Sign In Start Free Trial
Account

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Cloud Auditing Best Practices
  • Table Of Contents Toc
  • Feedback & Rating feedback
Cloud Auditing Best Practices

Cloud Auditing Best Practices

By : Shinesa Cambric, Michael Ratemo
4.7 (20)
close
close
Cloud Auditing Best Practices

Cloud Auditing Best Practices

4.7 (20)
By: Shinesa Cambric, Michael Ratemo

Overview of this book

As more and more companies are moving to cloud and multi-cloud environments, being able to assess the compliance of these environments properly is becoming more important. But in this fast-moving domain, getting the most up-to-date information is a challenge—so where do you turn? Cloud Auditing Best Practices has all the information you’ll need. With an explanation of the fundamental concepts and hands-on walk-throughs of the three big cloud players, this book will get you up to speed with cloud auditing before you know it. After a quick introduction to cloud architecture and an understanding of the importance of performing cloud control assessments, you’ll quickly get to grips with navigating AWS, Azure, and GCP cloud environments. As you explore the vital role an IT auditor plays in any company’s network, you'll learn how to successfully build cloud IT auditing programs, including using standard tools such as Terraform, Azure Automation, AWS Policy Sentry, and many more. You’ll also get plenty of tips and tricks for preparing an effective and advanced audit and understanding how to monitor and assess cloud environments using standard tools. By the end of this book, you will be able to confidently apply and assess security controls for AWS, Azure, and GCP, allowing you to independently and effectively confirm compliance in the cloud.
Table of Contents (16 chapters)
close
close
1
Part 1:
The Basics of Cloud Architecture and Navigating – Understanding Enterprise Cloud Auditing Essentials
4
Part 2:Cloud Security and IT Controls
8
Part 3:Executing an Effective Enterprise Cloud Audit Plan

Tips, tricks, and techniques

Cloud environments are complex and have low visibility. In a traditional data center, there was a finite number of assets that IT auditors could examine and report on. However, in a cloud environment, there can be exponential growth in the number of assets, which may include virtual machines (VMs), virtual networks, containers, serverless functions, and so on. It can be very challenging to inventory what is running in an organization’s cloud.

Asset inventory plays such a foundational role in a cyber security program, that CIS Critical Security Controls and the NIST Cybersecurity Framework list the need to inventory and control infrastructure assets as their first security controls.

The first thing the IT auditor needs to do is to understand the cloud asset inventory to be able to perform an effective audit. The IT auditor needs to understand what applications are running within the cloud and whether they are approved by the organization, or...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech

Create a Note

Modal Close icon
You need to login to use this feature.
notes
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected

Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Delete Note

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Edit Note

Modal Close icon
Write a note (max 255 characters)
Cancel
Update Note

Confirmation

Modal Close icon
claim successful

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY