NSA joint author on OpenStack Security Guidebook

The OpenStack Security Guidebook has been published in ePub format (with PDF and online to follow shortly).


NSA authorship

Companies and organisations involved include Red Hat, HP, Nebula, the NSA, Intel, Nicira, Rackspace, Cloudscaling, Johns Hopkins Applied Physics Laboratory and Floss Manuals.

As OpenStack adoption continues to grow and mature, security has of course become a priority.

This guide has been written to provide an overview of security best practices, guidelines, and recommendations for increasing the security of an OpenStack deployment.

Rite of CloudPassage

“The authors of this book were some of the most talented OpenStack, security, and compliance individuals in the industry,” said Andrew Hay, director of applied security research at CloudPassage, Inc. and (somewhat immodestly) a contributor to the book himself.

“The result was a highly collaborative body of work with experts, from both private and public sector, lending their respective expertise to demystify deploying OpenStack in a safe and secure manner. Now OpenStack administrators will finally have a reference that provides guidance on securing their cloud environments.”

The authors say they bring their expertise from deploying and securing OpenStack in a variety of environments.

“As with the OpenStack Operations Guide, we followed the book sprint methodology. The book sprint process allows for rapid development and production of large bodies of written work,” said the team, in a press statement.

The team converged in Annapolis, Maryland to write the guide due to the close proximately of some key members of the group.

According to the team, “This was a remarkable collaboration between public sector intelligence community members, silicon valley startups and some large, well-known technology companies. The book sprint ran during the last week in June 2013 and the first edition was created in five days.”