Software is essential and pervasive in the modern world, but software acquisition, development, operation, and maintenance can involve substantial risk, allowing attackers to compromise millions of computers every year. This groundbreaking book provides a uniquely comprehensive guide to software security, ranging far beyond secure coding to outline rigorous processes and practices for managing system and software lifecycle operations. The book opens with a comprehensive guide to the software lifecycle, covering all elements, activities, and practices encompassed by the universally accepted ISO/IEEE 12207-2008 standard. The authors then proceed document proven management architecture and process framework models for software assurance, such as ISO 21827 (SSE-CMM), CERT-RMM, the Software Assurance Maturity Model, and NIST 800-53. Within these models, the authors present standards and practices related to key activities such as threat and risk evaluation, assurance cases, and adversarial testing. Ideal for new and experienced cybersecurity professionals alike in both the public and private sectors, this one-of-a-kind book prepares readers to create and manage coherent, practical, cost-effective operations to ensure defect-free systems and software.
Delivering up-to-the-minute coverage, COMPUTER SECURITY AND PENETRATION TESTING, Second Edition offers readers of all backgrounds and experience levels a well-researched and engaging introduction to the fascinating realm of network security. Spotlighting the latest threats and vulnerabilities, this cutting-edge text is packed with real-world examples that showcase today's most important and relevant security topics. It addresses how and why people attack computers and networks–equipping readers with the knowledge and techniques to successfully combat hackers. This edition also includes new emphasis on ethics and legal issues. The world of information security is changing every day – readers are provided with a clear differentiation between hacking myths and hacking facts. Straightforward in its approach, this comprehensive resource teaches the skills needed to go from hoping a system is secure to knowing that it is.
Trust the best selling Official Cert Guide series from Cisco Press to help you learn, prepare, and practice for exam success. They are built with the objective of providing assessment, review, and practice to help ensure you are fully prepared for your certification exam.
CCNP Security FIREWALL 642-618 Official Cert Guide presents you with an organized test preparation routine through the use of proven series elements and techniques. “Do I Know This Already?” quizzes open each chapter and enable you to decide how much time you need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly.
Continue reading “CCNP Security FIREWALL 642-618 Official Cert Guide”
La mayoría de ataques informáticos tienen un componente desafiante, doloroso, como un rugido. Sin embargo un ingeniero social experimentado es un arma letal contra la que resulta casi imposible defenderse. Su singularidad y arriesgadas soluciones pueden arreglar las vulnerabilidades técnicas más imprevistas. Chris Hadnagy h
Uncover hidden patterns of data and respond withcountermeasures
Security professionals need all the tools at their disposal toincrease their visibility in order to prevent security breaches andattacks. This careful guide explores two of the most powerful ?data analysis and visualization. You'll soon understand how toharness and wield data, from collection and storage to managementand analysis as well as visualization and presentation. Using ahands-on approach with real-world examples, this book shows you howto gather feedback, measure the effectiveness of your securitymethods, and make better decisions.
Continue reading “Data-Driven Security: Analysis, Visualization and Dashboards”