Introduction to Kali Purple: Harness the synergy of offensive and defensive cybersecurity strategies of Kali Linux
Lane, Karl
- 出版商: Packt Publishing
- 出版日期: 2024-06-28
- 售價: $2,180
- 貴賓價: 9.5 折 $2,071
- 語言: 英文
- 頁數: 376
- 裝訂: Quality Paper - also called trade paper
- ISBN: 1835088988
- ISBN-13: 9781835088982
-
相關分類:
資訊安全、kali-linux、Linux
海外代購書籍(需單獨結帳)
相關主題
商品描述
Combine the offensive capabilities of Kali Linux with the defensive strength of a security operations center to enhance cybersecurity for business and training purposes
Key Features:
- Gain practical experience in defensive security methods
- Learn the correct process for acquiring, installing, and configuring a robust SOC from home
- Create training scenarios for junior technicians and analysts using real-world cybersecurity utilities
- Purchase of the print or Kindle book includes a free PDF eBook
Book Description:
Introduction to Kali Purple combines red team tools from the Kali Linux OS and blue team tools commonly found within a security operations center (SOC) for an all-in-one approach to cybersecurity. This book takes you from an overview of today's cybersecurity services and their evolution to building a solid understanding of how Kali Purple can enhance training and support proof-of-concept scenarios for your technicians and analysts.
After getting to grips with the basics, you'll learn how to develop a cyber defense system for Small Office Home Office (SOHO ) services. This is demonstrated through the installation and configuration of supporting tools such as virtual machines, the Java SDK, Elastic, and related software. You'll then explore Kali Purple's compatibility with the Malcolm suite of tools, including Arkime, CyberChef, Suricata, and Zeek. As you progress, the book introduces advanced features, such as security incident response with StrangeBee's Cortex and TheHive and threat and intelligence feeds. Finally, you'll delve into digital forensics and explore tools for social engineering and exploit development.
By the end of this book, you'll have a clear and practical understanding of how this powerful suite of tools can be implemented in real-world scenarios.
What You Will Learn:
- Set up and configure a fully functional miniature security operations center
- Explore and implement the government-created Malcolm suite of tools
- Understand traffic and log analysis using Arkime and CyberChef
- Compare and contrast intrusion detection and prevention systems
- Explore incident response methods through Cortex, TheHive, and threat intelligence feed integration
- Leverage purple team techniques for social engineering and exploit development
Who this book is for:
This book is for entry-level cybersecurity professionals eager to explore a functional defensive environment. Cybersecurity analysts, SOC analysts, and junior penetration testers seeking to better understand their targets will find this content particularly useful. If you're looking for a proper training mechanism for proof-of-concept scenarios, this book has you covered. While not a prerequisite, a solid foundation of offensive and defensive cybersecurity terms, along with basic experience using any Linux operating system, will make following along easier.
Table of Contents
- An Introduction to Cybersecurity
- Kali Linux and the Elk Stack
- Installing the Kali Purple Linux Environment
- Configuring the ELK Stack
- Sending Data to the ELK Stack
- Traffic and Log Analysis
- Intrusion Detection and Prevention Systems
- Security Incident and Response
- Digital Forensics
- Integrating the Red Team and External Tools
- Autopilot, Python, and NIST Control
商品描述(中文翻譯)
結合 Kali Linux 的攻擊能力與安全運營中心的防禦優勢,以增強商業和訓練目的的網絡安全
主要特點:
- 獲得防禦安全方法的實踐經驗
- 學習從家中獲取、安裝和配置穩健的 SOC 的正確流程
- 使用真實的網絡安全工具為初級技術人員和分析師創建訓練場景
- 購買印刷版或 Kindle 版書籍可獲得免費 PDF 電子書
書籍描述:
《Kali Purple 入門》結合了 Kali Linux 作業系統的紅隊工具和安全運營中心 (SOC) 中常見的藍隊工具,提供一種一體化的網絡安全解決方案。本書將帶您從當前網絡安全服務及其演變的概述,建立對 Kali Purple 如何增強訓練和支持技術人員及分析師的概念驗證場景的深入理解。
在掌握基礎知識後,您將學習如何為小型辦公室家庭辦公室 (SOHO) 服務開發網絡防禦系統。這將通過安裝和配置支持工具(如虛擬機、Java SDK、Elastic 及相關軟體)來演示。接著,您將探索 Kali Purple 與 Malcolm 工具套件的兼容性,包括 Arkime、CyberChef、Suricata 和 Zeek。隨著進展,本書介紹了高級功能,如使用 StrangeBee 的 Cortex 和 TheHive 進行安全事件響應以及威脅和情報來源的整合。最後,您將深入數位取證,探索社會工程和漏洞開發的工具。
在本書結束時,您將清楚且實際地了解這套強大工具如何在現實場景中實施。
您將學到的內容:
- 設置和配置一個功能完整的迷你安全運營中心
- 探索和實施政府創建的 Malcolm 工具套件
- 使用 Arkime 和 CyberChef 理解流量和日誌分析
- 比較和對比入侵檢測和預防系統
- 通過 Cortex、TheHive 和威脅情報來源整合探索事件響應方法
- 利用紫隊技術進行社會工程和漏洞開發
本書適合對象:
本書適合渴望探索功能性防禦環境的入門級網絡安全專業人員。網絡安全分析師、SOC 分析師和希望更好理解其目標的初級滲透測試者將發現這些內容特別有用。如果您正在尋找適合概念驗證場景的訓練機制,本書將滿足您的需求。雖然不是必需,但對攻擊和防禦網絡安全術語的扎實基礎,以及使用任何 Linux 作業系統的基本經驗,將使您更容易跟上內容。
目錄:
- 網絡安全簡介
- Kali Linux 和 Elk Stack
- 安裝 Kali Purple Linux 環境
- 配置 ELK Stack
- 將數據發送到 ELK Stack
- 流量和日誌分析
- 入侵檢測和預防系統
- 安全事件和響應
- 數位取證
- 整合紅隊和外部工具
- 自動駕駛、Python 和 NIST 控制