Information Security Risk Assessment Toolkit: Practical Assessments through Data Collection and Data Analysis
Based on authors’ experiences of real-world assessments, reports, and presentations
Focuses on implementing a process, rather than theory, that allows you to derive a quick and valuable assessment
Includes a companion web site with spreadsheets you can utilize to create and maintain the risk assessment
Information Security Risk Assessment Toolkit: Practical Assessments through Data Collection and Data Analysis
In order to protect company’s information assets such as sensitive customer records, health care records, etc., the security practitioner first needs to find out: what needs protected, what risks those assets are exposed to, what controls are in place to offset those risks, and where to focus attention for risk treatment. This is the true value and purpose of information security risk assessments. Effective risk assessments are meant to provide a defendable analysis of residual risk associated with your key assets so that risk treatment options can be explored. Information Security Risk Assessment Toolkit: Practical Assessments through Data Collection and Data Analysis gives you the tools and skills to get a quick, reliable, and thorough risk assessment for key stakeholders. Download eBook Free »
Provides tips, tricks, and proven suggestions and guidelines to set up FortiGate implementations
Presents topics that are not covered (or are not covered in detail) by Fortinet’s documentation
Discusses hands-on troubleshooting techniques at both the project deployment level and technical implementation area
Traditionally, network security (firewalls to block unauthorized users, Intrusion Prevention Systems (IPS) to keep attackers out, Web filters to avoid misuse of Internet browsing, and antivirus software to block malicious programs) required separate boxes with increased cost and complexity. UTM makes network security less complex, cheaper, besides more effective by consolidating all these components. This book explains the advantages of using UTM and how it works, presents best practices on deployment, and is a hands-on, step-by-step guide to deploying Fortinet’s FortiGate in the enterprise.
Traditionally, network security (firewalls to block unauthorized users, Intrusion Prevention Systems (IPS) to keep attackers out, Web filters to avoid misuse of Internet browsing, and antivirus software to block malicious programs) required separate boxes with increased cost and complexity. UTM makes network security less complex, cheaper, besides more effective by consolidating all these components. This book explains the advantages of using UTM and how it works, presents best practices on deployment, and is a hands-on, step-by-step guide to deploying Fortinet’s FortiGate in the enterprise. Download eBook Free »
SQL Injection Attacks and Defense, Second Edition is the only book to provide a complete understanding of SQL injection, from the basics of vulnerability to discovery, exploitation, prevention, and mitigation measures.
Covers unique, publicly unavailable information, by technical experts in such areas as Oracle, Microsoft SQL Server, and MySQL including new developments for Microsoft SQL Server 2012 (Denali).
Written by an established expert, author, and speaker in the field, with contributions from a team of equally renowned creators of SQL injection tools, applications, and educational materials.
SQL Injection Attacks and Defense, Second Edition is the only book devoted exclusively to this long-established but recently growing threat. This is the definitive resource for understanding, finding, exploiting, and defending against this increasingly popular and particularly destructive type of Internet-based attack.
SQL Injection Attacks and Defense, Second Edition includes all the currently known information about these attacks and significant insight from its team of SQL injection experts. Download eBook Free »
Design and implement your own attack, and test methodologies derived from the approach and framework presented by the authors
Learn how to strengthen your network’s host- and network-based defense against attackers’ number one remote exploit-the client-side attack
Defend your network against attacks that target your company’s most vulnerable asset-the end user
Individuals wishing to attack a company’s network have found a new path of least resistance-the end user. A client- side attack is one that uses the inexperience of the end user to create a foothold in the user’s machine and therefore the network. Client-side attacks are everywhere and hidden in plain sight. Common hiding places are malicious Web sites and spam. A simple click of a link will allow the attacker to enter. This book presents a framework for defending your network against these attacks in an environment where it might seem impossible.
The most current attacks are discussed along with their delivery methods, such as browser exploitation, use of rich Internet applications, and file format vulnerabilities. The severity of these attacks is examined along with defences against them, including antivirus and anti-spyware, intrusion detection systems, and end-user education. Download eBook Free »
The Hacker’s Guide to OS X: Exploiting OS X from the Root Up
Provides relevant information including some of the latest OS X threats
Easily accessible to those without any prior OS X experience
Useful tips and strategies for exploiting and compromising OS X systems
Includes discussion of defensive and countermeasure applications and how to use them
Covers mobile IOS vulnerabilities
Written by two experienced penetration testers the material presented discusses the basics of the OS X environment and its vulnerabilities. Including but limited to; application porting, virtualization utilization and offensive tactics at the kernel, OS and wireless level. This book provides a comprehensive in-depth guide to exploiting and compromising the OS X platform while offering the necessary defense and countermeasure techniques that can be used to stop hackers. Written by two experienced penetration testers the material presented discusses the basics of the OS X environment and its vulnerabilities. Including but limited to; application porting, virtualization utilization and offensive tactics at the kernel, OS and wireless level. This book provides a comprehensive in-depth guide to exploiting and compromising the OS X platform while offering the necessary defense and countermeasure techniques that can be used to stop hackers. Download eBook Free »
The Basics of Cyber Warfare: Understanding the Fundamentals of Cyber Warfare in Theory and Practice
Provides a sound understanding of the tools and tactics used in cyber warfare.
Describes both offensive and defensive tactics from an insider’s point of view.
Presents doctrine and hands-on techniques to understand as cyber warfare evolves with technology.
The Basics of Cyber Warfare: Understanding the Fundamentals of Cyber Warfare in Theory and Practice provides readers with fundamental knowledge of cyber war in both theoretical and practical aspects. This book explores the principles of cyber warfare, including military and cyber doctrine, social engineering, and offensive and defensive tools, tactics and procedures, including computer network exploitation (CNE), attack (CNA) and defense (CND).
The Basics of Cyber Warfare: Understanding the Fundamentals of Cyber Warfare in Theory and Practice gives readers a concise overview of these threats and outlines the ethics, laws and consequences of cyber warfare. It is a valuable resource for policy makers, CEOs and CIOs, penetration testers, security administrators, and students and instructors in information security. Download eBook Free »
Entries
