Enterprise Cybersecurity: How to Build a Successful Cyberdefense Program Against Advanced Threats

Rating: 
Amazon Price: N/A (as of May 27, 2017 22:50 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Enterprise Cybersecurity empowers organizations of all sizes to defend themselves with next-generation cybersecurity programs against the escalating threat of modern targeted cyberattacks. This book presents a comprehensive framework for managing all aspects of an enterprise cybersecurity program. It enables an enterprise to architect, design, implement, and operate a coherent cybersecurity program that is seamlessly coordinated with policy, programmatics, IT life cycle, and assessment.

Fail-safe cyberdefense is a pipe dream. Given sufficient time, an intelligent attacker can eventually defeat defensive measures protecting an enterprise’s computer systems and IT networks.
Continue reading “Enterprise Cybersecurity: How to Build a Successful Cyberdefense Program Against Advanced Threats”

Web Penetration Testing with Kali Linux

Rating: 
Amazon Price: $49.99 $49.99 (as of May 27, 2017 22:54 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Testing web security is best done through simulating an attack. Kali Linux lets you do this to professional standards and this is the book you need to be fully up-to-speed with this powerful open-source toolkit.
Overview Learn key reconnaissance concepts needed as a penetration tester Attack and exploit key features, authentication, and sessions on web applications Learn how to protect systems, write reports, and sell web penetration testing services
In Detail
Kali Linux is built for professional penetration testing and security auditing. It is the next-generation of BackTrack, the most popular open-source penetration toolkit in the world. Readers will learn how to think like real attackers, exploit systems, and expose vulnerabilities.
Even though web applications are developed in a very secure environment and have an intrusion detection system and firewall in place to detect and prevent any malicious activity, open ports are a pre-requisite for conducting online business. These ports serve as an open door for attackers to attack these applications. As a result, penetration testing becomes essential to test the integrity of web-applications. Web Penetration Testing with Kali Linux is a hands-on guide that will give you step-by-step methods on finding vulnerabilities and exploiting web applications.
"Web Penetration Testing with Kali Linux" looks at the aspects of web penetration testing from the mind of an attacker. It provides real-world, practical step-by-step instructions on how to perform web penetration testing exercises.
You will learn how to use network reconnaissance to pick your targets and gather information. Then, you will use server-side attacks to expose vulnerabilities in web servers and their applications. Client attacks will exploit the way end users use web applications and their workstations. You will also learn how to use open source tools to write reports and get tips on how to sell penetration tests and look out for common pitfalls.
On the completion of this book, you will have the skills needed to use Kali Linux for web penetration tests and expose vulnerabilities on web applications and clients that access them.
What you will learn from this book Perform vulnerability reconnaissance to gather information on your targets Expose server vulnerabilities and take advantage of them to gain privileged access Exploit client-based systems using web application protocols Learn how to use SQL and cross-site scripting (XSS) attacks Steal authentications through session hijacking techniques Harden systems so other attackers do not exploit them easily Generate reports for penetration testers Learn tips and trade secrets from real world penetration testers
Approach
"Web Penetration Testing with Kali Linux" contains various penetration testing methods using BackTrack that will be used by the reader. It contains clear step-by-step instructions with lot of screenshots. It is written in an easy to understand language which will further simplify the understanding for the user.

Gray Hat Python: Python Programming for Hackers and Reverse Engineers

Rating: 
Amazon Price: $39.95 $26.88 You save: $13.07 (33%). (as of May 28, 2017 06:28 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Python is fast becoming the programming language of choice for hackers, reverse engineers, and software testers because it's easy to write quickly, and it has the low-level support and libraries that make hackers happy. But until now, there has been no real manual on how to use Python for a variety of hacking tasks. You had to dig through forum posts and man pages, endlessly tweaking your own code to get everything working. Not anymore.

Gray Hat Python explains the concepts behind hacking tools and techniques like debuggers, trojans, fuzzers, and emulators. But author Justin Seitz goes beyond theory, showing you how to harness existing Python-based security tools – and how to build your own when the pre-built ones won't cut it.
Continue reading “Gray Hat Python: Python Programming for Hackers and Reverse Engineers”

Cyber-Risk Informatics: Engineering Evaluation with Data Science

Amazon Price: $130.00 $107.90 You save: $22.10 (17%). (as of May 27, 2017 23:32 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

This book provides a scientific modeling approach for conducting metrics-based quantitative risk assessments of cybersecurity vulnerabilities and threats. This book provides a scientific modeling approach for conducting metrics-based quantitative risk assessments of cybersecurity threats. The author builds from a common understanding based on previous class-tested works to introduce the reader to the current and newly innovative approaches to address the maliciously-by-human-created (rather than by-chance-occurring) vulnerability and threat, and related cost-effective management to mitigate such risk. This book is purely statistical data-oriented (not deterministic) and employs computationally intensive techniques, such as Monte Carlo and Discrete Event Simulation. The enriched JAVA ready-to-go applications and solutions to exercises provided by the author at the book s specifically preserved website will enable readers to utilize the course related problems. Enables the reader to use the book's website's applications to implement and see results, and use them making budgetary sense Utilizes a data analytical approach and provides clear entry points for readers of varying skill sets and backgrounds Developed out of necessity from real in-class experience while teaching advanced undergraduate and graduate courses by the author Cyber-Risk Informatics is a resource for undergraduate students, graduate students, and practitioners in the field of Risk Assessment and Management regarding Security and Reliability Modeling. Mehmet Sahinoglu, a Professor (1990) Emeritus (2000), is the founder of the Informatics Institute (2009) and its SACS-accredited (2010) and NSA-certified (2013) flagship Cybersystems and Information Security (CSIS) graduate program (the first such full degree in-class program in Southeastern USA) at AUM, Auburn University s metropolitan campus in Montgomery, Alabama. He is a fellow member of the SDPS Society, a senior member of the IEEE, and an elected member of ISI. Sahinoglu is the recipient of Microsoft's Trustworthy Computing Curriculum (TCC) award and the author of Trustworthy Computing (Wiley, 2007).

Honeypots for Windows (Books for Professionals by Professionals)

Rating: 
Amazon Price: $39.99 $31.25 You save: $8.74 (22%). (as of May 28, 2017 09:59 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

* Talks about hardening a Windows host before deploying Honeypot

* Covers how to create your own emulated services to fool hackers
Continue reading “Honeypots for Windows (Books for Professionals by Professionals)”