{"title":"Computer viruses, Trojans and worms Books","description":"","products":[{"product_id":"countdown-to-zero-day-9780770436193","title":"Countdown to Zero Day","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e","brand":"Crown","offers":[{"title":"Default Title","offer_id":48865867727191,"sku":"9780770436193","price":15.29,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9780770436193.jpg?v=1722275963"},{"product_id":"cult-of-the-dead-cow-how-the-original-hacking-supergroup-might-just-save-the-world-9781541724426","title":"Cult of the Dead Cow: How the Original Hacking","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cp\u003e\u003ci\u003eThe Cult of the Dead Cow\u003c\/i\u003e is the story of the oldest, most respected and most famous hacking group of all time. Its members invented the the concept of hacktivism, released both the top tool for cracking passwords and the reigning technique for controlling computers from afar, and spurred development of Snowden's anonymity tool of choice. With its origins in the earliest days of the Internet, the cDc is full of oddball characters--spies, activists, musicians, and politicians--who are now woven into the top ranks of the American establishment. \u003cbr\u003e\u003cbr\u003eToday, this small group and their followers represent the best hope for making technology a force for good instead of for surveillance and oppression. Like a modern (and real) illuminati, cDc members have had the ears of presidents, secretaries of defense, and the CEO of Google. \u003ci\u003eThe Cult of the Dead Cow\u003c\/i\u003e shows how we got into the mess we find ourselves in today, where governments and corporations hold immense power over individuals, and and how we are finally fighting back.\u003c\/p\u003e","brand":"PublicAffairs,U.S.","offers":[{"title":"Default Title","offer_id":48867549086039,"sku":"9781541724426","price":13.49,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781541724426.jpg?v=1722283820"},{"product_id":"real-world-bug-hunting-a-field-guide-to-web-hacking-9781593278618","title":"Real-world Bug Hunting: A Field Guide to Web","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003eReal-World Bug Hunting is a field guide to finding software bugs. Ethical hacker Peter Yaworski breaks down common types of bugs, then contextualises them with real bug bounty reports released by hackers on companies like Twitter, Facebook, Google, Uber, and Starbucks. As you read each report, you'll gain deeper insight into how the vulnerabilities work and how you might find similar ones.\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTrade Review\u003c\/b\u003e\u003cbr\u003e\"I am quite sure that [this book is] going to be one of the most recommended books for web app pen-testing. If it is not already.\"\u003cbr\u003e\u003cb\u003e—Sudo Realm\u003cbr\u003e\u003cbr\u003e\u003c\/b\u003e\"A brilliant resource for anyone who aspires to be a professional bug hunter.\" \u003cbr\u003e\u003cb\u003e—Dana Epp, Security Boulevard\u003c\/b\u003e","brand":"No Starch Press,US","offers":[{"title":"Default Title","offer_id":48867674292567,"sku":"9781593278618","price":30.39,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781593278618.jpg?v=1722284420"},{"product_id":"application-security-program-handbook-9781633439818","title":"Application Security Program Handbook","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eStop dangerous threats and secure your vulnerabilities without slowing down delivery. This practical book is a one-stop guide to implementing a robust application security program.Application Security Program Handbook teaches you to implement a robust program of security throughout your development process. It goes well beyond the basics, detailing a flexible approach that can adapt and evolve to new and emerging threats. Follow the expert advice in this guide and you'll reliably deliver software that is free from security defects and critical vulnerabilities.\u003c\/p\u003e \u003cp\u003eAs a developer, you must build security into your software throughout its development lifecycle. This book addresses all the practices, tools, technology, people, and processes you need to reduce the risk of attacks and vulnerabilities in your software. \u003c\/p\u003e \u003cp\u003e\u003ci\u003eApplication Security Program Handbook\u003c\/i\u003e is full of strategies for setting up and maturing a security program for your development process. Its realistic recommendations take a service-oriented approach to application security that's perfectly suited to the fast-pace of modern development. Focused on the realities of software development, it shows you how to avoid making security a gated exercise.\u003cbr\u003e\u003cbr\u003eInside, you'll learn to assess the current state of your app's security, identify key risks to your organization, and measure the success of any defensive programs you deploy. You'll master common methodologies and practices that help safeguard your software, along with defensive tools you can use to keep your apps safe. With this handy reference guide by your side, you'll be able to implement reliable security in a way that doesn't impact your delivery speed.\u003c\/p\u003e \u003cp\u003e\u003cstrong\u003eRETAIL SELLING POINTS\u003c\/strong\u003e\u003c\/p\u003e \u003cul\u003e\n\u003cli\u003e Application security tools you can use throughout the development lifecycle \u003c\/li\u003e\n\u003cli\u003e Creating threat models \u003c\/li\u003e\n\u003cli\u003e Mitigating web app vulnerabilities \u003c\/li\u003e\n\u003cli\u003e Creating a DevSecOps pipeline \u003c\/li\u003e\n\u003cli\u003e Application security as a service model \u003c\/li\u003e\n\u003cli\u003e Reporting structures that highlight the value of application security \u003c\/li\u003e\n\u003cli\u003e Creating a software security ecosystem that benefits development \u003c\/li\u003e\n\u003c\/ul\u003e \u003cp\u003e\u003cstrong\u003eAUDIENCE\u003c\/strong\u003e\u003c\/p\u003e \u003cp\u003eFor software developers, architects, team leaders, and project managers looking to implement security in their pipelines.\u003c\/p\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTrade Review\u003c\/b\u003e\u003cbr\u003e'It's impossible not to learn something from this.'George Onofrei \u003cbr\u003e'Do you want to get your hold back on the concepts of Application Security, then this is a fantastic book for you. Get it now!'Krishna Anipindi \u003cbr\u003e'A book like this should be a must to start your career or to understand you are doing things right.'Nikolaos Alexiou\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003etable of contents \u003ci\u003e\u003c\/i\u003e detailed TOC PART 1: DEFINING APPLICATION SECURITY READ IN LIVEBOOK 1WHY DO WE NEED APPLICATION SECURITY READ IN LIVEBOOK 2DEFINING THE PROBLEM READ IN LIVEBOOK 3COMPONENTS OF APPLICATION SECURITY PART 2 DEVELOPING THE APPLICATION SECURITY PROGRAM READ IN LIVEBOOK 4RELEASING SECURE CODE READ IN LIVEBOOK 5SECURITY BELONGS TO EVERYONE READ IN LIVEBOOK 6SERVICE-ORIENTED APPLICATION SECURITY PART 3: DELIVER AND MEASURE READ IN LIVEBOOK 7BUILDING A ROADMAP READ IN LIVEBOOK 8MEASURING SUCCESS 9 CONTINUOUS IMPROVEMENT","brand":"Manning Publications","offers":[{"title":"Default Title","offer_id":48867861430615,"sku":"9781633439818","price":38.99,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781633439818.jpg?v=1722285315"},{"product_id":"cyber-security-the-complete-guide-to-cyber-threats-and-protection-9781780175959","title":"Cyber Security: The complete guide to cyber","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cp\u003e\u003cstrong\u003eCyber security has never been more essential than it is today, it’s not a case of if an attack will happen, but when. This brand new edition covers the various types of cyber threats and explains what you can do to mitigate these risks and keep your data secure. \u003c\/strong\u003e\u003c\/p\u003e \u003cp\u003e\u003cem\u003eCyber Security\u003c\/em\u003e explains the fundamentals of information security, how to shape good organisational security practice, and how to recover effectively should the worst happen.\u003c\/p\u003e \u003cp\u003eWritten in an accessible manner, \u003cem\u003eCyber Security\u003c\/em\u003e provides practical guidance and actionable steps to better prepare your workplace and your home alike. This second edition has been updated to reflect the latest threats and vulnerabilities in the IT security landscape, and updates to standards, good practice guides and legislation.\u003c\/p\u003e \u003cp\u003e• A valuable guide to both current professionals at all levels and those wishing to embark on a cyber security profession\u003c\/p\u003e \u003cp\u003e• Offers practical guidance and actionable steps for individuals and businesses to protect themselves\u003c\/p\u003e \u003cp\u003e• Highly accessible and terminology is clearly explained and supported with current, real-world examples\u003c\/p\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTrade Review\u003c\/b\u003e\u003cbr\u003eDavid Sutton's books provides well researched, comprehensive guide to the multifaceted, rapidly growing cyber domain. It serves as a valuable guide to both current professionals and those wishing to embark on a Cyber Security profession. An excellent read. -- Colonel John S Doody FBCS FCMI CITP ACISP MIOD, Director, Interlocutor Services Limited\u003cbr\u003eA very comprehensive primer on cyber security covering issues, solutions and suggestions for further action. After reading this book anyone that worries about cyber security without necessarily wanting to become an expert will find themself much better informed and quite probably much more interested. -- Susan Perriam MBA MSc CMgr MBCS CISSP, Cyber Security Consultant\u003cbr\u003eThis book manages to strike a perfect balance between technical breadth and depth. It includes enough detail to understand the broad range of concepts and techniques found in a complex industry, along with practical and real-life examples. This latest revision is packed with recent examples, scenarios, tools, and techniques that make it a fascinating read for both industry veterans and recent joiners alike. Highly recommended. -- Martin King FBCS CITP CISSP, Chief Technology Officer, IT Transformed\u003cbr\u003eThis book describes the eco system of cyber security and provides excellent go-to guides and considerations for people\/teams dealing with both technical and non-technical security. Awareness and training are at the very heart of the book, successfully paralleled by descriptions of how our day-to-day information sharing and protection should take place safely. A useful and insightful read and highly recommended. -- Lesley-Anne Turner, Cyber Compliance, CDDO, Cabinet Office\u003cbr\u003eThe style and structure makes it an ideal book for students as it covers all the important topics, from the fundamentals of information security such as the CIA model, through to organisational issues (policies and disaster recovery), legal requirements and security standards. Terminology is clearly explained and supported with current, real-world examples. It is a most valuable resource. -- Richard Hind MSc MBCS FHEA, Tutor of Digital Technologies, York College\u003cbr\u003eThis book gives a good insight into cyber security, with modern day examples and practical guidance on how to proactively mitigate against risks. This will definitely be a book I refer to frequently. -- Bianca Christian, Business Analyst, Young Business Analysts (YBA)\u003cbr\u003eOn first reading this book, the biggest impression that greets the reader is that it’s NOT a technical reference book and is widely focused on the wider impact of cyber security on society as a whole. It is not just for technologists and treats a complex subject with just the right level of both technical and socioeconomic balance. Highly recommended. -- Adrian Winckles MBCS CITP CEng, Chair of BCS Cybercrime Forensics SG and OWASP Education Committee\u003cbr\u003eCyber Security 2e is a rich technical guide on cyber threats. Leaving no stone unturned, the first half touches on key examples and paints a clear picture of the current threat landscape that both individuals and organisations face, and the second half contains solutions. Sutton aptly spotlights a number of actions that anyone could be encouraged to practice for good personal and corporate security. -- Ester Masoapatali MBCS, Information Security Specialist, Partnerships Manager, CybSafe\u003cbr\u003eThis book is a fantastic resource for those breaking into the industry, or for non-security leaders who want to know more about the risks faced by their business. Written in an accessible manner, this second edition gives readers updated information and current examples showing the changing trends and tactics of attackers. -- Jim Wright, Managing Director, Principle Defence\u003cbr\u003eThis book is for anyone who wants to understand and learn more about cybersecurity. It provides a foundation of cybersecurity knowledge as well as essential practical skills and techniques for entry and junior-level cybersecurity roles. It is also designed to help learners in building a promising and rewarding career pathway in the cybersecurity field. -- Dr Sherif El-Gendy FBCS, Information Security Expert\u003cbr\u003eThis highly accessible second edition provides a thorough update to the world of cyber security in a non-technical manner; firstly clarifying cyber security issues and then focusing on cyber security solutions. If you are looking for a go-to reference that explains cyber security in plain language, this book is for you. -- Tim Clements FBCS CITP FIP CIPP\/E CIPM CIPT, Purpose and Means\u003cbr\u003eThis book demystifies what can, to many, be a rather bewildering topic, and it sets clear context and eloquently describes the landscape of threats and issues, and provides clear, actionable advice across key topics. A handy and well-written reference guide, and highly recommended reading! -- Paul Watts MBCS CITP FCIIS CISSP CISM, former CISO and Distinguished Analyst, Information Security Forum\u003cbr\u003eA thought-provoking and excellent read. Essential for cybersecurity practitioners working across numerous specialisations and at all levels of management. This blended use of theory and practical applications sets this book apart, complements industry-leading certifications and make it a must-read for anyone working within cyber. -- Gary Cocklin CITP CISSP, Senior Cyber Security Practitioner, UK Royal Air Force (RAF)\u003cbr\u003eThis book is not just for cyber professionals, it’s for everyone. This book is easy to follow and clearly articulates what cyber is and why it matters. It provides insights into why cyber-attacks occur and offers practical and technical guidance for individuals and businesses to protect themselves. This will be my go-to resource for cyber security. -- Thando Jacobs, Business Analyst, Senior Leadership Team, Young Business Analysts (YBA)\u003cbr\u003eThis book delivers a comprehensive overview of cyber security and is packed with numerous interesting, relevant examples to illustrate key points. Readers will gain insights on why they might be attacked and measures to protect against ever increasing cyber threats. Therefore I highly recommend this publication for individuals and organisations alike. -- Olu Odeniyi, Cyber Security, Information Security and Digital Transformation Advisor, Thought Leader and Speaker\u003cbr\u003eEasy to follow, digestible and highly relevant for the world we live in today. Not just for cybersecurity professionals, business continuity practitioners will gain valuable insight as well as hints and tips on what cybersecurity aspects to consider when developing business continuity plans and response arrangements. -- Hilary Estall MBCI, IRCA BCMS Principal Auditor, Business Continuity Practitioner, Director Perpetual Solutions\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e\u003cp\u003e\u003cstrong\u003ePreface\u003c\/strong\u003e\u003c\/p\u003e \u003cp\u003e\u003cstrong\u003e1. Introduction \u003c\/strong\u003e\u003c\/p\u003e \u003cp\u003e\u003cstrong\u003e2. The big issues \u003c\/strong\u003e\u003c\/p\u003e \u003cp\u003e\u003cstrong\u003e3. Cyber targets \u003c\/strong\u003e\u003c\/p\u003e \u003cp\u003e\u003cstrong\u003e4. Cyber vulnerabilities and impacts\u003c\/strong\u003e\u003c\/p\u003e \u003cp\u003e\u003cstrong\u003e5. Cyber threats\u003c\/strong\u003e\u003c\/p\u003e \u003cp\u003e\u003cstrong\u003e6. Risk management overview\u003c\/strong\u003e\u003c\/p\u003e \u003cp\u003e\u003cstrong\u003e7. Business continuity \u0026amp; disaster recovery\u003c\/strong\u003e\u003c\/p\u003e \u003cp\u003e\u003cstrong\u003e8. Basic cyber security steps\u003c\/strong\u003e\u003c\/p\u003e \u003cp\u003e\u003cstrong\u003e9. Organisational security steps\u003c\/strong\u003e\u003c\/p\u003e \u003cp\u003e\u003cstrong\u003e10. Awareness and training\u003c\/strong\u003e\u003c\/p\u003e \u003cp\u003e\u003cstrong\u003e11. Information sharing\u003c\/strong\u003e\u003c\/p\u003e \u003cp\u003e\u003cstrong\u003eBibliography\u003c\/strong\u003e\u003c\/p\u003e \u003cp\u003e\u003cstrong\u003eAppendix A - Standards\u003c\/strong\u003e\u003c\/p\u003e \u003cp\u003e\u003cstrong\u003eAppendix B - Good practice guidelines\u003c\/strong\u003e\u003c\/p\u003e \u003cp\u003e\u003cstrong\u003eAppendix C - Cyber security law\u003c\/strong\u003e\u003c\/p\u003e \u003cp\u003e\u003cstrong\u003eAppendix D - Cyber security training\u003c\/strong\u003e\u003c\/p\u003e \u003cp\u003e\u003cstrong\u003eAppendix E - Links to other useful organisations\u003c\/strong\u003e\u003c\/p\u003e","brand":"BCS Learning \u0026 Development Limited","offers":[{"title":"Default Title","offer_id":48868182851927,"sku":"9781780175959","price":999.99,"currency_code":"GBP","in_stock":false}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781780175959.jpg?v=1722286783"},{"product_id":"the-art-of-attack-9781119805465","title":"The Art of Attack","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eAbout the Author v\u003c\/p\u003e \u003cp\u003eAcknowledgments vii\u003c\/p\u003e \u003cp\u003eIntroduction xv\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart I: the Attacker Mindset 1\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 1: What Is the Attacker Mindset? 3\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eUsing the Mindset 6\u003c\/p\u003e \u003cp\u003eThe Attacker and the Mindset 9\u003c\/p\u003e \u003cp\u003eAMs Is a Needed Set of Skills 11\u003c\/p\u003e \u003cp\u003eA Quick Note on Scope 13\u003c\/p\u003e \u003cp\u003eSummary 16\u003c\/p\u003e \u003cp\u003eKey Message 16\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 2: Offensive vs. Defensive Attacker Mindset 17\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eThe Offensive Attacker Mindset 20\u003c\/p\u003e \u003cp\u003eComfort and Risk 22\u003c\/p\u003e \u003cp\u003ePlanning Pressure and Mental Agility 23\u003c\/p\u003e \u003cp\u003eEmergency Conditioning 26\u003c\/p\u003e \u003cp\u003eDefensive Attacker Mindset 31\u003c\/p\u003e \u003cp\u003eConsistency and Regulation 31\u003c\/p\u003e \u003cp\u003eAnxiety Control 32\u003c\/p\u003e \u003cp\u003eRecovery, Distraction, and Maintenance 34\u003c\/p\u003e \u003cp\u003eOAMs and DAMs Come Together 35\u003c\/p\u003e \u003cp\u003eSummary 35\u003c\/p\u003e \u003cp\u003eKey Message 36\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 3: The Attacker Mindset Framework 37\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eDevelopment 39\u003c\/p\u003e \u003cp\u003ePhase 1 43\u003c\/p\u003e \u003cp\u003ePhase 2 47\u003c\/p\u003e \u003cp\u003eApplication 48\u003c\/p\u003e \u003cp\u003ePreloading 51\u003c\/p\u003e \u003cp\u003e“Right Time, Right Place” Preload 51\u003c\/p\u003e \u003cp\u003eEthics 52\u003c\/p\u003e \u003cp\u003eIntellectual Ethics 53\u003c\/p\u003e \u003cp\u003eReactionary Ethics 53\u003c\/p\u003e \u003cp\u003eSocial Engineering and Security 57\u003c\/p\u003e \u003cp\u003eSocial Engineering vs. AMs 59\u003c\/p\u003e \u003cp\u003eSummary 60\u003c\/p\u003e \u003cp\u003eKey Message 60\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart II: the Laws and Skills 63\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 4: The Laws 65\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eLaw 1: Start with the End in Mind 65\u003c\/p\u003e \u003cp\u003eEnd to Start Questions 66\u003c\/p\u003e \u003cp\u003eRobbing a Bank 68\u003c\/p\u003e \u003cp\u003eBringing It All together 70\u003c\/p\u003e \u003cp\u003eThe Start of the End 71\u003c\/p\u003e \u003cp\u003eClarity 71\u003c\/p\u003e \u003cp\u003eEfficiency 72\u003c\/p\u003e \u003cp\u003eThe Objective 72\u003c\/p\u003e \u003cp\u003eHow to Begin with the End in Mind 73\u003c\/p\u003e \u003cp\u003eLaw 2: Gather, Weaponize, and Leverage Information 75\u003c\/p\u003e \u003cp\u003eLaw 3: Never Break Pretext 77\u003c\/p\u003e \u003cp\u003eLaw 4: Every Move Made Benefits the Objective 80\u003c\/p\u003e \u003cp\u003eSummary 81\u003c\/p\u003e \u003cp\u003eKey Message 82\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 5: Curiosity, Persistence, and Agility 83\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eCuriosity 86\u003c\/p\u003e \u003cp\u003eThe Exercise: Part 1 87\u003c\/p\u003e \u003cp\u003eThe Exercise: Part 2 89\u003c\/p\u003e \u003cp\u003ePersistence 92\u003c\/p\u003e \u003cp\u003eSkills and Common Sense 95\u003c\/p\u003e \u003cp\u003eProfessional Common Sense 95\u003c\/p\u003e \u003cp\u003eSummary 98\u003c\/p\u003e \u003cp\u003eKey Message 98\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 6: Information Processing: Observation and Thinking Techniques 99\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eYour Brain vs. Your Observation 102\u003c\/p\u003e \u003cp\u003eObservation vs. Heuristics 107\u003c\/p\u003e \u003cp\u003eHeuristics 107\u003c\/p\u003e \u003cp\u003eBehold Linda 108\u003c\/p\u003e \u003cp\u003eObservation vs. Intuition 109\u003c\/p\u003e \u003cp\u003eUsing Reasoning and Logic 112\u003c\/p\u003e \u003cp\u003eObserving People 114\u003c\/p\u003e \u003cp\u003eObservation Exercise 116\u003c\/p\u003e \u003cp\u003eAMs and Observation 122\u003c\/p\u003e \u003cp\u003eTying It All Together 123\u003c\/p\u003e \u003cp\u003eCritical and Nonlinear Thinking 124\u003c\/p\u003e \u003cp\u003eVector vs. Arc 127\u003c\/p\u003e \u003cp\u003eEducation and Critical Thinking 128\u003c\/p\u003e \u003cp\u003eWorkplace Critical Thinking 128\u003c\/p\u003e \u003cp\u003eCritical Thinking and Other Psychological Constructs 129\u003c\/p\u003e \u003cp\u003eCritical Thinking Skills 130\u003c\/p\u003e \u003cp\u003eNonlinear Thinking 131\u003c\/p\u003e \u003cp\u003eTying Them Together 132\u003c\/p\u003e \u003cp\u003eSummary 133\u003c\/p\u003e \u003cp\u003eKey Message 134\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 7: Information Processing in Practice 135\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eReconnaissance 136\u003c\/p\u003e \u003cp\u003eRecon: Passive 145\u003c\/p\u003e \u003cp\u003eRecon: Active 149\u003c\/p\u003e \u003cp\u003eOsint 150\u003c\/p\u003e \u003cp\u003eOSINT Over the Years 150\u003c\/p\u003e \u003cp\u003eIntel Types 153\u003c\/p\u003e \u003cp\u003eAlternative Data in OSINT 154\u003c\/p\u003e \u003cp\u003eSignal vs. Noise 155\u003c\/p\u003e \u003cp\u003eWeaponizing of Information 158\u003c\/p\u003e \u003cp\u003eTying Back to the Objective 160\u003c\/p\u003e \u003cp\u003eSummary 170\u003c\/p\u003e \u003cp\u003eKey Message 170\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart III: Tools and Anatomy 171\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 8: Attack Strategy 173\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eAttacks in Action 175\u003c\/p\u003e \u003cp\u003eStrategic Environment 177\u003c\/p\u003e \u003cp\u003eThe Necessity of Engagement and Winning 179\u003c\/p\u003e \u003cp\u003eThe Attack Surface 183\u003c\/p\u003e \u003cp\u003eVulnerabilities 183\u003c\/p\u003e \u003cp\u003eAMs Applied to the Attack Vectors 184\u003c\/p\u003e \u003cp\u003ePhishing 184\u003c\/p\u003e \u003cp\u003eMass Phish 185\u003c\/p\u003e \u003cp\u003eSpearphish 186\u003c\/p\u003e \u003cp\u003eWhaling 187\u003c\/p\u003e \u003cp\u003eVishing 190\u003c\/p\u003e \u003cp\u003eSmishing\/Smshing 195\u003c\/p\u003e \u003cp\u003eImpersonation 196\u003c\/p\u003e \u003cp\u003ePhysical 199\u003c\/p\u003e \u003cp\u003eBack to the Manhattan Bank 200\u003c\/p\u003e \u003cp\u003eSummary 203\u003c\/p\u003e \u003cp\u003eKey Message 203\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 9: Psychology in Attacks 205\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eSetting The Scene: Why Psychology Matters 205\u003c\/p\u003e \u003cp\u003eEgo Suspension, Humility \u0026amp; Asking for Help 210\u003c\/p\u003e \u003cp\u003eHumility 215\u003c\/p\u003e \u003cp\u003eAsking for Help 216\u003c\/p\u003e \u003cp\u003eIntroducing the Target- Attacker Window Model 217\u003c\/p\u003e \u003cp\u003eFour TAWM Regions 218\u003c\/p\u003e \u003cp\u003eTarget Psychology 221\u003c\/p\u003e \u003cp\u003eOptimism Bias 225\u003c\/p\u003e \u003cp\u003eConfirmation Bias and Motivated Reasoning 228\u003c\/p\u003e \u003cp\u003eFraming Effect 231\u003c\/p\u003e \u003cp\u003eThin- Slice Assessments 233\u003c\/p\u003e \u003cp\u003eDefault to Truth 236\u003c\/p\u003e \u003cp\u003eSummary 239\u003c\/p\u003e \u003cp\u003eKey Message 239\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart IV: AFTER AMs 241\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 10: Staying Protected— The Individual 243\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eAttacker Mindset for Ordinary People 243\u003c\/p\u003e \u003cp\u003eBehavioral Security 246\u003c\/p\u003e \u003cp\u003eAmygdala Hijacking 250\u003c\/p\u003e \u003cp\u003eAnalyze Your Attack Surface 252\u003c\/p\u003e \u003cp\u003eSummary 256\u003c\/p\u003e \u003cp\u003eKey Message 256\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 11: Staying Protected— The Business 257\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eIndicators of Attack 258\u003c\/p\u003e \u003cp\u003eNontechnical Measures 258\u003c\/p\u003e \u003cp\u003eTesting and Red Teams 261\u003c\/p\u003e \u003cp\u003eSurvivorship Bias 261\u003c\/p\u003e \u003cp\u003eThe Complex Policy 263\u003c\/p\u003e \u003cp\u003eProtection 264\u003c\/p\u003e \u003cp\u003eAntifragile 264\u003c\/p\u003e \u003cp\u003eThe Full Spectrum of Crises 266\u003c\/p\u003e \u003cp\u003eAMs on the Spectrum 268\u003c\/p\u003e \u003cp\u003eFinal Thoughts 269\u003c\/p\u003e \u003cp\u003eSummary 270\u003c\/p\u003e \u003cp\u003eKey Message 271\u003c\/p\u003e \u003cp\u003eIndex 273\u003c\/p\u003e","brand":"John Wiley \u0026 Sons Inc","offers":[{"title":"Default Title","offer_id":49407158288727,"sku":"9781119805465","price":19.54,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781119805465.jpg?v=1730498375"},{"product_id":"ransomware-protection-playbook-9781119849124","title":"Ransomware Protection Playbook","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003eAvoid becoming the next ransomware victim by taking practical steps today Colonial Pipeline. CWT Global. Brenntag. Travelex. The list of ransomware victims is long, distinguished, and sophisticated. And it's growing longer every day. In Ransomware Protection Playbook, computer security veteran and expert penetration tester Roger A. Grimes delivers an actionable blueprint for organizations seeking a robust defense against one of the most insidious and destructive IT threats currently in the wild. You'll learn about concrete steps you can take now to protect yourself or your organization from ransomware attacks. In addition to walking you through the necessary technical preventative measures, this critical book will show you how to: Quickly detect an attack, limit the damage, and decide whether to pay the ransomImplement a pre-set game plan in the event of a game-changing security breach to help limit the reputational and financial damageLay down a secure foundation of cybersecurit\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eAcknowledgments xi\u003c\/p\u003e \u003cp\u003eIntroduction xxi\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart I: \u003c\/b\u003e\u003cb\u003eIntroduction 1\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 1: \u003c\/b\u003e\u003cb\u003eIntroduction to Ransomware 3\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eHow Bad is the Problem? 4\u003c\/p\u003e \u003cp\u003eVariability of Ransomware Data 5\u003c\/p\u003e \u003cp\u003eTrue Costs of Ransomware 7\u003c\/p\u003e \u003cp\u003eTypes of Ransomware 9\u003c\/p\u003e \u003cp\u003eFake Ransomware 10\u003c\/p\u003e \u003cp\u003eImmediate Action vs. Delayed 14\u003c\/p\u003e \u003cp\u003eAutomatic or Human-Directed 17\u003c\/p\u003e \u003cp\u003eSingle Device Impacts or More 18\u003c\/p\u003e \u003cp\u003eRansomware Root Exploit 19\u003c\/p\u003e \u003cp\u003eFile Encrypting vs. Boot Infecting 21\u003c\/p\u003e \u003cp\u003eGood vs. Bad Encryption 22\u003c\/p\u003e \u003cp\u003eEncryption vs. More Payloads 23\u003c\/p\u003e \u003cp\u003eRansomware as a Service 30\u003c\/p\u003e \u003cp\u003eTypical Ransomware Process and Components 32\u003c\/p\u003e \u003cp\u003eInfiltrate 32\u003c\/p\u003e \u003cp\u003eAfter Initial Execution 34\u003c\/p\u003e \u003cp\u003eDial-Home 34\u003c\/p\u003e \u003cp\u003eAuto-Update 37\u003c\/p\u003e \u003cp\u003eCheck for Location 38\u003c\/p\u003e \u003cp\u003eInitial Automatic Payloads 39\u003c\/p\u003e \u003cp\u003eWaiting 40\u003c\/p\u003e \u003cp\u003eHacker Checks C\u0026amp;C 40\u003c\/p\u003e \u003cp\u003eMore Tools Used 40\u003c\/p\u003e \u003cp\u003eReconnaissance 41\u003c\/p\u003e \u003cp\u003eReadying Encryption 42\u003c\/p\u003e \u003cp\u003eData Exfiltration 43\u003c\/p\u003e \u003cp\u003eEncryption 44\u003c\/p\u003e \u003cp\u003eExtortion Demand 45\u003c\/p\u003e \u003cp\u003eNegotiations 46\u003c\/p\u003e \u003cp\u003eProvide Decryption Keys 47\u003c\/p\u003e \u003cp\u003eRansomware Goes Conglomerate 48\u003c\/p\u003e \u003cp\u003eRansomware Industry Components 52\u003c\/p\u003e \u003cp\u003eSummary 55\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 2: \u003c\/b\u003e\u003cb\u003ePreventing Ransomware 57\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eNineteen Minutes to Takeover 57\u003c\/p\u003e \u003cp\u003eGood General Computer Defense Strategy 59\u003c\/p\u003e \u003cp\u003eUnderstanding How Ransomware Attacks 61\u003c\/p\u003e \u003cp\u003eThe Nine Exploit Methods All Hackers and Malware Use 62\u003c\/p\u003e \u003cp\u003eTop Root-Cause Exploit Methods of All Hackers and Malware 63\u003c\/p\u003e \u003cp\u003eTop Root-Cause Exploit Methods of Ransomware 64\u003c\/p\u003e \u003cp\u003ePreventing Ransomware 67\u003c\/p\u003e \u003cp\u003ePrimary Defenses 67\u003c\/p\u003e \u003cp\u003eEverything Else 70\u003c\/p\u003e \u003cp\u003eUse Application Control 70\u003c\/p\u003e \u003cp\u003eAntivirus Prevention 73\u003c\/p\u003e \u003cp\u003eSecure Configurations 74\u003c\/p\u003e \u003cp\u003ePrivileged Account Management 74\u003c\/p\u003e \u003cp\u003eSecurity Boundary Segmentation 75\u003c\/p\u003e \u003cp\u003eData Protection 76\u003c\/p\u003e \u003cp\u003eBlock USB Keys 76\u003c\/p\u003e \u003cp\u003eImplement a Foreign Russian Language 77\u003c\/p\u003e \u003cp\u003eBeyond Self-Defense 78\u003c\/p\u003e \u003cp\u003eGeopolitical Solutions 79\u003c\/p\u003e \u003cp\u003eInternational Cooperation and Law Enforcement 79\u003c\/p\u003e \u003cp\u003eCoordinated Technical Defense 80\u003c\/p\u003e \u003cp\u003eDisrupt Money Supply 81\u003c\/p\u003e \u003cp\u003eFix the Internet 81\u003c\/p\u003e \u003cp\u003eSummary 84\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 3: \u003c\/b\u003e\u003cb\u003eCybersecurity Insurance 85\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eCybersecurity Insurance Shakeout 85\u003c\/p\u003e \u003cp\u003eDid Cybersecurity Insurance Make Ransomware Worse? 90\u003c\/p\u003e \u003cp\u003eCybersecurity Insurance Policies 92\u003c\/p\u003e \u003cp\u003eWhat’s Covered by Most Cybersecurity Policies 93\u003c\/p\u003e \u003cp\u003eRecovery Costs 93\u003c\/p\u003e \u003cp\u003eRansom 94\u003c\/p\u003e \u003cp\u003eRoot-Cause Analysis 95\u003c\/p\u003e \u003cp\u003eBusiness Interruption Costs 95\u003c\/p\u003e \u003cp\u003eCustomer\/Stakeholder Notifications and Protection 96\u003c\/p\u003e \u003cp\u003eFines and Legal Investigations 96\u003c\/p\u003e \u003cp\u003eExample Cyber Insurance Policy Structure 97\u003c\/p\u003e \u003cp\u003eCosts Covered and Not Covered by Insurance 98\u003c\/p\u003e \u003cp\u003eThe Insurance Process 101\u003c\/p\u003e \u003cp\u003eGetting Insurance 101\u003c\/p\u003e \u003cp\u003eCybersecurity Risk Determination 102\u003c\/p\u003e \u003cp\u003eUnderwriting and Approval 103\u003c\/p\u003e \u003cp\u003eIncident Claim Process 104\u003c\/p\u003e \u003cp\u003eInitial Technical Help 105\u003c\/p\u003e \u003cp\u003eWhat to Watch Out For 106\u003c\/p\u003e \u003cp\u003eSocial Engineering Outs 107\u003c\/p\u003e \u003cp\u003eMake Sure Your Policy Covers Ransomware 107\u003c\/p\u003e \u003cp\u003eEmployee’s Mistake Involved 107\u003c\/p\u003e \u003cp\u003eWork-from-Home Scenarios 108\u003c\/p\u003e \u003cp\u003eWar Exclusion Clauses 108\u003c\/p\u003e \u003cp\u003eFuture of Cybersecurity Insurance 109\u003c\/p\u003e \u003cp\u003eSummary 111\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 4: \u003c\/b\u003e\u003cb\u003eLegal Considerations 113\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eBitcoin and Cryptocurrencies 114\u003c\/p\u003e \u003cp\u003eCan You Be in Legal Jeopardy for Paying a Ransom? 123\u003c\/p\u003e \u003cp\u003eConsult with a Lawyer 127\u003c\/p\u003e \u003cp\u003eTry to Follow the Money 127\u003c\/p\u003e \u003cp\u003eGet Law Enforcement Involved 128\u003c\/p\u003e \u003cp\u003eGet an OFAC License to Pay the Ransom 129\u003c\/p\u003e \u003cp\u003eDo Your Due Diligence 129\u003c\/p\u003e \u003cp\u003eIs It an Official Data Breach? 129\u003c\/p\u003e \u003cp\u003ePreserve Evidence 130\u003c\/p\u003e \u003cp\u003eLegal Defense Summary 130\u003c\/p\u003e \u003cp\u003eSummary 131\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart II: \u003c\/b\u003e\u003cb\u003eDetection and Recovery 133\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 5: \u003c\/b\u003e\u003cb\u003eRansomware Response Plan 135\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eWhy Do Response Planning? 135\u003c\/p\u003e \u003cp\u003eWhen Should a Response Plan Be Made? 136\u003c\/p\u003e \u003cp\u003eWhat Should a Response Plan Include? 136\u003c\/p\u003e \u003cp\u003eSmall Response vs. Large Response Threshold 137\u003c\/p\u003e \u003cp\u003eKey People 137\u003c\/p\u003e \u003cp\u003eCommunications Plan 138\u003c\/p\u003e \u003cp\u003ePublic Relations Plan 141\u003c\/p\u003e \u003cp\u003eReliable Backup 142\u003c\/p\u003e \u003cp\u003eRansom Payment Planning 144\u003c\/p\u003e \u003cp\u003eCybersecurity Insurance Plan 146\u003c\/p\u003e \u003cp\u003eWhat It Takes to Declare an Official Data Breach 147\u003c\/p\u003e \u003cp\u003eInternal vs. External Consultants 148\u003c\/p\u003e \u003cp\u003eCryptocurrency Wallet 149\u003c\/p\u003e \u003cp\u003eResponse 151\u003c\/p\u003e \u003cp\u003eChecklist 151\u003c\/p\u003e \u003cp\u003eDefinitions 153\u003c\/p\u003e \u003cp\u003ePractice Makes Perfect 153\u003c\/p\u003e \u003cp\u003eSummary 154\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 6: \u003c\/b\u003e\u003cb\u003eDetecting Ransomware 155\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eWhy is Ransomware So Hard to Detect? 155\u003c\/p\u003e \u003cp\u003eDetection Methods 158\u003c\/p\u003e \u003cp\u003eSecurity Awareness Training 158\u003c\/p\u003e \u003cp\u003eAV\/EDR Adjunct Detections 159\u003c\/p\u003e \u003cp\u003eDetect New Processes 160\u003c\/p\u003e \u003cp\u003eAnomalous Network Connections 164\u003c\/p\u003e \u003cp\u003eNew, Unexplained Things 166\u003c\/p\u003e \u003cp\u003eUnexplained Stoppages 167\u003c\/p\u003e \u003cp\u003eAggressive Monitoring 169\u003c\/p\u003e \u003cp\u003eExample Detection Solution 169\u003c\/p\u003e \u003cp\u003eSummary 175\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 7: \u003c\/b\u003e\u003cb\u003eMinimizing Damage 177\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eBasic Outline for Initial Ransomware Response 177\u003c\/p\u003e \u003cp\u003eStop the Spread 179\u003c\/p\u003e \u003cp\u003ePower Down or Isolate Exploited Devices 180\u003c\/p\u003e \u003cp\u003eDisconnecting the Network 181\u003c\/p\u003e \u003cp\u003eDisconnect at the Network Access Points 182\u003c\/p\u003e \u003cp\u003eSuppose You Can’t Disconnect the Network 183\u003c\/p\u003e \u003cp\u003eInitial Damage Assessment 184\u003c\/p\u003e \u003cp\u003eWhat is Impacted? 185\u003c\/p\u003e \u003cp\u003eEnsure Your Backups Are Still Good 186\u003c\/p\u003e \u003cp\u003eCheck for Signs of Data and Credential Exfiltration 186\u003c\/p\u003e \u003cp\u003eCheck for Rogue Email Rules 187\u003c\/p\u003e \u003cp\u003eWhat Do You Know About the Ransomware? 187\u003c\/p\u003e \u003cp\u003eFirst Team Meeting 188\u003c\/p\u003e \u003cp\u003eDetermine Next Steps 189\u003c\/p\u003e \u003cp\u003ePay the Ransom or Not? 190\u003c\/p\u003e \u003cp\u003eRecover or Rebuild? 190\u003c\/p\u003e \u003cp\u003eSummary 193\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 8: \u003c\/b\u003e\u003cb\u003eEarly Responses 195\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eWhat Do You Know? 195\u003c\/p\u003e \u003cp\u003eA Few Things to Remember 197\u003c\/p\u003e \u003cp\u003eEncryption is Likely Not Your Only Problem 198\u003c\/p\u003e \u003cp\u003eReputational Harm May Occur 199\u003c\/p\u003e \u003cp\u003eFirings May Happen 200\u003c\/p\u003e \u003cp\u003eIt Could Get Worse 201\u003c\/p\u003e \u003cp\u003eMajor Decisions 202\u003c\/p\u003e \u003cp\u003eBusiness Impact Analysis 202\u003c\/p\u003e \u003cp\u003eDetermine Business Interruption Workarounds 203\u003c\/p\u003e \u003cp\u003eDid Data Exfiltration Happen? 204\u003c\/p\u003e \u003cp\u003eCan You Decrypt the Data Without Paying? 204\u003c\/p\u003e \u003cp\u003eRansomware is Buggy 205\u003c\/p\u003e \u003cp\u003eRansomware Decryption Websites 205\u003c\/p\u003e \u003cp\u003eRansomware Gang Publishes Decryption Keys 206\u003c\/p\u003e \u003cp\u003eSniff a Ransomware Key Off the Network? 206\u003c\/p\u003e \u003cp\u003eRecovery Companies Who Lie About Decryption Key Use 207\u003c\/p\u003e \u003cp\u003eIf You Get the Decryption Keys 207\u003c\/p\u003e \u003cp\u003eSave Encrypted Data Just in Case 208\u003c\/p\u003e \u003cp\u003eDetermine Whether the Ransom Should Be Paid 209\u003c\/p\u003e \u003cp\u003eNot Paying the Ransom 209\u003c\/p\u003e \u003cp\u003ePaying the Ransom 210\u003c\/p\u003e \u003cp\u003eRecover or Rebuild Involved Systems? 212\u003c\/p\u003e \u003cp\u003eDetermine Dwell Time 212\u003c\/p\u003e \u003cp\u003eDetermine Root Cause 213\u003c\/p\u003e \u003cp\u003ePoint Fix or Time to Get Serious? 214\u003c\/p\u003e \u003cp\u003eEarly Actions 215\u003c\/p\u003e \u003cp\u003ePreserve the Evidence 215\u003c\/p\u003e \u003cp\u003eRemove the Malware 215\u003c\/p\u003e \u003cp\u003eChange All Passwords 217\u003c\/p\u003e \u003cp\u003eSummary 217\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 9: \u003c\/b\u003e\u003cb\u003eEnvironment Recovery 219\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eBig Decisions 219\u003c\/p\u003e \u003cp\u003eRecover vs. Rebuild 220\u003c\/p\u003e \u003cp\u003eIn What Order 221\u003c\/p\u003e \u003cp\u003eRestoring Network 221\u003c\/p\u003e \u003cp\u003eRestore IT Security Services 223\u003c\/p\u003e \u003cp\u003eRestore Virtual Machines and\/or Cloud Services 223\u003c\/p\u003e \u003cp\u003eRestore Backup Systems 224\u003c\/p\u003e \u003cp\u003eRestore Clients, Servers, Applications, Services 224\u003c\/p\u003e \u003cp\u003eConduct Unit Testing 225\u003c\/p\u003e \u003cp\u003eRebuild Process Summary 225\u003c\/p\u003e \u003cp\u003eRecovery Process Summary 228\u003c\/p\u003e \u003cp\u003eRecovering a Windows Computer 229\u003c\/p\u003e \u003cp\u003eRecovering\/Restoring Microsoft Active Directory 231\u003c\/p\u003e \u003cp\u003eSummary 233\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 10: \u003c\/b\u003e\u003cb\u003eNext Steps 235\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eParadigm Shifts 235\u003c\/p\u003e \u003cp\u003eImplement a Data-Driven Defense 236\u003c\/p\u003e \u003cp\u003eFocus on Root Causes 238\u003c\/p\u003e \u003cp\u003eRank Everything! 239\u003c\/p\u003e \u003cp\u003eGet and Use Good Data 240\u003c\/p\u003e \u003cp\u003eHeed Growing Threats More 241\u003c\/p\u003e \u003cp\u003eRow the Same Direction 241\u003c\/p\u003e \u003cp\u003eFocus on Social Engineering Mitigation 242\u003c\/p\u003e \u003cp\u003eTrack Processes and Network Traffic 243\u003c\/p\u003e \u003cp\u003eImprove Overall Cybersecurity Hygiene 243\u003c\/p\u003e \u003cp\u003eUse Multifactor Authentication 243\u003c\/p\u003e \u003cp\u003eUse a Strong Password Policy 244\u003c\/p\u003e \u003cp\u003eSecure Elevated Group Memberships 246\u003c\/p\u003e \u003cp\u003eImprove Security Monitoring 247\u003c\/p\u003e \u003cp\u003eSecure PowerShell 247\u003c\/p\u003e \u003cp\u003eSecure Data 248\u003c\/p\u003e \u003cp\u003eSecure Backups 249\u003c\/p\u003e \u003cp\u003eSummary 250\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 11: \u003c\/b\u003e\u003cb\u003eWhat Not to Do 251\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eAssume You Can’t Be a Victim 251\u003c\/p\u003e \u003cp\u003eThink That One Super-Tool Can Prevent an Attack 252\u003c\/p\u003e \u003cp\u003eAssume Too Quickly Your Backup is Good 252\u003c\/p\u003e \u003cp\u003eUse Inexperienced Responders 253\u003c\/p\u003e \u003cp\u003eGive Inadequate Considerations to Paying Ransom 254\u003c\/p\u003e \u003cp\u003eLie to Attackers 255\u003c\/p\u003e \u003cp\u003eInsult the Gang by Suggesting Tiny Ransom 255\u003c\/p\u003e \u003cp\u003ePay the Whole Amount Right Away 256\u003c\/p\u003e \u003cp\u003eArgue with the Ransomware Gang 257\u003c\/p\u003e \u003cp\u003eApply Decryption Keys to Your Only Copy 257\u003c\/p\u003e \u003cp\u003eNot Care About Root Cause 257\u003c\/p\u003e \u003cp\u003eKeep Your Ransomware Response Plan Online Only 258\u003c\/p\u003e \u003cp\u003eAllow a Team Member to Go Rogue 258\u003c\/p\u003e \u003cp\u003eAccept a Social Engineering Exclusion in Your Cyber-Insurance Policy 259\u003c\/p\u003e \u003cp\u003eSummary 259\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 12: \u003c\/b\u003e\u003cb\u003eFuture of Ransomware 261\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFuture of Ransomware 261\u003c\/p\u003e \u003cp\u003eAttacks Beyond Traditional Computers 262\u003c\/p\u003e \u003cp\u003eIoT Ransoms 264\u003c\/p\u003e \u003cp\u003eMixed-Purpose\u003c\/p\u003e \u003cp\u003eHacking Gangs 265\u003c\/p\u003e \u003cp\u003eFuture of Ransomware Defense 267\u003c\/p\u003e \u003cp\u003eFuture Technical Defenses 267\u003c\/p\u003e \u003cp\u003eRansomware Countermeasure Apps and Features 267\u003c\/p\u003e \u003cp\u003eAI Defense and Bots 268\u003c\/p\u003e \u003cp\u003eStrategic Defenses 269\u003c\/p\u003e \u003cp\u003eFocus on Mitigating Root Causes 269\u003c\/p\u003e \u003cp\u003eGeopolitical Improvements 269\u003c\/p\u003e \u003cp\u003eSystematic Improvements 270\u003c\/p\u003e \u003cp\u003eUse Cyber Insurance as a Tool 270\u003c\/p\u003e \u003cp\u003eImprove Internet Security Overall 271\u003c\/p\u003e \u003cp\u003eSummary 271\u003c\/p\u003e \u003cp\u003eParting Words 272\u003c\/p\u003e \u003cp\u003eIndex 273\u003c\/p\u003e","brand":"John Wiley \u0026 Sons Inc","offers":[{"title":"Default Title","offer_id":49407170642263,"sku":"9781119849124","price":18.69,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781119849124.jpg?v=1730498423"},{"product_id":"rootkits-and-bootkits-reversing-modern-malware-and-next-generation-threats-9781593277161","title":"Rootkits And Bootkits: Reversing Modern Malware","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003eSecurity experts Alex Matrosov, Eugene Rodionov, and Sergey Bratus share the knowledge they've gained over years of professional research to help you counter threats. We're talking hard stuff - attacks buried deep in a machine's boot process or UEFI firmware that keep malware analysts up late at night. With these field notes, you'll trace malware evolution from rootkits like TDL3 to present day UEFI implants and examine how these malware infect the system, persist through reboot, and evade security software. The game is not lost.\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTrade Review\u003c\/b\u003e\u003cbr\u003e“This deep reference, jam-packed with code and technical information, will support an engineer or system administrator tasked with putting these vulnerabilities in their place.” \u003cbr\u003e\u003cb\u003e—Ben Rothke, Security Management\u003c\/b\u003e\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e“Alex Matrosov, Eugene Rodionov, and Sergey Bratus are experts in their field that have delivered a solid hands-on technical book. While enthralled with the stories from the trenches, I got flashbacks of my days of analyzing rootkits on SunOS and Solaris workstations about 20 years ago. It was a fun book to read.” \u003cbr\u003e\u003cb\u003e—Sven Dietrich, Cipher: the newsletter of the IEEE Computer Society's Technical Committee on Security and Privacy\u003cbr\u003e\u003c\/b\u003e\u003cbr\u003e\"I enjoyed reading the book and learning about the malware, even if it was not particularly relevant to me, as 'I don’t do Windows.' Still, there’s more than enough here that’s relevant to Linux users, as malware writers are now turning their attention to Linux servers.\" \u003cbr\u003e\u003cb\u003e—Rik Farrow, USENIX ;login: magazine\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e\u003c\/b\u003e\"[A] seminal book that explains how to understand and counter sophisticated, advanced threats buried deep in a machine’s boot process or UEFI firmware.\" \u003cbr\u003e\u003cb\u003e—Business Wire\u003c\/b\u003e","brand":"No Starch Press,US","offers":[{"title":"Default Title","offer_id":49410454192471,"sku":"9781593277161","price":35.99,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781593277161.jpg?v=1730510286"},{"product_id":"malware-data-science-attack-detection-and-attribution-9781593278595","title":"Malware Data Science: Attack, Detection, and","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003eSecurity has become a 'big data' problem. The growth rate of malware has accelerated to tens of millions of new files per year while our networks generate an ever-larger flood of security-relevant data each day. In order to defend against these advanced attacks, you'll need to know how to think like a data scientist. In Malware Data Science, security data scientist Joshua Saxe introduces machine learning, statistics, social network analysis, and data visualisation, and shows you how to apply these methods to malware detection and analysis.\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTrade Review\u003c\/b\u003e\u003cbr\u003e\"For those looking to become a security data scientist, or just want to get a comprehensive understanding of how to use data science to deal with malicious software, \u003ci\u003eMalware Data Science\u003c\/i\u003e is a superb reference.\" \u003cbr\u003e\u003cb\u003e—Ben Rothke, \u003ci\u003eRSA Conference\u003c\/i\u003e\u003cbr\u003e\u003c\/b\u003e\u003cbr\u003e\u003cbr\u003e\"If you are new to data science or machine learning, this book provides an excellent introduction to these topics.\"\u003cbr\u003e\u003cb\u003e —DMFR Security\u003c\/b\u003e","brand":"No Starch Press,US","offers":[{"title":"Default Title","offer_id":49410454782295,"sku":"9781593278595","price":40.79,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781593278595.jpg?v=1730510289"},{"product_id":"practical-binary-analysis-build-your-own-linux-tools-for-binary-instrumentation-analysis-and-disassembly-9781593279127","title":"Practical Binary Analysis: Build Your Own Linux","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003ePractical Binary Analysis is the first book of its kind to present advanced binary analysis topics in an accessible way. After an introduction on the basics of binary formats, disassembly, and code injection, you'll dive into more complex topics such as binary instrumentation, dynamic taint analysis, and symbolic execution. By the end of the book, you'll be able to build your own binary analysis tools on Linux by following hands-on and practical examples.\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTrade Review\u003c\/b\u003e\u003cbr\u003e\"Dennis Andriesse has put together a book that combines the necessary knowledge and tools enabling the reader to grasp not only the fundamentals of binary analysis, but also to put the newfound knowledge to the test in practical and illustrative examples of binary analysis.\"\u003cbr\u003e\u003cb\u003e—Sven Dietrich, Cipher: the newsletter of the IEEE Computer Society's Technical Committee on Security and Privacy\u003cbr\u003e\u003c\/b\u003e\u003cbr\u003e\"This book is...one that deserves the title of deep dive. There is no waste anywhere—just lean, mean, information.\"\u003cbr\u003e\u003cb\u003e—Full Circle Magazine\u003cbr\u003e\u003c\/b\u003e\u003cbr\u003e\"If you want to reverse engineer some code, learn to be a white hat hacker or a black hat hacker then it's well worth reading.\"\u003cbr\u003e\u003cb\u003e—I Programmer\u003cbr\u003e\u003c\/b\u003e\u003cbr\u003e\"Explains the subject in a straightforward and concise way! The author is a very knowledgeable security researcher and his work is state of the art!\"\u003cbr\u003e\u003cb\u003e—Nucu Labs\u003cbr\u003e\u003c\/b\u003e\u003cbr\u003e“This book reads like a workshop that teaches readers what tools exist for both Linux and Windows and how to string them together to write tools for reverse engineering binaries . . . if you are well versed in programming, this book will still teach you a good approach at tackling many problems with binary analysis.”\u003cbr\u003e\u003cb\u003e—John Skandalakis, Software Engineer, Tripwire\u003c\/b\u003e","brand":"No Starch Press,US","offers":[{"title":"Default Title","offer_id":49410455109975,"sku":"9781593279127","price":35.99,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781593279127.jpg?v=1730510290"},{"product_id":"the-art-of-mac-malware-the-guide-to-analyzing-malicious-software-9781718501942","title":"The Art Of Mac Malware: The Guide to Analyzing","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003eWritten by leading macOS threat analyst Patrick Wardle, The Art of Mac Malware Analysis covers the knowledge and hands-on skills required to analyze Mac malware. Using real-world examples and references to original research, Part 1 surveys the malware's various infection methods, persistence mechanisms, and capabilities. In Part 2, you'll learn about the static and dynamic analysis tools and techniques needed to examine malware you may find in the wild. Finally, you'll put these lessons into practice by walking through a comprehensive analysis of a complex Mac malware specimen (Part 3).\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTrade Review\u003c\/b\u003e\u003cbr\u003e\"[\u003ci\u003eThe Art of Mac Malware\u003c\/i\u003e] serves as a valuable resource for anyone looking to level up their skills to stay on top of the latest macOS threats. Patrick's approachable, educating writing style and extensive knowledge in this field made him the ideal author to write this book.\"\u003cbr\u003e\u003cb\u003e—Maria Markstedter, @Fox0x01, \u003ci\u003eForbes\u003c\/i\u003e Person Of The Year In Cybersecurity\u003cbr\u003e\u003cbr\u003e\u003c\/b\u003e\"Mac doesn’t face the same level of malware threat that Windows users experience. However, it is possible to create malware for macOS and the excellent book, \u003ci\u003eThe Art of Mac Malware\u003c\/i\u003e, goes into a lot of detail.\"\u003cb\u003e\u003cbr\u003e—Security Boulevard\u003c\/b\u003e\u003cbr\u003e\u003cbr\u003e\"Awesome job keeping readers hooked.\"\u003cbr\u003e\u003cb\u003e—Tony Lambert, @ForensicITGuy\u003c\/b\u003e\u003cbr\u003e\u003cbr\u003e\"An awesome researcher writing for my favorite publisher . . . If you’re interested in Mac malware, I highly recommend!\"\u003cbr\u003e\u003cb\u003e—Francisco Donoso, @Francisckrs\u003c\/b\u003e","brand":"No Starch Press,US","offers":[{"title":"Default Title","offer_id":49411443523927,"sku":"9781718501942","price":35.99,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781718501942.jpg?v=1730513605"},{"product_id":"gray-day-gray-day-my-undercover-mission-to-expose-americas-first-cyber-spy-my-undercover-mission-to-expose-americas-first-cyber-spy-9780525573531","title":"Gray Day Gray Day My Undercover Mission to Expose","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eA cybersecurity expert and former FBI “ghost” tells the thrilling story of how he helped take down notorious FBI mole Robert Hanssen, the first Russian cyber spy.\u003cbr\u003e\u003c\/b\u003e\u003cbr\u003e\u003cb\u003e“Both a real-life, tension-packed thriller and a persuasive argument for traditional intelligence work in the information age.”—Bruce Schneier, \u003ci\u003eNew York Times \u003c\/i\u003ebestselling author of \u003ci\u003eData and Goliath\u003c\/i\u003e and \u003ci\u003eClick Here to Kill Everybody\u003c\/i\u003e\u003c\/b\u003e\u003cbr\u003e\u003cbr\u003eEric O’Neill was only twenty-six when he was tapped for the case of a lifetime: a one-on-one undercover investigation of the FBI’s top target, a man suspected of spying for the Russians for nearly two decades, giving up nuclear secrets, compromising intelligence, and betraying US assets. With zero training in face-to-face investigation, O’Neill found himself in a windowless, high-security office in the newly formed Information Assurance Section, tasked officially with helping the FBI secure its outdated","brand":"Random House USA Inc","offers":[{"title":"Default Title","offer_id":49525501395287,"sku":"9780525573531","price":13.29,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9780525573531.jpg?v=1731860757"},{"product_id":"blue-team-operations-operatonal-security-incident-response-digital-forensics-9781839385612","title":"Blue Team Operations: Operatonal Security,","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e","brand":"Pastor Publishing Ltd","offers":[{"title":"Default Title","offer_id":49535731466583,"sku":"9781839385612","price":999.99,"currency_code":"GBP","in_stock":false}]},{"product_id":"from-exposed-to-secure-9781636983851","title":"From Exposed to Secure","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cp class=\"p1\"\u003e\u003cb\u003e\u003ci\u003eFrom Exposed To Secure\u003c\/i\u003e reveals the everyday threats that are putting your company in danger and where to focus your resources to eliminate exposure and minimize risk. \u003c\/b\u003e\u003c\/p\u003e\u003cp class=\"p1\"\u003eTop cybersecurity and compliance professionals from around the world share their decades of experience in utilizing data protection regulations and complete security measures to protect your company from fines, lawsuits, loss of revenue, operation disruption or destruction, intellectual property theft, and reputational damage.   \u003c\/p\u003e\u003cp class=\"p1\"\u003e\u003ci\u003eFrom Exposed To Secure\u003c\/i\u003e delivers the crucial, smart steps every business must take to protect itself against the increasingly prevalent and sophisticated cyberthreats that can destroy your company - including phishing, the Internet of Things, insider threats, ransomware, supply chain, and zero-day.\u003cspan class=\"Apple-converted-space\"\u003e \u003c\/span\u003e\u003c\/p\u003e","brand":"Morgan James Publishing llc","offers":[{"title":"Default Title","offer_id":51020172591447,"sku":"9781636983851","price":13.25,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781636983851.jpg?v=1750782650"},{"product_id":"metasploit-for-beginners-9781788295970","title":"Metasploit for Beginners","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003eCovering all aspects of the framework from installation, configuration, and vulnerability hunting to advanced client side attacks and anti-forensics, this book carries out penetration testing in highly-secured environments with Metasploit. It helps you learn to bypass different defenses to gain access into different systems.","brand":"Packt Publishing Limited","offers":[{"title":"Default Title","offer_id":51020481528151,"sku":"9781788295970","price":26.59,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781788295970.jpg?v=1750783537"},{"product_id":"technological-turf-wars-a-case-study-of-the-computer-antivirus-industry-9781592138821","title":"Technological Turf Wars: A Case Study of the","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003eExploring computer security as both a social and technical problem\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTrade Review\u003c\/b\u003e\u003cbr\u003e\u003ci\u003e\"Johnston presents the ways antivirus workers think in fascinating detail. She is very astute and effective in analyzing and explicating the underlying assumptions of their logic. Technological Turf Wars is insightful, interesting, and it unfolds in ways that are quite surprising. Johnston demonstrates that this industry is as much a social world as it is a technical world.\"\u003c\/i\u003e\u003cbr\u003e—\u003cb\u003eJohn L. Caughey\u003c\/b\u003e, Professor of American Studies, University of Maryland, College Park\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eAcknowledgements \u003cbr\u003eIntroduction \u003cbr\u003e1. Naming the Threat \u003cbr\u003e2. Security Transformations \u003cbr\u003e3. Trust, Networks, and the Transformation of Organizational Power \u003cbr\u003e4. IT Corporate Customers as End Users \u003cbr\u003e5. Marketing Services \u003cbr\u003e6. Situated Exclusions and Reinforced Power \u003cbr\u003eWorks Cited \u003cbr\u003eIndex\u003c\/p\u003e","brand":"Temple University Press,U.S.","offers":[{"title":"Default Title","offer_id":51041556889943,"sku":"9781592138821","price":999.99,"currency_code":"GBP","in_stock":false}]},{"product_id":"technological-turf-wars-a-case-study-of-the-antivirus-industry-9781592138814","title":"Technological Turf Wars: A Case Study of the","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003eExploring computer security as both a social and technical problem\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTrade Review\u003c\/b\u003e\u003cbr\u003e\u003ci\u003e\"Johnston presents the ways antivirus workers think in fascinating detail. She is very astute and effective in analyzing and explicating the underlying assumptions of their logic. Technological Turf Wars is insightful, interesting, and it unfolds in ways that are quite surprising. Johnston demonstrates that this industry is as much a social world as it is a technical world.\"\u003c\/i\u003e\u003cbr\u003e—\u003cb\u003eJohn L. Caughey\u003c\/b\u003e, Professor of American Studies, University of Maryland, College Park\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003eAcknowledgements \u003cbr\u003eIntroduction \u003cbr\u003e1. Naming the Threat \u003cbr\u003e2. Security Transformations \u003cbr\u003e3. Trust, Networks, and the Transformation of Organizational Power \u003cbr\u003e4. IT Corporate Customers as End Users \u003cbr\u003e5. Marketing Services \u003cbr\u003e6. Situated Exclusions and Reinforced Power \u003cbr\u003eWorks Cited \u003cbr\u003eIndex","brand":"Temple University Press,U.S.","offers":[{"title":"Default Title","offer_id":51041557119319,"sku":"9781592138814","price":999.99,"currency_code":"GBP","in_stock":false}]},{"product_id":"7-rules-to-become-exceptional-at-cyber-security-9780648662389","title":"7 Rules To Become Exceptional At Cyber Security","description":"","brand":"Chirag Joshi","offers":[{"title":"Default Title","offer_id":52084047741271,"sku":"9780648662389","price":16.59,"currency_code":"GBP","in_stock":true}]},{"product_id":"redes-de-ordenadores-y-ciberseguridad-una-guia-sobre-los-sistemas-de-comunicacion-las-conexiones-a-internet-la-seguridad-de-las-redes-proteccion-contra-el-hackeo-y-las-amenazas-de-ciberseguridad-9781638180494","title":"Redes de ordenadores y ciberseguridad: Una guía sobre los sistemas de comunicación, las conexiones a Internet, la seguridad de las redes, protección contra el hackeo y las amenazas de ciberseguridad","description":"","brand":"Primasta","offers":[{"title":"Default Title","offer_id":52085244690775,"sku":"9781638180494","price":22.49,"currency_code":"GBP","in_stock":true}]},{"product_id":"stuxnet-the-revenge-of-malware-how-the-discovery-of-malware-from-the-stuxnet-family-led-to-the-u-s-government-ban-of-kaspersky-lab-anti-virus-software-9781689661775","title":"Stuxnet: The Revenge of Malware: How the Discovery of Malware from the Stuxnet Family Led to the U.S. Government Ban of Kaspersky Lab Anti-Virus Software","description":"","brand":"Independently Published","offers":[{"title":"Default Title","offer_id":52085393031511,"sku":"9781689661775","price":10.86,"currency_code":"GBP","in_stock":true}]},{"product_id":"computer-security-a-hands-on-approach-9781733003957","title":"Computer Security: A Hands-on Approach","description":"","brand":"Wenliang Du","offers":[{"title":"Default Title","offer_id":52085444411735,"sku":"9781733003957","price":36.99,"currency_code":"GBP","in_stock":true}]},{"product_id":"computer-internet-security-a-hands-on-approach-9781733003940","title":"Computer \u0026 Internet Security: A Hands-on Approach","description":"","brand":"Wenliang Du","offers":[{"title":"Default Title","offer_id":52085444510039,"sku":"9781733003940","price":52.99,"currency_code":"GBP","in_stock":true}]},{"product_id":"ptfm-purple-team-field-manual-9781736526705","title":"Ptfm: Purple Team Field Manual","description":"","brand":"Pragma LLC","offers":[{"title":"Default Title","offer_id":52085460107607,"sku":"9781736526705","price":15.09,"currency_code":"GBP","in_stock":true}]},{"product_id":"cyber-essentials-a-guide-to-the-cyber-essentials-and-cyber-essentials-plus-certifications-9781787784345","title":"Cyber Essentials: A guide to the Cyber Essentials and Cyber Essentials Plus certifications","description":"","brand":"IT Governance Publishing","offers":[{"title":"Default Title","offer_id":52085539012951,"sku":"9781787784345","price":25.33,"currency_code":"GBP","in_stock":true}]},{"product_id":"cyber-resilience-defence-in-depth-principles-9781787784383","title":"Cyber resilience: Defence-in-depth principles","description":"","brand":"IT Governance Publishing","offers":[{"title":"Default Title","offer_id":52085539078487,"sku":"9781787784383","price":31.39,"currency_code":"GBP","in_stock":true}]},{"product_id":"purple-team-strategies-enhancing-global-security-posture-through-uniting-red-and-blue-teams-with-adversary-emulation-9781801074292","title":"Purple Team Strategies: Enhancing global security posture through uniting red and blue teams with adversary emulation","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cp\u003e\u003cb\u003eLeverage cyber threat intelligence and the MITRE framework to enhance your prevention mechanisms, detection capabilities, and learn top adversarial simulation and emulation techniques\u003c\/b\u003e\u003c\/p\u003eKey Features\u003cul\u003e\n\u003cli\u003eApply real-world strategies to strengthen the capabilities of your organization's security system\u003c\/li\u003e\n\u003cli\u003eLearn to not only defend your system but also think from an attacker's perspective\u003c\/li\u003e\n\u003cli\u003eEnsure the ultimate effectiveness of an organization's red and blue teams with practical tips\u003c\/li\u003e\n\u003c\/ul\u003eBook Description\u003cp\u003eWith small to large companies focusing on hardening their security systems, the term \"purple team\" has gained a lot of traction over the last couple of years. Purple teams represent a group of individuals responsible for securing an organization's environment using both red team and blue team testing and integration – if you're ready to join or advance their ranks, then this book is for you.\u003c\/p\u003e\u003cp\u003ePurple Team Strategies will get you up and running with the exact strategies and techniques used by purple teamers to implement and then maintain a robust environment. You'll start with planning and prioritizing adversary emulation, and explore concepts around building a purple team infrastructure as well as simulating and defending against the most trendy ATT\u0026amp;CK tactics. You'll also dive into performing assessments and continuous testing with breach and attack simulations.\u003c\/p\u003e\u003cp\u003eOnce you've covered the fundamentals, you'll also learn tips and tricks to improve the overall maturity of your purple teaming capabilities along with measuring success with KPIs and reporting.\u003c\/p\u003e\u003cp\u003eWith the help of real-world use cases and examples, by the end of this book, you'll be able to integrate the best of both sides: red team tactics and blue team security measures.\u003c\/p\u003eWhat you will learn\u003cul\u003e\n\u003cli\u003eLearn and implement the generic purple teaming process\u003c\/li\u003e\n\u003cli\u003eUse cloud environments for assessment and automation\u003c\/li\u003e\n\u003cli\u003eIntegrate cyber threat intelligence as a process\u003c\/li\u003e\n\u003cli\u003eConfigure traps inside the network to detect attackers\u003c\/li\u003e\n\u003cli\u003eImprove red and blue team collaboration with existing and new tools\u003c\/li\u003e\n\u003cli\u003ePerform assessments of your existing security controls\u003c\/li\u003e\n\u003c\/ul\u003eWho this book is for\u003cp\u003eIf you're a cybersecurity analyst, SOC engineer, security leader or strategist, or simply interested in learning about cyber attack and defense strategies, then this book is for you. Purple team members and chief information security officers (CISOs) looking at securing their organizations from adversaries will also benefit from this book. You'll need some basic knowledge of Windows and Linux operating systems along with a fair understanding of networking concepts before you can jump in, while ethical hacking and penetration testing know-how will help you get the most out of this book.\u003c\/p\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003eTable of Contents\u003col\u003e\n\u003cli\u003eContextualizing Threats and Today's Challenges\u003c\/li\u003e\n\u003cli\u003ePurple Teaming – a Generic Approach and a New Model\u003c\/li\u003e\n\u003cli\u003eCarrying Out Adversary Emulation with CTI\u003c\/li\u003e\n\u003cli\u003eThreat Management – Detecting, Hunting, and Preventing\u003c\/li\u003e\n\u003cli\u003eRed Team Infrastructure\u003c\/li\u003e\n\u003cli\u003eBlue Team – Collect\u003c\/li\u003e\n\u003cli\u003eBlue Team – Detect\u003c\/li\u003e\n\u003cli\u003eBlue Team – Correlate\u003c\/li\u003e\n\u003cli\u003ePurple Team Infrastructure\u003c\/li\u003e\n\u003cli\u003ePurple Teaming the ATT\u0026amp;CK Tactics\u003c\/li\u003e\n\u003cli\u003ePurple Teaming with BAS and Adversary Emulation\u003c\/li\u003e\n\u003cli\u003ePTX – Purple Teaming eXtended\u003c\/li\u003e\n\u003cli\u003ePTX – Automation and DevOps Approach\u003c\/li\u003e\n\u003cli\u003eExercise Wrap-Up and KPIs\u003c\/li\u003e\n\u003c\/ol\u003e","brand":"Packt Publishing Limited","offers":[{"title":"Default Title","offer_id":52085569323351,"sku":"9781801074292","price":36.37,"currency_code":"GBP","in_stock":true}]},{"product_id":"cloud-penetration-testing-for-red-teamers-learn-how-to-effectively-pentest-aws-azure-and-gcp-applications-9781803248486","title":"Cloud Penetration Testing for Red Teamers: Learn how to effectively pentest AWS, Azure, and GCP applications","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003eGet to grips with cloud exploits, learn the fundamentals of cloud security, and secure your organization’s network by pentesting AWS, Azure, and GCP effectively Key Features Discover how enterprises use AWS, Azure, and GCP as well as the applications and services unique to each platform Understand the key principles of successful pentesting and its application to cloud networks, DevOps, and containerized networks (Docker and Kubernetes) Get acquainted with the penetration testing tools and security measures specific to each platform Purchase of the print or Kindle book includes a free PDF eBook Book DescriptionWith AWS, Azure, and GCP gaining prominence, mastering their unique features, ecosystems, and penetration testing protocols has become an indispensable skill, which is precisely what this pentesting guide for cloud platforms will help you achieve. As you navigate through the chapters, you’ll explore the intricacies of cloud security testing and gain valuable insights into how pentesters and red teamers evaluate cloud environments effectively. In addition to its coverage of these cloud platforms, the book also guides you through modern methodologies for testing containerization technologies such as Docker and Kubernetes, which are fast becoming staples in the cloud ecosystem. Additionally, it places extended focus on penetration testing AWS, Azure, and GCP through serverless applications and specialized tools. These sections will equip you with the tactics and tools necessary to exploit vulnerabilities specific to serverless architecture, thus providing a more rounded skill set. By the end of this cloud security book, you’ll not only have a comprehensive understanding of the standard approaches to cloud penetration testing but will also be proficient in identifying and mitigating vulnerabilities that are unique to cloud environments.What you will learn Familiarize yourself with the evolution of cloud networks Navigate and secure complex environments that use more than one cloud service Conduct vulnerability assessments to identify weak points in cloud configurations Secure your cloud infrastructure by learning about common cyber attack techniques Explore various strategies to successfully counter complex cloud attacks Delve into the most common AWS, Azure, and GCP services and their applications for businesses Understand the collaboration between red teamers, cloud administrators, and other stakeholders for cloud pentesting Who this book is forThis book is for pentesters, aspiring pentesters, and red team members seeking specialized skills for leading cloud platforms—AWS, Azure, and GCP. Those working in defensive security roles will also find this book useful to extend their cloud security skills.\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003eTable of Contents\u003col\u003e\n\u003cli\u003eHow Do Enterprises Utilize and Implement Cloud Networks?\u003c\/li\u003e\n\u003cli\u003eHow Are Cloud Networks Cyber Attacked?\u003c\/li\u003e\n\u003cli\u003eKey Concepts for Pentesting Today’s Cloud Networks\u003c\/li\u003e\n\u003cli\u003eSecurity Features in AWS\u003c\/li\u003e\n\u003cli\u003ePentesting AWS Features through Serverless Applications and Tools\u003c\/li\u003e\n\u003cli\u003ePentesting Containerized Applications in AWS\u003c\/li\u003e\n\u003cli\u003eSecurity Features in Azure\u003c\/li\u003e\n\u003cli\u003ePentesting Azure Features through Serverless Applications and Tools\u003c\/li\u003e\n\u003cli\u003ePentesting Containerized Applications in Azure\u003c\/li\u003e\n\u003cli\u003eSecurity Features in GCP\u003c\/li\u003e\n\u003cli\u003ePentesting GCP Features through Serverless Applications and Tools\u003c\/li\u003e\n\u003cli\u003ePentesting Containerized Applications in GCP\u003c\/li\u003e\n\u003cli\u003eBest Practices and Summary\u003c\/li\u003e\n\u003c\/ol\u003e","brand":"Packt Publishing Limited","offers":[{"title":"Default Title","offer_id":52085580693847,"sku":"9781803248486","price":36.09,"currency_code":"GBP","in_stock":true}]},{"product_id":"malware-science-a-comprehensive-guide-to-detection-analysis-and-compliance-9781804618646","title":"Malware Science: A comprehensive guide to detection, analysis, and compliance","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003eUnlock the secrets of malware data science with cutting-edge techniques, AI-driven analysis, and international compliance standards to stay ahead of the ever-evolving cyber threat landscape Key Features Get introduced to three primary AI tactics used in malware and detection Leverage data science tools to combat critical cyber threats Understand regulatory requirements for using AI in cyber threat management Purchase of the print or Kindle book includes a free PDF eBook Book DescriptionIn today's world full of online threats, the complexity of harmful software presents a significant challenge for detection and analysis. This insightful guide will teach you how to apply the principles of data science to online security, acting as both an educational resource and a practical manual for everyday use. Malware Science starts by explaining the nuances of malware, from its lifecycle to its technological aspects before introducing you to the capabilities of data science in malware detection by leveraging machine learning, statistical analytics, and social network analysis. As you progress through the chapters, you’ll explore the analytical methods of reverse engineering, machine language, dynamic scrutiny, and behavioral assessments of malicious software. You’ll also develop an understanding of the evolving cybersecurity compliance landscape with regulations such as GDPR and CCPA, and gain insights into the global efforts in curbing cyber threats. By the end of this book, you’ll have a firm grasp on the modern malware lifecycle and how you can employ data science within cybersecurity to ward off new and evolving threats.What you will learn Understand the science behind malware data and its management lifecycle Explore anomaly detection with signature and heuristics-based methods Analyze data to uncover relationships between data points and create a network graph Discover methods for reverse engineering and analyzing malware Use ML, advanced analytics, and data mining in malware data analysis and detection Explore practical insights and the future state of AI’s use for malware data science Understand how NLP AI employs algorithms to analyze text for malware detection Who this book is forThis book is for cybersecurity experts keen on adopting data-driven defense methods. Data scientists will learn how to apply their skill set to address critical security issues, and compliance officers navigating global regulations like GDPR and CCPA will gain indispensable insights. Academic researchers exploring the intersection of data science and cybersecurity, IT decision-makers overseeing organizational strategy, and tech enthusiasts eager to understand modern cybersecurity will also find plenty of useful information in this guide. A basic understanding of cybersecurity and information technology is a prerequisite.\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003eTable of Contents\u003col\u003e\n\u003cli\u003eMalware Data Science Life Cycle Overview\u003c\/li\u003e\n\u003cli\u003eAn Overview of the International History of Cyber Malware Impacts\u003c\/li\u003e\n\u003cli\u003eTopological Data Analysis for Malware Detection and Analysis\u003c\/li\u003e\n\u003cli\u003eArtificial Intelligence for Malware Data Analysis and Detection\u003c\/li\u003e\n\u003cli\u003eBehavior-Based Malware Data Analysis and Detection\u003c\/li\u003e\n\u003cli\u003eThe Future State of Malware Data Analysis and Detection\u003c\/li\u003e\n\u003cli\u003eThe Future State of Key International Compliance Requirements\u003c\/li\u003e\n\u003cli\u003eEpilogue – A Harmonious Overture to the Future of Malware Data Science and Cybersecurity\u003c\/li\u003e\n\u003c\/ol\u003e","brand":"Packt Publishing Limited","offers":[{"title":"Default Title","offer_id":52085591146839,"sku":"9781804618646","price":32.29,"currency_code":"GBP","in_stock":true}]},{"product_id":"python-for-security-and-networking-leverage-python-modules-and-tools-in-securing-your-network-and-applications-9781837637553","title":"Python for Security and Networking: Leverage Python modules and tools in securing your network and applications","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003eGain a firm, practical understanding of securing your network and utilize Python’s packages to detect vulnerabilities in your application Key Features Discover security techniques to protect your network and systems using Python Create scripts in Python to automate security and pentesting tasks Analyze traffic in a network and extract information using Python Book DescriptionPython’s latest updates add numerous libraries that can be used to perform critical security-related missions, including detecting vulnerabilities in web applications, taking care of attacks, and helping to build secure and robust networks that are resilient to them. This fully updated third edition will show you how to make the most of them and improve your security posture. The first part of this book will walk you through Python scripts and libraries that you’ll use throughout the book. Next, you’ll dive deep into the core networking tasks where you will learn how to check a network’s vulnerability using Python security scripting and understand how to check for vulnerabilities in your network – including tasks related to packet sniffing. You’ll also learn how to achieve endpoint protection by leveraging Python packages along with writing forensics scripts. The next part of the book will show you a variety of modern techniques, libraries, and frameworks from the Python ecosystem that will help you extract data from servers and analyze the security in web applications. You’ll take your first steps in extracting data from a domain using OSINT tools and using Python tools to perform forensics tasks. By the end of this book, you will be able to make the most of Python to test the security of your network and applications.What you will learn Program your own tools in Python that can be used in a Network Security process Automate tasks of analysis and extraction of information from servers Detect server vulnerabilities and analyze security in web applications Automate security and pentesting tasks by creating scripts with Python Utilize the ssh-audit tool to check the security in SSH servers Explore WriteHat as a pentesting reports tool written in Python Automate the process of detecting vulnerabilities in applications with tools like Fuxploider Who this book is forThis Python book is for network engineers, system administrators, and other security professionals looking to overcome common networking and security issues using Python. You will also find this book useful if you're an experienced programmer looking to explore Python’s full range of capabilities. A basic understanding of general programming structures as well as familiarity with the Python programming language is a prerequisite.\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003eTable of Contents\u003col\u003e\n\u003cli\u003eWorking with Python Scripting\u003c\/li\u003e\n\u003cli\u003eSystem Programming Packages\u003c\/li\u003e\n\u003cli\u003eSocket Programming\u003c\/li\u003e\n\u003cli\u003eHTTP Programming and Web Authentication\u003c\/li\u003e\n\u003cli\u003eAnalyzing Network Traffic and Packets Sniffing\u003c\/li\u003e\n\u003cli\u003eGathering Information from Servers with OSINT Tools\u003c\/li\u003e\n\u003cli\u003eInteracting with FTP, SFTP, and SSH Servers\u003c\/li\u003e\n\u003cli\u003eWorking with Nmap Scanner\u003c\/li\u003e\n\u003cli\u003eInteracting with Vulnerability Scanners\u003c\/li\u003e\n\u003cli\u003eInteracting with Server Vulnerabilities in Web Applications\u003c\/li\u003e\n\u003cli\u003eObtain Information from Vulnerabilities Databases\u003c\/li\u003e\n\u003cli\u003eExtracting Geolocation and Metadata from Documents, Images, and Browsers\u003c\/li\u003e\n\u003cli\u003ePython Tools for Brute-Force Attacks\u003c\/li\u003e\n\u003cli\u003eCryptography and Code Obfuscation\u003c\/li\u003e\n\u003cli\u003eAssessments – Answers to the End-of-Chapter Questions\u003c\/li\u003e\n\u003c\/ol\u003e","brand":"Packt Publishing Limited","offers":[{"title":"Default Title","offer_id":52085619032407,"sku":"9781837637553","price":37.99,"currency_code":"GBP","in_stock":true}]},{"product_id":"digital-forensics-and-incident-response-incident-response-techniques-and-procedures-to-respond-to-modern-cyber-threats-2nd-edition-9781838649005","title":"Digital Forensics and Incident Response: Incident response techniques and procedures to respond to modern cyber threats, 2nd Edition","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cp\u003e\u003cb\u003eBuild your organization’s cyber defense system by effectively implementing digital forensics and incident management techniques\u003c\/b\u003e\u003c\/p\u003eKey Features\u003cul\u003e\n\u003cli\u003eCreate a solid incident response framework and manage cyber incidents effectively\u003c\/li\u003e\n\u003cli\u003ePerform malware analysis for effective incident response\u003c\/li\u003e\n\u003cli\u003eExplore real-life scenarios that effectively use threat intelligence and modeling techniques\u003c\/li\u003e\n\u003c\/ul\u003eBook Description\u003cp\u003eAn understanding of how digital forensics integrates with the overall response to cybersecurity incidents is key to securing your organization's infrastructure from attacks. This updated second edition will help you perform cutting-edge digital forensic activities and incident response.\u003c\/p\u003e\u003cp\u003eAfter focusing on the fundamentals of incident response that are critical to any information security team, you’ll move on to exploring the incident response framework. From understanding its importance to creating a swift and effective response to security incidents, the book will guide you with the help of useful examples. You’ll later get up to speed with digital forensic techniques, from acquiring evidence and examining volatile memory through to hard drive examination and network-based evidence. As you progress, you’ll discover the role that threat intelligence plays in the incident response process. You’ll also learn how to prepare an incident response report that documents the findings of your analysis. Finally, in addition to various incident response activities, the book will address malware analysis, and demonstrate how you can proactively use your digital forensic skills in threat hunting.\u003c\/p\u003e\u003cp\u003eBy the end of this book, you’ll have learned how to efficiently investigate and report unwanted security breaches and incidents in your organization.\u003c\/p\u003eWhat you will learn\u003cul\u003e\n\u003cli\u003eCreate and deploy an incident response capability within your own organization\u003c\/li\u003e\n\u003cli\u003ePerform proper evidence acquisition and handling\u003c\/li\u003e\n\u003cli\u003eAnalyze the evidence collected and determine the root cause of a security incident\u003c\/li\u003e\n\u003cli\u003eBecome well-versed with memory and log analysis\u003c\/li\u003e\n\u003cli\u003eIntegrate digital forensic techniques and procedures into the overall incident response process\u003c\/li\u003e\n\u003cli\u003eUnderstand the different techniques for threat hunting\u003c\/li\u003e\n\u003cli\u003eWrite effective incident reports that document the key findings of your analysis\u003c\/li\u003e\n\u003c\/ul\u003eWho this book is for\u003cp\u003eThis book is for cybersecurity and information security professionals who want to implement digital forensics and incident response in their organization. You will also find the book helpful if you are new to the concept of digital forensics and are looking to get started with the fundamentals. A basic understanding of operating systems and some knowledge of networking fundamentals are required to get started with this book.\u003c\/p\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003eTable of Contents\u003col\u003e\n\u003cli\u003eUnderstanding Incident Response\u003c\/li\u003e\n\u003cli\u003eManaging Cyber Incidents\u003c\/li\u003e\n\u003cli\u003eFundamentals of Digital Forensics\u003c\/li\u003e\n\u003cli\u003eCollecting Network Evidence\u003c\/li\u003e\n\u003cli\u003eAcquiring Host-Based Evidence\u003c\/li\u003e\n\u003cli\u003eForensic Imaging\u003c\/li\u003e\n\u003cli\u003eAnalyzing Network Evidence\u003c\/li\u003e\n\u003cli\u003eAnalyzing System Memory\u003c\/li\u003e\n\u003cli\u003eAnalyzing System Storage\u003c\/li\u003e\n\u003cli\u003eAnalyzing Log Files\u003c\/li\u003e\n\u003cli\u003eWriting the Incident Report\u003c\/li\u003e\n\u003cli\u003eMalware Analysis for Incident Response\u003c\/li\u003e\n\u003cli\u003eLeveraging Threat Intelligence\u003c\/li\u003e\n\u003cli\u003eHunting for Threats\u003c\/li\u003e\n\u003cli\u003eAppendix\u003c\/li\u003e\n\u003c\/ol\u003e","brand":"Packt Publishing Limited","offers":[{"title":"Default Title","offer_id":52085631680855,"sku":"9781838649005","price":44.99,"currency_code":"GBP","in_stock":true}]},{"product_id":"practical-threat-intelligence-and-data-driven-threat-hunting-a-hands-on-guide-to-threat-hunting-with-the-att-ck-framework-and-open-source-tools-9781838556372","title":"Practical Threat Intelligence and Data-Driven Threat Hunting: A hands-on guide to threat hunting with the ATT\u0026CK™ Framework and open source tools","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003eGet to grips with cyber threat intelligence and data-driven threat hunting while exploring expert tips and techniques Key Features Set up an environment to centralize all data in an Elasticsearch, Logstash, and Kibana (ELK) server that enables threat hunting Carry out atomic hunts to start the threat hunting process and understand the environment Perform advanced hunting using MITRE ATT\u0026amp;CK Evals emulations and Mordor datasets Book DescriptionThreat hunting (TH) provides cybersecurity analysts and enterprises with the opportunity to proactively defend themselves by getting ahead of threats before they can cause major damage to their business. This book is not only an introduction for those who don't know much about the cyber threat intelligence (CTI) and TH world, but also a guide for those with more advanced knowledge of other cybersecurity fields who are looking to implement a TH program from scratch. You will start by exploring what threat intelligence is and how it can be used to detect and prevent cyber threats. As you progress, you'll learn how to collect data, along with understanding it by developing data models. The book will also show you how to set up an environment for TH using open source tools. Later, you will focus on how to plan a hunt with practical examples, before going on to explore the MITRE ATT\u0026amp;CK framework. By the end of this book, you'll have the skills you need to be able to carry out effective hunts in your own environment. What you will learn Understand what CTI is, its key concepts, and how it is useful for preventing threats and protecting your organization Explore the different stages of the TH process Model the data collected and understand how to document the findings Simulate threat actor activity in a lab environment Use the information collected to detect breaches and validate the results of your queries Use documentation and strategies to communicate processes to senior management and the wider business Who this book is forIf you are looking to start out in the cyber intelligence and threat hunting domains and want to know more about how to implement a threat hunting division with open-source tools, then this cyber threat intelligence book is for you.\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003eTable of Contents What is Cyber Threat Intelligence? What is Threat Hunting? Where Does the Data Come From? Mapping the Adversary Working with Data Emulating the Adversary Creating a Research Environment How to Query the Data Hunting for the Adversary Importance of Documenting and Automating the Process Assessing Data Quality Understanding the Output Defining Good Metrics to Track Success Engaging the Response Team and Communicating the Result to Executives","brand":"Packt Publishing Limited","offers":[{"title":"Default Title","offer_id":52085631910231,"sku":"9781838556372","price":33.99,"currency_code":"GBP","in_stock":true}]},{"product_id":"cybersecurity-attacks-red-team-strategies-a-practical-guide-to-building-a-penetration-testing-program-having-homefield-advantage-9781838828868","title":"Cybersecurity Attacks – Red Team Strategies: A practical guide to building a penetration testing program having homefield advantage","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cp\u003e\u003cb\u003eDevelop your red team skills by learning essential foundational tactics, techniques, and procedures, and boost the overall security posture of your organization by leveraging the homefield advantage\u003c\/b\u003e\u003c\/p\u003eKey Features\u003cul\u003e\n\u003cli\u003eBuild, manage, and measure an offensive red team program\u003c\/li\u003e\n\u003cli\u003eLeverage the homefield advantage to stay ahead of your adversaries\u003c\/li\u003e\n\u003cli\u003eUnderstand core adversarial tactics and techniques, and protect pentesters and pentesting assets\u003c\/li\u003e\n\u003c\/ul\u003eBook Description\u003cp\u003eIt's now more important than ever for organizations to be ready to detect and respond to security events and breaches. Preventive measures alone are not enough for dealing with adversaries. A well-rounded prevention, detection, and response program is required. This book will guide you through the stages of building a red team program, including strategies and homefield advantage opportunities to boost security.\u003c\/p\u003e\u003cp\u003eThe book starts by guiding you through establishing, managing, and measuring a red team program, including effective ways for sharing results and findings to raise awareness. Gradually, you'll learn about progressive operations such as cryptocurrency mining, focused privacy testing, targeting telemetry, and even blue team tooling. Later, you'll discover knowledge graphs and how to build them, then become well-versed with basic to advanced techniques related to hunting for credentials, and learn to automate Microsoft Office and browsers to your advantage. Finally, you'll get to grips with protecting assets using decoys, auditing, and alerting with examples for major operating systems.\u003c\/p\u003e\u003cp\u003eBy the end of this book, you'll have learned how to build, manage, and measure a red team program effectively and be well-versed with the fundamental operational techniques required to enhance your existing skills.\u003c\/p\u003eWhat you will learn\u003cul\u003e\n\u003cli\u003eUnderstand the risks associated with security breaches\u003c\/li\u003e\n\u003cli\u003eImplement strategies for building an effective penetration testing team\u003c\/li\u003e\n\u003cli\u003eMap out the homefield using knowledge graphs\u003c\/li\u003e\n\u003cli\u003eHunt credentials using indexing and other practical techniques\u003c\/li\u003e\n\u003cli\u003eGain blue team tooling insights to enhance your red team skills\u003c\/li\u003e\n\u003cli\u003eCommunicate results and influence decision makers with appropriate data\u003c\/li\u003e\n\u003c\/ul\u003eWho this book is for\u003cp\u003eThis is one of the few detailed cybersecurity books for penetration testers, cybersecurity analysts, security leaders and strategists, as well as red team members and chief information security officers (CISOs) looking to secure their organizations from adversaries. The program management part of this book will also be useful for beginners in the cybersecurity domain. To get the most out of this book, some penetration testing experience, and software engineering and debugging skills are necessary.\u003c\/p\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003eTable of Contents\u003col\u003e\n\u003cli\u003eEstablishing an Offensive Security Program\u003c\/li\u003e\n\u003cli\u003eManaging an Offensive Security Team\u003c\/li\u003e\n\u003cli\u003eMeasuring an Offensive Security Program\u003c\/li\u003e\n\u003cli\u003eProgressive Red Team Operations\u003c\/li\u003e\n\u003cli\u003eSituational Awareness – Mapping Out the Homefield Using Graph Databases\u003c\/li\u003e\n\u003cli\u003eBuilding a Comprehensive Knowledge Graph\u003c\/li\u003e\n\u003cli\u003eHunting for Credentials\u003c\/li\u003e\n\u003cli\u003eAdvanced Credential Hunting\u003c\/li\u003e\n\u003cli\u003ePowerful Automation\u003c\/li\u003e\n\u003cli\u003eProtecting the Pen Tester\u003c\/li\u003e\n\u003cli\u003eTraps, Deceptions, and Honeypots\u003c\/li\u003e\n\u003cli\u003eBlue Team Tactics for the Red Team\u003c\/li\u003e\n\u003c\/ol\u003e","brand":"Packt Publishing Limited","offers":[{"title":"Default Title","offer_id":52085632074071,"sku":"9781838828868","price":38.34,"currency_code":"GBP","in_stock":true}]},{"product_id":"ethical-hacking-for-beginners-a-step-by-step-guide-for-you-to-learn-the-fundamentals-of-cybersecurity-and-hacking-9781956525922","title":"Ethical Hacking for Beginners: A Step by Step Guide for you to Learn the Fundamentals of CyberSecurity and Hacking","description":"","brand":"Nastase A. Ramon","offers":[{"title":"Default Title","offer_id":52085883634007,"sku":"9781956525922","price":10.44,"currency_code":"GBP","in_stock":true}]},{"product_id":"the-grc-bible-9798989609918","title":"The GRC Bible","description":"","brand":"Excelmindcyber LLC","offers":[{"title":"Default Title","offer_id":52086210789719,"sku":"9798989609918","price":84.14,"currency_code":"GBP","in_stock":true}]},{"product_id":"how-to-investigate-like-a-rockstar-live-a-real-crisis-to-master-the-secrets-of-forensic-analysis-9781549527623","title":"How to Investigate Like a Rockstar: Live a Real Crisis to Master the Secrets of Forensic Analysis","description":"","brand":"Independently Published","offers":[{"title":"Default Title","offer_id":52195337601367,"sku":"9781549527623","price":15.68,"currency_code":"GBP","in_stock":true}]},{"product_id":"conquest-in-cyberspace-national-security-and-information-warfare-9780521692144","title":"Conquest in Cyberspace National Security and Information Warfare","description":"\u003cp\u003ea huge range and FREE tracked UK delivery on ALL orders.\u003c\/p\u003e","brand":"Cambridge University Press","offers":[{"title":"Default Title","offer_id":53131013161303,"sku":"9780521692144","price":29.44,"currency_code":"GBP","in_stock":true}]},{"product_id":"conquest-in-cyberspace-national-security-and-information-warfare-9780521871600","title":"Conquest in Cyberspace National Security and Information Warfare","description":"\u003cp\u003ea huge range and FREE tracked UK delivery on ALL orders.\u003c\/p\u003e","brand":"Cambridge University Press","offers":[{"title":"Default Title","offer_id":53131347984727,"sku":"9780521871600","price":51.3,"currency_code":"GBP","in_stock":true}]},{"product_id":"cybersecurity-essentials-for-small-businesses-9781069643773","title":"Cybersecurity Essentials for Small Businesses","description":"","brand":"Acrasolution","offers":[{"title":"Default Title","offer_id":53186366734679,"sku":"9781069643773","price":15.57,"currency_code":"GBP","in_stock":false}]},{"product_id":"ai-in-cybersecurity-9781069643780","title":"AI In Cybersecurity","description":"","brand":"Acrasolution","offers":[{"title":"Default Title","offer_id":53186366767447,"sku":"9781069643780","price":15.57,"currency_code":"GBP","in_stock":false}]},{"product_id":"comment-proteger-votre-entreprise-des-cybermenaces-un-guide-complet-pour-aider-les-entreprises-a-renforcer-en-18-etapes-la-securite-de-leurs-donnees-et-systemes-informatiques-9781709096761","title":"Comment protéger votre entreprise des cybermenaces ?: Un guide complet pour aider les entreprises à renforcer en 18 étapes la sécurité de leurs données et systèmes informatiques","description":"","brand":"Independently Published","offers":[{"title":"Default Title","offer_id":53189743739223,"sku":"9781709096761","price":30.3,"currency_code":"GBP","in_stock":true}]},{"product_id":"red-team-engineering-9781718504264","title":"Red Team Engineering","description":"","brand":"No Starch Press,US","offers":[{"title":"Default Title","offer_id":53189770772823,"sku":"9781718504264","price":53.99,"currency_code":"GBP","in_stock":true}]},{"product_id":"isc-2-cissp-certified-information-systems-security-professional-399-exam-practice-questions-9781726608176","title":"(ISC)² CISSP Certified Information Systems Security Professional 399+ Exam Practice Questions","description":"","brand":"Independently Published","offers":[{"title":"Default Title","offer_id":53189814714711,"sku":"9781726608176","price":14.14,"currency_code":"GBP","in_stock":true}]},{"product_id":"cyber-certainty-9781738294237","title":"Cyber Certainty","description":"","brand":"Pearl Street Sourcing Advisory Services Inc","offers":[{"title":"Default Title","offer_id":53190015320407,"sku":"9781738294237","price":21.59,"currency_code":"GBP","in_stock":false}]},{"product_id":"cyber-security-kill-chain-tactics-and-strategies-9781835466094","title":"Cyber Security Kill Chain Tactics and Strategies","description":"","brand":"Packt Publishing Limited","offers":[{"title":"Default Title","offer_id":53191181664599,"sku":"9781835466094","price":33.99,"currency_code":"GBP","in_stock":false}]},{"product_id":"microsoft-365-administration-cookbook-9781835888025","title":"Microsoft 365 Administration Cookbook","description":"","brand":"Packt Publishing Limited","offers":[{"title":"Default Title","offer_id":53191240548695,"sku":"9781835888025","price":33.99,"currency_code":"GBP","in_stock":false}]},{"product_id":"cloud-defense-9781839389344","title":"Cloud Defense","description":"","brand":"Pastor Publishing Ltd","offers":[{"title":"Default Title","offer_id":53191383023959,"sku":"9781839389344","price":19.95,"currency_code":"GBP","in_stock":false}]},{"product_id":"firewalls-9781839389368","title":"Firewalls","description":"","brand":"Pastor Publishing Ltd","offers":[{"title":"Default Title","offer_id":53191383056727,"sku":"9781839389368","price":25.38,"currency_code":"GBP","in_stock":false}]},{"product_id":"cracking-9781839389382","title":"Cracking","description":"","brand":"Pastor Publishing Ltd","offers":[{"title":"Default Title","offer_id":53191383089495,"sku":"9781839389382","price":25.38,"currency_code":"GBP","in_stock":false}]},{"product_id":"burp-suite-hacking-9781839389429","title":"Burp Suite Hacking","description":"","brand":"Pastor Publishing Ltd","offers":[{"title":"Default Title","offer_id":53191383122263,"sku":"9781839389429","price":31.38,"currency_code":"GBP","in_stock":false}]},{"product_id":"metasploit-pentesting-9781839389443","title":"Metasploit Pentesting","description":"","brand":"Pastor Publishing Ltd","offers":[{"title":"Default Title","offer_id":53191383253335,"sku":"9781839389443","price":31.4,"currency_code":"GBP","in_stock":false}]}],"url":"https:\/\/bookcurl.com\/collections\/computer-viruses-trojans-and-worms.oembed?page=2","provider":"Book Curl","version":"1.0","type":"link"}