دانلود کتاب مهندسی امنیت اعتماد صفر

In 2013, only 40% of the world was connected to the internet, and much of that data travelled in plaintext. Today, almost 70% of the global population is online, and encryption is now a standard practice. However, as our defenses have improved, so have the threats. Advancements in artificial intelligence, particularly generative AI, have reduced the barriers to sophisticated attacks. Emerging technologies such as quantum computing are challenging current protection methods. All in all, they make the traditional perimeter-based security models insufficient. Zero Trust security engineering challenges this outdated approach by adopting a never trust, always verify mindset. In May 2021, the Colonial Pipeline Ransomware Attack led the U.S. President to declare a state of emergency. The attack led to vast fuel shortages across the country. Countless organizations have crippled their security, suffering devastating fines, penalties, and irreparable reputational damage. In 2025 alone, multiple brands were targeted by sophisticated ransomware attacks, causing significant disruptions and impacting their businesses, revenues, and customers. Drawing inspiration from similar real-life instances, this book will provide you with all the knowledge you would need to build secure applications. You can apply these techniques regardless of whether your product is hosted on the cloud or on-premises. It will introduce you to the key concepts and requirements you need to know when building software products. This book explores how to integrate Zero Trust principles into your software development lifecycle, network, and operations, enabling you to build secure, resilient, and scalable. Harnessing the knowledge in this book will position you as a more brilliant, more strategic, safety-driven, and more effective engineer or leader. Chapter 1: Understanding Zero Trust – Security is everyone’s job and primarily focuses on protecting the solution from unauthorized access and damage. This chapter will dive into why security is not a single-team responsibility and why the Zero Trust approach is the right way to approach security. It will also dive into the evolution and history of Zero Trust. Chapter 2: Architecture and Pillars of Zero Trust – This chapter introduces the architecture behind the Zero Trust approach and the core pillars of the Zero Trust approach to build secure solutions in today’s world. The book presents a simple framework that can be applied to any system, organisation, application, or product. This chapter dives into these core architecture principles of Zero Trust and the six core pillars of Zero Trust engineering that will be discussed in detail in the subsequent chapters. Chapter 3: Secure Your Code, Build and Deploy – Whether you are a developer or a leader, code is a fundamental part of the security posture of all systems. So, let us learn to shift left security and integrate it into every stage of the development process, adopting practices when writing code. Chapter 4: Secure Your Identities – Robust identity and access management solutions, moving beyond simple password-based systems to multi-factor authentication and role-based access control. This chapter will cover why this is important and some ways you can embed secure identities in your applications. Chapter 5: Secure Your Network – Traditionally, organisations relied on a perimeter-based network architecture. The Zero Trust approach focuses on de-perimiterisation. This chapter will cover examples of why this approach is essential and ways to implement it. Chapter 6: Secure Your Data – Even with sufficient security across all layers, compromises do happen, and you want to protect your crown jewels (and that is data). This chapter will cover how to adopt comprehensive data security management practices that are simple and easy to adopt. Chapter 7: Manage Vulnerabilities – Establishing a continuous vulnerability management process in your software development and infrastructure landscape is supercritical. This is how you try to keep attackers at bay. Chapter 8: Continuous Monitoring – A feedback loop is an essential part of sound Zero Trust security. With security implemented across all your layers, you would need appropriate monitoring to detect threats and respond to incidents when they happen, and to watch, learn, and improve your protections. Chapter 9: Container Security – Since the launch of Kubernetes, containers have become ubiquitous with modern microservices-based architectures. It is thus vital that we review best practices and apply the same framework to container security. This chapter takes a case study of a real application and provides some practical tips for securing containers. Chapter 10: Security in the Age of Artificial Intelligence – As artificial intelligence becomes embedded in organisations and people increasingly use GenAI tools, it is essential to understand the security implications of these tools and technologies. AI is a double-edged sword as it has reduced the barrier to entry for attackers but also helps improve defenses. This chapter will help you understand the implications of AI and be more aware of this ever-changing landscape. Chapter 11: Dealing with Complexity – As you start applying security to your products and solutions, you will most likely be faced with complexity. This chapter talks about how to use a risk-based approach to strike the right balance between security and other non-functional requirements. It will also touch upon some techniques that can help you make good judgment calls. Chapter 12: Policies, Frameworks and Compliance – Whether working in regulated industries or not, policies, frameworks and compliance are essential to organizational governance, risk management, and legal obligations. This chapter will emphasize the role of compliance in ensuring that organizations meet legal requirements, industry standards, and ethical expectations, preventing costly violations and reputational damage. It outlines various global and industry-specific regulatory requirements that organizations must navigate, including data protection laws (e.g., GDPR), financial regulations (e.g., AML), and environmental standards. The book will cover various examples to emphasize the need to build secure, reliable systems and draw insights from industry best practices and experiences. After reading this book, you will be equipped with a simple and powerful approach, frameworks and best practices that you can apply in building secure and reliable systems.