Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Cloud Auditing Best Practices
  • Table Of Contents Toc
  • Feedback & Rating feedback
Cloud Auditing Best Practices

Cloud Auditing Best Practices

By : Shinesa Cambric, Michael Ratemo
4.7 (20)
Buy this Book
close
close
Cloud Auditing Best Practices

Cloud Auditing Best Practices

4.7 (20)
By: Shinesa Cambric, Michael Ratemo
Buy this Book

Overview of this book

As more and more companies are moving to cloud and multi-cloud environments, being able to assess the compliance of these environments properly is becoming more important. But in this fast-moving domain, getting the most up-to-date information is a challenge—so where do you turn? Cloud Auditing Best Practices has all the information you’ll need. With an explanation of the fundamental concepts and hands-on walk-throughs of the three big cloud players, this book will get you up to speed with cloud auditing before you know it. After a quick introduction to cloud architecture and an understanding of the importance of performing cloud control assessments, you’ll quickly get to grips with navigating AWS, Azure, and GCP cloud environments. As you explore the vital role an IT auditor plays in any company’s network, you'll learn how to successfully build cloud IT auditing programs, including using standard tools such as Terraform, Azure Automation, AWS Policy Sentry, and many more. You’ll also get plenty of tips and tricks for preparing an effective and advanced audit and understanding how to monitor and assess cloud environments using standard tools. By the end of this book, you will be able to confidently apply and assess security controls for AWS, Azure, and GCP, allowing you to independently and effectively confirm compliance in the cloud.
Table of Contents (16 chapters)
close
close
close
Preface
chevron up
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Download the color images
Icon
Conventions used
Icon
Get in touch
Icon
Share Your Thoughts
Icon
Download a free PDF copy of this book
1
Part 1:
The Basics of Cloud Architecture and Navigating – Understanding Enterprise Cloud Auditing Essentials
Icon
Part 1:
The Basics of Cloud Architecture and Navigating – Understanding Enterprise Cloud Auditing Essentials
Free Chapter
2
Chapter 1: Cloud Architecture and Navigation
Icon
Chapter 1: Cloud Architecture and Navigation
Icon
Understanding cloud auditing
Icon
Cloud architecture and service models
Icon
Navigating cloud provider environments
Icon
Summary
3
Chapter 2: Effective Techniques for Preparing to Audit Cloud Environments
Icon
Chapter 2: Effective Techniques for Preparing to Audit Cloud Environments
Icon
Preparing to perform a cloud assessment
Icon
Effective techniques for aligning IT controls to cloud environments
Icon
Basic cloud auditing tools and frameworks
Icon
Leveraging policy and compliance automation
Icon
Summary
4
Part 2:Cloud Security and IT Controls
Icon
Part 2:Cloud Security and IT Controls
5
Chapter 3: Identity and Access Management Controls
Icon
Chapter 3: Identity and Access Management Controls
Icon
User authentication and authorization
Icon
Permissions, roles, and groups
Icon
Device management
Icon
Reviewing activity logs
Icon
Summary
6
Chapter 4: Network, Infrastructure, and Security Controls
Icon
Chapter 4: Network, Infrastructure, and Security Controls
Icon
Security control centers
Icon
Network controls
Icon
Security policies
Icon
Data security
Icon
Summary
7
Chapter 5: Financial Resource and Change Management Controls
Icon
Chapter 5: Financial Resource and Change Management Controls
Icon
Example resource management controls
Icon
Policies for resource management
Icon
Performing changes
Icon
Change management integration and workflows
Icon
Change history
Icon
Financial billing and cost controls
Icon
Financial resource ownership
Icon
Summary
8
Part 3:Executing an Effective Enterprise Cloud Audit Plan
Icon
Part 3:Executing an Effective Enterprise Cloud Audit Plan
9
Chapter 6: Tips and Techniques for Advanced Auditing
Icon
Chapter 6: Tips and Techniques for Advanced Auditing
Icon
Common pitfalls
Icon
Tips, tricks, and techniques
Icon
Preparing for more advanced auditing
Icon
Other clouds
Icon
Summary
10
Chapter 7: Tools for Monitoring and Assessing
Icon
Chapter 7: Tools for Monitoring and Assessing
Icon
Basic cloud auditing tools within AWS
Icon
Azure
Icon
GCP
Icon
Summary
11
Chapter 8: Walk-Through – Assessing IAM Controls
Icon
Chapter 8: Walk-Through – Assessing IAM Controls
Icon
Preparing to assess cloud IAM controls
Icon
Assessing authentication and authorization
Icon
Assessing access assignment controls
Icon
Assessing privileged access controls
Icon
Assessing device controls
Icon
Summary
12
Chapter 9: Walk-Through – Assessing Policy Settings and Resource Controls
Icon
Chapter 9: Walk-Through – Assessing Policy Settings and Resource Controls
Icon
Preparing to assess network, infrastructure, and resource controls
Icon
Assessing network and firewall settings
Icon
Assessing resource management policies
Icon
Assessing data security policies
Icon
Summary
13
Chapter 10: Walk-Through – Assessing Change Management, Logging, and Monitoring Policies
Icon
Chapter 10: Walk-Through – Assessing Change Management, Logging, and Monitoring Policies
Icon
Preparing to assess change management controls
Icon
Assessing audit and logging configurations
Icon
Assessing change management and configuration policies
Icon
Assessing monitoring and alerting policies
Icon
Summary
14
Index
Icon
Index
Icon
Why subscribe?
15
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Packt is searching for authors like you
Icon
Share Your Thoughts
Icon
Download a free PDF copy of this book

What this book covers

Chapter 1, Cloud Architecture and Navigation, provides a fundamental understanding of what a cloud environment is, navigating through different cloud provider environments, and roles and responsibilities between the cloud service provider and an auditor.

Chapter 2, Effective Techniques for Preparing to Audit Cloud Environments, covers the standard resources available to develop an audit plan, and align controls to a cloud environment, and the tools for policy and compliance automation.

Chapter 3, Identity and Access Management Controls, walks through configuration and control options for a digital identity, including authentication and authorization and reviewing activity logs.

Chapter 4, Network, Infrastructure, and Security Controls, looks at policies and options for defining and controlling network and infrastructure access and navigating security control centers.

Chapter 5, Financial Resource and Change Management Controls, introduces features available within each of the cloud environments for resource management, including billing and cost controls, and tracking changes within the cloud environment.

Chapter 6, Tips and Techniques for Advanced Auditing, provides guidance on common pitfalls an IT auditor should look out for, tips and techniques to leverage, and ideas for preparing for more advanced audits, including a primer on other cloud environments such as Alibaba, IBM, and Oracle.

Chapter 7, Tools for Monitoring and Assessing, gives a deeper insight on tools and options that exist for auditors to monitor cloud platforms, within each of the three major cloud providers.

Chapter 8, Walk-Through – Assessing IAM Controls, covers simple assessments for hands-on experience assessing identity and access management controls within the three major cloud providers.

Chapter 9, Walk-Through – Assessing Policy Settings and Resource Controls, provides practice opportunities for assessing security and compliance settings, and reviewing resource management controls.

Chapter 10, Walk-Through – Assessing Change Management, Logging, and Monitoring Policies, offers an opportunity to practice assessing compliance for changes made within the cloud environment, as well as how to leverage cloud native tools for performing logging and monitoring in the cloud.

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
Start a 7-day FREE trial
Next Section

Create a Note

Modal Close icon
You need to login to use this feature.
notes
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Delete Note

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Edit Note

Modal Close icon
Write a note (max 255 characters)
Cancel
Update Note

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY