In this chapter, we discussed how security needs to adapt to a cloud native world. The old processes around applying security are largely obsolete, and a new approach is needed. We discussed the mindset of applying security at every layer and what essential features make up a secure cloud native stack. They are compliant, encrypted with scalable/available encryption resources, utilize DLP technology to automatically prevent exposure of data, employ caching to prevent user data from being written in application memory, and finally have secure credentials and endpoints to enable people to interact with the stack safely.

We introduced a number of cloud security services that exist on CSPs today. These include security groups, NACLs, data loss prevention, identity and access management, log generation and collection, monitoring, configuration management, encryption services and modules, web application firewalls, and automated security assessment tools.

All these services must come together to build a secure cloud native stack. We covered a few novel examples of how these services can be applied in different situations, ranging from IAM management and firewall configuration to mobile security management.

Finally, we introduced some of the third-party tools available in the marketplace that one can use to help close the gap between current security approaches and the more cloud native ones discussed in this chapter.