The Hacker Playbook: Practical Guide To Penetration Testing

Rating: 
Amazon Price: $24.99 $22.49 You save: $2.50 (10%). (as of July 23, 2017 12:10 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Just as a professional athlete doesn’t show up without a solid game plan, ethical hackers, IT professionals, and security researchers should not be unprepared, either. The Hacker Playbook provides them their own game plans. Written by a longtime security professional and CEO of Secure Planet, LLC, this step-by-step guide to the “game” of penetration hacking features hands-on examples and helpful advice from the top of the field.
Through a series of football-style “plays,” this straightforward guide gets to the root of many of the roadblocks people may face while penetration testing—including attacking different types of networks, pivoting through security controls, and evading antivirus software.
From “Pregame” research to “The Drive” and “The Lateral Pass,” the practical plays listed can be read in order or referenced as needed. Either way, the valuable advice within will put you in the mindset of a penetration tester of a Fortune 500 company, regardless of your career or level of experience.
Whether you’re downing energy drinks while desperately looking for an exploit, or preparing for an exciting new job in IT security, this guide is an essential part of any ethical hacker’s library—so there’s no reason not to get in the game.

24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them

Rating: 
Amazon Price: N/A (as of July 23, 2017 00:32 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

"What makes this book so important is that it reflects the experiences of two of the industry's most experienced hands at getting real-world engineers to understand just what they're being asked for when they're asked to write secure code. The book reflects Michael Howard's and David LeBlanc's experience in the trenches working with developers years after code was long since shipped, informing them of problems." –From the Foreword by Dan Kaminsky, Director of Penetration Testing, IOActive

Eradicate the Most Notorious Insecure Designs and Coding Vulnerabilities
Continue reading “24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them”

Applied Cyber Security and the Smart Grid: Implementing Security Controls into the Modern Power Infrastructure

Rating: 
Amazon Price: $59.95 $46.20 You save: $13.75 (23%). (as of July 23, 2017 09:07 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Many people think of the Smart Grid as a power distribution group built on advanced smart metering-but that's just one aspect of a much larger and more complex system. The "Smart Grid" requires new technologies throughout energy generation, transmission and distribution, and even the homes and businesses being served by the grid. This also represents new information paths between these new systems and services, all of which represents risk, requiring a more thorough approach to where and how cyber security controls are implemented.
This insight provides a detailed architecture of the entire Smart Grid, with recommended cyber security measures for everything from the supply chain to the consumer.Discover the potential of the Smart GridLearn in depth about its systemsSee its vulnerabilities and how best to protect it

Hacker Techniques, Tools, and Incident Handling (Jones & Bartlett Learning Information Systems Security & Assurance Series)

Rating: 
Amazon Price: $107.95 $39.80 You save: $68.15 (63%). (as of July 23, 2017 02:41 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Hacker Techniques, Tools, and Incident Handling begins with an examination of the landscape, key terms, and concepts that a security professional needs to know about hackers and computer criminals who break into networks, steal information, and corrupt data. It goes on to review the technical overview of hacking: how attacks target networks and the methodology they follow. The final section studies those methods that are most effective when dealing with hacking attacks, especially in an age of increased reliance on the Web. Written by a subject matter expert with numerous real-world examples, Hacker Techniques, Tools, and Incident Handling provides readers with a clear, comprehensive introduction to the many threats on our Internet environment and security and what can be done to combat them.

How to Define and Build an Effective Cyber Threat Intelligence Capability: How to Understand, Justify and Implement a New Approach to Security

Rating: 
Amazon Price: N/A (as of July 23, 2017 14:49 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Intelligence-Led Security: How to Understand, Justify and Implement a New Approach to Security is a concise review of the concept of Intelligence-Led Security. Protecting a business, including its information and intellectual property, physical infrastructure, employees, and reputation, has become increasingly difficult. Online threats come from all sides: internal leaks and external adversaries; domestic hacktivists and overseas cybercrime syndicates; targeted threats and mass attacks. And these threats run the gamut from targeted to indiscriminate to entirely accidental.

Among thought leaders and advanced organizations, the consensus is now clear. Defensive security measures: antivirus software, firewalls, and other technical controls and post-attack mitigation strategies are no longer sufficient. To adequately protect company assets and ensure business continuity, organizations must be more proactive. Increasingly, this proactive stance is being summarized by the phrase Intelligence-Led Security: the use of data to gain insight into what can happen, who is likely to be involved, how they are likely to attack and, if possible, to predict when attacks are likely to come. In this book, the authors review the current threat-scape and why it requires this new approach, offer a clarifying definition of what Cyber Threat Intelligence is, describe how to communicate its value to business, and lay out concrete steps toward implementing Intelligence-Led Security.
Continue reading “How to Define and Build an Effective Cyber Threat Intelligence Capability: How to Understand, Justify and Implement a New Approach to Security”