Information security does not have to be complicated. Vulnerability to cyber attacks can be significantly reduced if the basics are practiced. A clear understanding of the fundamentals can help ensure that adequate detective and protective controls are in place, and that a solid information security foundation is established. This book covers concepts and controls. It is a good primer for those new to the field, and a refresher for the more seasoned practitioner. It is for those who are tasked with creating, leading, supporting or improving an organization’s cyber security program. The goal is to help clear some of the fog that can get in the way of implementing cyber security best practices. The security controls that are discussed in these 100 concise pages are each assigned a maturity level. This helps the reader determine which controls are most appropriate for it’s organization. Maturity of a program is based on its age, the resources that are available to it, and the amount of leadership support it enjoys. Advanced controls are not appropriate for a newly-established program, for example. Reading this book will break down cognitive barriers. It will provide security practitioners the best practices necessary to detect and mitigate common and sophisticated attacks. Building a solid information security foundation does not have to be complicated. It can be achieved by applying the fundamentals of cyber security.
The Definitive Guide to Building Firewalls with Linux
As the security challenges facing Linux system and network administrators have grown, the security tools and techniques available to them have improved dramatically. In Linux® Firewalls, Fourth Edition, long-time Linux security expert Steve Suehring has revamped his definitive Linux firewall guide to cover the important advances in Linux security.
Continue reading “Linux Firewalls: Enhancing Security with nftables and Beyond (4th Edition)”
This highly anticipated print collection gathers articles published in the much-loved International Journal of Proof-of-Concept or Get The Fuck Out.
PoC||GTFO follows in the tradition of Phrack and Uninformed by publishing on the subjects of offensive security research, reverse engineering, and file format internals. Until now, the journal has only been available online or printed and distributed for free at hacker conferences worldwide.
Continue reading “PoC or GTFO”
Utilize Python scripting to execute effective and efficient penetration tests
About This BookUnderstand how and where Python scripts meet the need for penetration testingFamiliarise yourself with the process of highlighting a specific methodology to exploit an environment to fetch critical dataDevelop your Python and penetration testing skills with real-world examples
Continue reading “Learning Penetration Testing with Python”
Red Teaming is can be described as a type of wargaming.In private business, penetration testers audit and test organization security, often in a secretive setting. The entire point of the Red Team is to see how weak or otherwise the organization’s security posture is. This course is particularly suited to CISO’s and CTO’s that need to learn how to build a successful Red Team, as well as budding cyber security professionals who would like to learn more about the world of information security.
Teaches readers how to dentify systemic security issues based on the analysis of vulnerability and configuration data
Continue reading “Next Generation Red Teaming”