direct and transitive dependencies composed into your average cloud native application, abuse is very possible. It can be trivial, from simple but malicious dependencies with names that are very similar names to their legitimate cousins (dependency confusion), through typosquatting (one character wrong and boom, you have an enemy inside the gates), to the truly nefarious approach of hijacking a public dependency artifact in a public repository and replacing it with something that tastes and looks the same, but will likely be poison at runtime.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.