Cybersecurity - Attack and Defense Strategies - Third Edition: Improve your security posture to mitigate risks and prevent attackers from infiltrating

Diogenes, Yuri, Ozkaya, Erdal

  • 出版商: Packt Publishing
  • 出版日期: 2022-09-30
  • 售價: $1,600
  • 貴賓價: 9.5$1,520
  • 語言: 英文
  • 頁數: 570
  • 裝訂: Quality Paper - also called trade paper
  • ISBN: 1803248777
  • ISBN-13: 9781803248776
  • 相關分類: 資訊安全
  • 立即出貨 (庫存=1)

買這商品的人也買了...

相關主題

商品描述

Updated edition of the bestselling guide for planning attack and defense strategies based on the current threat landscape

 

Key Features:

  • Updated for ransomware prevention, security posture management in multi-cloud, Microsoft Defender for Cloud, MITRE ATT&CK Framework, and more
  • Explore the latest tools for ethical hacking, pentesting, and Red/Blue teaming
  • Includes recent real-world examples to illustrate the best practices to improve security posture

 

Book Description:

Cybersecurity - Attack and Defense Strategies, Third Edition will bring you up to speed with the key aspects of threat assessment and security hygiene, the current threat landscape and its challenges, and how to maintain a strong security posture.

 

In this carefully revised new edition, you will learn about the Zero Trust approach and the initial Incident Response process. You will gradually become familiar with Red Team tactics, where you will learn basic syntax for commonly used tools to perform the necessary operations. You will also learn how to apply newer Red Team techniques with powerful tools. Simultaneously, Blue Team tactics are introduced to help you defend your system from complex cyber-attacks. This book provides a clear, in-depth understanding of attack/defense methods as well as patterns to recognize irregular behavior within your organization. Finally, you will learn how to analyze your network and address malware, while becoming familiar with mitigation and threat detection techniques.

 

By the end of this cybersecurity book, you will have discovered the latest tools to enhance the security of your system, learned about the security controls you need, and understood how to carry out each step of the incident response process.

 

What You Will Learn:

  • Learn to mitigate, recover from, and prevent future cybersecurity events
  • Understand security hygiene and value of prioritizing protection of your workloads
  • Explore physical and virtual network segmentation, cloud network visibility, and Zero Trust considerations
  • Adopt new methods to gather cyber intelligence, identify risk, and demonstrate impact with Red/Blue Team strategies
  • Explore legendary tools such as Nmap and Metasploit to supercharge your Red Team
  • Discover identity security and how to perform policy enforcement
  • Integrate threat detection systems into your SIEM solutions
  • Discover the MITRE ATT&CK Framework and open-source tools to gather intelligence

 

Who this book is for:

If you are an IT security professional who wants to venture deeper into cybersecurity domains, this book is for you. Cloud security administrators, IT pentesters, security consultants, and ethical hackers will also find this book useful. Basic understanding of operating systems, computer networking, and web applications will be helpful.

商品描述(中文翻譯)

《網絡安全攻防策略:第三版》是一本暢銷指南的更新版,根據當前的威脅環境來規劃攻擊和防禦策略。

主要特點:
- 更新了勒索軟件預防、多雲安全姿態管理、Microsoft Defender for Cloud、MITRE ATT&CK Framework等方面的內容。
- 探索最新的道德黑客、滲透測試和紅藍隊合作的工具。
- 包含最近的實際案例,以說明改善安全姿態的最佳實踐。

書籍描述:
《網絡安全攻防策略:第三版》將使您了解威脅評估和安全衛生的關鍵方面,當前的威脅環境及其挑戰,以及如何保持強大的安全姿態。

在這本經過精心修訂的新版中,您將了解到零信任方法和初始事件響應過程。您將逐漸熟悉紅隊戰術,學習常用工具的基本語法以執行必要的操作。您還將學習如何應用強大的工具進行更新的紅隊技術。同時,還介紹了藍隊戰術,以幫助您防禦系統免受複雜的網絡攻擊。本書清晰深入地介紹了攻擊/防禦方法以及識別組織內部異常行為的模式。最後,您將學習如何分析您的網絡,解決惡意軟件問題,並熟悉緩解和威脅檢測技術。

通過閱讀本書,您將了解到增強系統安全性的最新工具,了解所需的安全控制,並了解如何執行事件響應過程的每一步。

學到的內容:
- 學習減輕、恢復和預防未來的網絡安全事件。
- 了解安全衛生和優先保護工作負載的價值。
- 探索物理和虛擬網絡分割、雲網絡可見性和零信任考慮因素。
- 採用新方法收集網絡情報,識別風險,並通過紅藍隊策略展示影響力。
- 探索諸如Nmap和Metasploit等傳奇工具,以增強您的紅隊能力。
- 了解身份安全以及如何執行策略執行。
- 將威脅檢測系統整合到您的SIEM解決方案中。
- 了解MITRE ATT&CK Framework和開源工具以收集情報。

適合閱讀對象:
如果您是一名IT安全專業人員,希望深入研究網絡安全領域,這本書適合您。雲安全管理員、IT滲透測試人員、安全顧問和道德黑客也會發現這本書很有用。對操作系統、計算機網絡和Web應用程序有基本的理解將有所幫助。