Hacking Exposed Industrial Control Systems: ICS and SCADA Security Secrets & Solutions

Clint Bodungen, Bryan Singer, Aaron Shbeeb, Kyle Wilhoit, Stephen Hilt

買這商品的人也買了...

商品描述

Secure your ICS and SCADA systems the battle-tested Hacking Exposed™ way

This hands-on guide exposes the devious methods cyber threat actors use to compromise the hardware and software central to petroleum pipelines, electrical grids, and nuclear refineries. Hacking Exposed Industrial Control Systems: ICS and SCADA Security Secrets and Solutions shows, step-by-step, how to implement and maintain an ICS-focused risk mitigation framework that is targeted, efficient, and cost-effective. The book arms you with the skills necessary to defend against attacks that are debilitating―and potentially deadly. See how to assess risk, perform ICS-specific threat modeling, carry out penetration tests using “ICS safe” methods, and block malware. Throughout, the authors use case studies of notorious attacks to illustrate vulnerabilities alongside actionable, ready-to-deploy countermeasures.

Learn how to:
• Assess your exposure and develop an effective risk management plan
• Adopt the latest ICS-focused threat intelligence techniques
• Use threat modeling to create realistic risk scenarios
• Implement a customized, low-impact ICS penetration-testing strategy
• See how attackers exploit industrial protocols
• Analyze and fortify ICS and SCADA devices and applications
• Discover and eliminate undisclosed “zero-day” vulnerabilities
• Detect, block, and analyze malware of all varieties

商品描述(中文翻譯)

以專業和精確的方式翻譯如下:

使用經過實戰驗證的Hacking Exposed™方法來保護您的工業控制系統(ICS)和監控與數據採集系統(SCADA)

這本實踐指南揭示了網絡威脅行為者用來破壞石油管道、電力網絡和核能精煉廠的硬件和軟件的詭計。《Hacking Exposed工業控制系統:ICS和SCADA安全秘密與解決方案》逐步展示了如何實施和維護一個針對ICS的風險緩解框架,該框架具有針對性、高效和具有成本效益。本書將使您具備抵禦具有破壞性和潛在致命性的攻擊所需的技能。了解如何評估風險,進行特定於ICS的威脅建模,使用“ICS安全”方法進行滲透測試,並阻止惡意軟件。在整個過程中,作者使用臭名昭著的攻擊案例來說明漏洞,並提供可操作且可立即部署的對策。

學習如何:
• 評估您的風險並制定有效的風險管理計劃
• 採用最新的ICS專注的威脅情報技術
• 使用威脅建模創建逼真的風險場景
• 實施定制的、低影響的ICS滲透測試策略
• 瞭解攻擊者如何利用工業協議
• 分析和加固ICS和SCADA設備和應用程序
• 發現並消除未公開的“零日”漏洞
• 檢測、阻止和分析各種惡意軟件