// Comparison

Kubernetes Security and Observability vs Pentesting Azure Applications: Which Should You Read?

Two cybersecurity books on Cloud, compared honestly: who each is for, what each does best, and which to read first.

Advanced

3/52021

A Holistic Approach to Securing Containers and Cloud-Native Applications

Brendan Creane, Amit Gupta

Brendan Creane and Amit Gupta's combined treatment of Kubernetes security and observability — RBAC, network policy, runtime detection, and the telemetry needed to make any of it operationally real.

Intermediate

3/52018

Pentesting Azure Applications

The Definitive Guide to Testing and Securing Deployments

Matt Burrough

Matt Burrough on attacker behaviour against Azure tenants: identity, storage, VMs, key material handling, and the recon paths that work against real subscriptions.

Read this if

Platform engineers and SRE-security hybrids running production Kubernetes who want a single reference for the security-and-observability boundary. Strongest on the network-policy and runtime-detection sections, where most teams are weakest in practice.

Cloud pentesters whose scope includes Azure subscriptions. Burrough covers identity (Entra ID), storage account abuse, VM-level recon, key material handling, and the role-based access patterns that drive real Azure post-exploitation.

Skip this if

Readers wanting depth on Kubernetes architecture itself, multi-tenancy patterns, or supply-chain (SLSA, signed images) detail. Also somewhat Calico-flavored — the authors are from Tigera — which is fine if you know to read past the marketing.

Readers focused on AWS or GCP, or anyone wanting current Azure tradecraft. The book pre-dates the current AAD-now-Entra-ID rebrand and several major service updates; treat it as foundational, not current.

Key takeaways

Security without observability is unfalsifiable; the book's central argument is that they are one workstream, not two.
Network policy is operationally hard, not conceptually hard — the chapters on rolling out default-deny in production are the most useful.
Runtime detection is necessary because admission controllers cannot catch everything; the book treats the trade-off honestly.

Azure attack patterns center on identity and roles, not network-level vulnerabilities; the book's framing reflects that.
Storage account misconfigurations remain one of the most common Azure findings; the book's coverage of access-key abuse is still relevant.
Cloud pentest reporting differs meaningfully from network pentest reporting; the book's deliverable templates are useful starting points.

How they compare

Kubernetes Security and Observability and Pentesting Azure Applications are both rated 3/5 in our catalog. Pick by topic preference and reading style rather than by rating.

Kubernetes Security and Observability is pitched at advanced level. Pentesting Azure Applications is pitched at intermediate level. Read the easier one first if you're not yet comfortable with the topic.

Kubernetes Security and Observability and Pentesting Azure Applications both cover Cloud, so reading them in sequence reinforces the same material from different angles.

Keep reading

Kubernetes Security and Observability

→ Alternatives to Kubernetes Security and Observability → What to read after Kubernetes Security and Observability