Explore the vast range of titles available.

Computer Incident Response and Forensics Team Management provides security professionals with a complete handbook of computer incident response from the perspective of forensics team management. This unique approach teaches readers the concepts and principles they need to conduct a successful incident response investigation, ensuring that proven policies and procedures are established and followed by all team members. Leighton R. Johnson III describes the processes within an incident response event and shows the crucial importance of skillful forensics team management, including when and where the transition to forensics investigation should occur during an incident response event. The book also provides discussions of key incident response components. Provides readers with a complete handbook on computer incident response from the perspective of forensics team management Identify the key steps to completing a successful computer incident response investigation Defines the qualities necessary to become a successful forensics investigation team member, as well as the interpersonal relationship skills necessary for successful incident response and forensics investigation teams.

Get more from your network by securing its infrastructure and increasing its effectivenessAbout This Book• Learn to choose the best network scanning toolset for your system• Implement different concepts of network scanning such as port scanning and OS detection• Adapt a practical approach to securing your networkWho This Book Is ForIf you are a security professional who is responsible for securing an organization's infrastructure, then this book is for you.What You Will Learn• Achieve an effective security posture to design security architectures• Learn vital security aspects before moving to the Cloud• Launch secure applications with Web Application Security and SQL Injection• Explore the basics of threat detection/response/ mitigation with important use cases• Learn all about integration principles for PKI and tips to secure it• Design a WAN infrastructure and ensure security over a public WANIn DetailNetwork scanning is the process of assessing a network to identify an active host network; same methods can be used by an attacker or network administrator for security assessment. This procedure plays a vital role in risk assessment programs or while preparing a security plan for your organization.Practical Network Scanning starts with the concept of network scanning and how organizations can benefit from it. Then, going forward, we delve into the different scanning steps, such as service detection, firewall detection, TCP/IP port detection, and OS detection. We also implement these concepts using a few of the most prominent tools on the market, such as Nessus and Nmap. In the concluding chapters, we prepare a complete vulnerability assessment plan for your organization. By the end of this book, you will have hands-on experience in performing network scanning using different tools and in choosing the best tools for your system.Style and approachA practical guide that offers a simple way to easily understand network security concepts and apply them to strengthen your network.

When it comes to creating powerful and effective hacking tools, Python is the language of choice for most security analysts. But just how does the magic happen?In Black Hat Python, the latest from Justin Seitz (author of the best-selling Gray Hat Python), you’ll explore the darker side of Python’s capabilities—writing network sniffers, manipulating packets, infecting virtual machines, creating stealthy trojans, and more. You’ll learn how to:Create a trojan command-and-control using GitHubDetect sandboxing and automate com­mon malware tasks, like keylogging and screenshottingEscalate Windows privileges with creative process controlUse offensive memory forensics tricks to retrieve password hashes and inject shellcode into a virtual machineExtend the popular Burp Suite web-hacking toolAbuse Windows COM automation to perform a man-in-the-browser attackExfiltrate data from a network most sneakilyInsider techniques and creative challenges throughout show you how to extend the hacks and how to write your own exploits.When it comes to offensive security, your ability to create powerful tools on the fly is indispensable. Learn how in Black Hat Python.

The worldwide reach of the Internet allows malicious cyber criminals to coordinate and launch attacks on both cyber and cyber-physical infrastructure from anywhere in the world. This purpose of this handbook is to introduce the theoretical foundations and practical solution techniques for securing critical cyber and physical infrastructures as well as their underlying computing and communication architectures and systems. Examples of such infrastructures include utility networks (e.g., electrical power grids), ground transportation systems (automotives, roads, bridges and tunnels), airports and air traffic control systems, wired and wireless communication and sensor networks, systems for storing and distributing water and food supplies, medical and healthcare delivery systems, as well as financial, banking and commercial transaction assets. The handbook focus mostly on the scientific foundations and engineering techniques – while also addressing the proper integration of policies and access control mechanisms, for example, how human-developed policies can be properly enforced by an automated system. Addresses the technical challenges facing design of secure infrastructures by providing examples of problems and solutions from a wide variety of internal and external attack scenarios Includes contributions from leading researchers and practitioners in relevant application areas such as smart power grid, intelligent transportation systems, healthcare industry and so on Loaded with examples of real world problems and pathways to solutions utilizing specific tools and techniques described in detail throughout

Knowing your threat actors together with your weaknesses and the technology will master your defense Key Features ? Gain practical experience with cyber threat intelligence by using the book's lab sections. ? Improve your CTI skills by designing a threat intelligence system. ? Assisting you in bridging the gap between cybersecurity teams. ? Developing your knowledge of Cyber Intelligence tools and how to choose them. Description When your business assets are threatened or exposed to cyber risk, you want a high-quality threat hunting team armed with cutting-edge threat intelligence to build the shield. Unfortunately, regardless of how effective your cyber defense solutions are, if you are unfamiliar with the tools, strategies, and procedures used by threat actors, you will be unable to stop them.This book is intended to provide you with the practical exposure necessary to improve your cyber threat intelligence and hands-on experience with numerous CTI technologies. This book will teach you how to model threats by gathering adversarial data from various sources, pivoting on the adversarial data you have collected, developing the knowledge necessary to analyse them and discriminating between bad and good information.The book develops and hones the analytical abilities necessary for extracting, comprehending, and analyzing threats comprehensively. The readers will understand the most common indicators of vulnerability that security professionals can use to determine hacking attacks or threats in their systems quickly. In addition, the reader will investigate and illustrate ways to forecast the scope of attacks and assess the potential harm they can cause. What you will learn ? Hands-on experience in developing a powerful and robust threat intelligence model. ? Acquire the ability to gather, exploit, and leverage adversary data. ? Recognize the difference between bad intelligence and good intelligence. ? Creating heatmaps and various visualization reports for better insights. ? Investigate the most typical indicators of security compromise. ? Strengthen your analytical skills to understand complicated threat scenarios better. Who this book is for The book is designed for aspiring Cyber Threat Analysts, Security Analysts, Cybersecurity specialists, Security Consultants, and Network Security Professionals who wish to acquire and hone their analytical abilities to identify and counter threats quickly. Table of Contents 1. Basics of Threat Analysis and Modeling 2. Formulate a Threat Intelligence Model 3. Adversary Data Collection Sources & Methods 4. Pivot Off and Extracting Adversarial Data 5. Primary Indicators of Security Compromise 6. Identify & Build Indicators of Compromise 7. Conduct Threat Assessments In Depth 8. Produce Heat Maps, Infographics & Dashboards 9. Build Reliable & Robust Threat Intelligence System 10. Learn Statistical Approaches for Threat Intelligence 11. Develop Analytical Skills for Complex Threats 12. Planning for Disaster

Cisco has announced big changes to its certification program.As of February 24, 2020, all current certifications will be retired, and Cisco will begin offering new certification programs.The good news is if you're working toward any current CCNA certification, keep going.You have until February 24, 2020 to complete your current CCNA.

Discover Bitcoin, the cryptocurrency that has the finance world buzzing Bitcoin is arguably one of the biggest developments in finance since the advent of fiat currency. With Understanding Bitcoin, expert author Pedro Franco provides finance professionals with a complete technical guide and resource to the cryptography, engineering and economic development of Bitcoin and other cryptocurrencies. This comprehensive, yet accessible work fully explores the supporting economic realities and technological advances of Bitcoin, and presents positive and negative arguments from various economic schools regarding its continued viability. This authoritative text provides a step-by-step description of how Bitcoin works, starting with public key cryptography and moving on to explain transaction processing, the blockchain and mining technologies. This vital resource reviews Bitcoin from the broader perspective of digital currencies and explores historical attempts at cryptographic currencies. Bitcoin is, after all, not just a digital currency; it's a modern approach to the secure transfer of value using cryptography. This book is a detailed guide to what it is, how it works, and how it just may jumpstart a change in the way digital value changes hands. * Understand how Bitcoin works, and the technology behind it * Delve into the economics of Bitcoin, and its impact on the financial industry * Discover alt-coins and other available cryptocurrencies * Explore the ideas behind Bitcoin 2.0 technologies * Learn transaction protocols, micropayment channels, atomic cross-chain trading, and more Bitcoin challenges the basic assumption under which the current financial system rests: that currencies are issued by central governments, and their supply is managed by central banks. To fully understand this revolutionary technology, Understanding Bitcoin is a uniquely complete, reader-friendly guide.

The Cybersecurity Body of Knowledge explains the content, purpose, and use of eight knowledge areas that define the boundaries of the discipline of cybersecurity. The discussion focuses on, and is driven by, the essential concepts of each knowledge area that collectively capture the cybersecurity body of knowledge to provide a complete picture of the field. This book is based on a brand-new and up to this point unique, global initiative, known as CSEC2017, which was created and endorsed by ACM, IEEE-CS, AIS SIGSEC, and IFIP WG 11.8. This has practical relevance to every educator in the discipline of cybersecurity. Because the specifics of this body of knowledge cannot be imparted in a single text, the authors provide the necessary comprehensive overview. In essence, this is the entry- level survey of the comprehensive field of cybersecurity. It will serve as the roadmap for individuals to later drill down into a specific area of interest. This presentation is also explicitly designed to aid faculty members, administrators, CISOs, policy makers, and stakeholders involved with cybersecurity workforce development initiatives. The book is oriented toward practical application of a computing-based foundation, crosscutting concepts, and essential knowledge and skills of the cybersecurity discipline to meet workforce demands. Dan Shoemaker, PhD, is full professor, senior research scientist, and Pprogram Ddirector at the University of Detroit Mercy's Center for Cyber Security and Intelligence Studies. Dan is a former chair of the Cybersecurity & Information Systems Department and has authored numerous books and journal articles focused on cybersecurity. Anne Kohnke, PhD, is an associate professor of cybersecurity and the principle investigator of the Center for Academic Excellence in Cyber Defencse at the University of Detroit Mercy. Anne's research is focused in cybersecurity, risk management, threat modeling, and mitigating attack vectors. Ken Sigler is a faculty member of the Computer Information Systems (CIS) program at the Auburn Hills campus of Oakland Community College in Michigan. Ken's research is in the areas of software management, software assurance, and cybersecurity.

A comprehensive guide to Kubernetes, Service Mesh, and Zero-Trust principles Key Features ? Delve into security practices that guarantee resilience and secure deployments. ? Discover strategies for managing Kubernetes clusters, enhancing performance, and achieving high availability and scalability. ? Acquire a conceptual understanding of the challenges faced in production environments and explore industry-standard solutions for efficient resolution. Description ??Building and managing secure applications is a crucial aspect of modern software development, especially in distributed environments. Kubernetes and Istio, when combined, provide a powerful platform for achieving application security and managing it effectively. If you want to build and manage secure applications with ease, then this book is an ideal resource for you. The book extensively covers the building blocks of the Kubernetes orchestration engine, providing in-depth insights into key Kubernetes objects that can be effectively used for deploying containerized applications. It then focuses on all major Kubernetes constructs, offering guidance on their appropriate utilization in different scenarios, while emphasizing the significance of a Zero Trust architecture. Additionally, the book addresses important aspects such as service discovery, optimized logging, and monitoring, which play a critical role in managing distributed applications. It also incorporates essential concepts from Site Reliability Engineering and enabling engineering teams, to proactively meeting Service Level Agreements and attaining operational readiness. In the final section, the book takes a deep dive into Service Mesh, with a special focus on harnessing the strength of Istio as a powerful tool. By the end of the book, you will have the knowledge and skills to effectively build, deploy, and manage secure applications using Kubernetes and Istio. What you will learn ? Learn how to successfully deploy applications on Kubernetes. ? Gain insights into the principles of Zero Trust architecture and its implementation within the Kubernetes orchestration platform. ? Get familiar with the concepts of service discovery and efficient scaling in Kubernetes, empowering you to optimize your application deployments. ? Learn about monitoring and logging within applications, and explore the essential aspects of observability to ensure the reliability of your systems. ? Acquire expertise in service mesh, particularly Istio, to efficiently handle traffic, enhance application reliability, and fortify security measures. Who this book is for This book caters to a wide range of readers, including developers utilizing Kubernetes, DevOps teams, senior software engineers, cloud-native teams, and cloud developers with a foundational knowledge of containers and software development. Table of Contents 1. Docker and Kubernetes 101 2. PODs 3. HTTP Load Balancing with Ingress 4. Kubernetes Workload Resources 5. ConfigMap, Secrets, and Labels 6. Configuring Storage with Kubernetes 7. Introduction to Service Discovery 8. Zero Trust Using Kubernetes 9. Monitoring, Logging and Observability 10. Effective Scaling 11. Introduction to Service Mesh and Istio 12. Traffic Management Using Istio 13. Observability Using Istio 14. Securing Your Services Using Istio

The ultimate hands-on guide to IT security and proactive defense The Network Security Test Lab is a hands-on, step-by-step guide to ultimate IT security implementation. Covering the full complement of malware, viruses, and other attack technologies, this essential guide walks you through the security assessment and penetration testing process, and provides the set-up guidance you need to build your own security-testing lab. You'll look inside the actual attacks to decode their methods, and learn how to run attacks in an isolated sandbox to better understand how attackers target systems, and how to build the defenses that stop them. You'll be introduced to tools like Wireshark, Networkminer, Nmap, Metasploit, and more as you discover techniques for defending against network attacks, social networking bugs, malware, and the most prevalent malicious traffic. You also get access to open source tools, demo software, and a bootable version of Linux to facilitate hands-on learning and help you implement your new skills. Security technology continues to evolve, and yet not a week goes by without news of a new security breach or a new exploit being released. The Network Security Test Lab is the ultimate guide when you are on the front lines of defense, providing the most up-to-date methods of thwarting would-be attackers. * Get acquainted with your hardware, gear, and test platform * Learn how attackers penetrate existing security systems * Detect malicious activity and build effective defenses * Investigate and analyze attacks to inform defense strategy The Network Security Test Lab is your complete, essential guide.