From Hacking to Report Writing: An Introduction to Security and Penetration Testing

Amazon Price: $49.99 $49.99 (as of December 11, 2017 23:14 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Learn everything you need to know to become a professional security and penetration tester. It simplifies hands-on security and penetration testing by breaking down each step of the process so that finding vulnerabilities and misconfigurations becomes easy. The book explains how to methodically locate, exploit, and professionally report security weaknesses using techniques such as SQL-injection, denial-of-service attacks, and password hacking.

Although From Hacking to Report Writing will give you the technical know-how needed to carry out advanced security tests, it also offers insight into crafting professional looking reports describing your work and how your customers can benefit from it. The book will give you the tools you need to clearly communicate the benefits of high-quality security and penetration testing to IT-management, executives and other stakeholders. Embedded in the book are a number of on-the-job stories that will give you a good understanding of how you can apply what you have learned to real-world situations.
Continue reading “From Hacking to Report Writing: An Introduction to Security and Penetration Testing”

Introduction to Cyberdeception

Amazon Price: $89.99 $79.99 You save: $10.00 (11%). (as of December 11, 2017 12:02 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

This book is an introduction to both offensive and defensive techniques of cyberdeception. Unlike most books on cyberdeception, this book focuses on methods rather than detection. It treats cyberdeception techniques that are current, novel, and practical, and that go well beyond traditional honeypots. It contains features friendly for classroom use: (1) minimal use of programming details and mathematics, (2) modular chapters that can be covered in many orders, (3) exercises with each chapter, and (4) an extensive reference list.

Cyberattacks have grown serious enough that understanding and using deception is essential to safe operation in cyberspace. The deception techniques covered are impersonation, delays, fakes, camouflage, false excuses, and social engineering. Special attention is devoted to cyberdeception in industrial control systems and within operating systems. This material is supported by a detailed discussion of how to plan deceptions and calculate their detectability and effectiveness. Some of the chapters provide further technical details of specific deception techniques and their application.
Continue reading “Introduction to Cyberdeception”

Critical Infrastructure Protection: Advances in Critical Infrastructure Protection: Information Infrastructure Models, Analysis, and Defense (Lecture Notes in Computer Science)

Rating: 
Amazon Price: $89.99 $76.84 You save: $13.15 (15%). (as of December 11, 2017 22:14 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

The present volume aims to provide an overview of the current understanding of the so-called Critical Infrastructure (CI), and particularly the Critical Information Infrastructure (CII), which not only forms one of the constituent sectors of the overall CI, but also is unique in providing an element of interconnection between sectors as well as often also intra-sectoral control mechanisms. The 14 papers of this book present a collection of pieces of scientific work in the areas of critical infrastructure protection. In combining elementary concepts and models with policy-related issues on one hand and placing an emphasis on the timely area of control systems, the book aims to highlight some of the key issues facing the research community.

Enterprise Cybersecurity: How to Build a Successful Cyberdefense Program Against Advanced Threats

Rating: 
Amazon Price: $69.99 $48.45 You save: $21.54 (31%). (as of December 11, 2017 02:57 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Enterprise Cybersecurity empowers organizations of all sizes to defend themselves with next-generation cybersecurity programs against the escalating threat of modern targeted cyberattacks. This book presents a comprehensive framework for managing all aspects of an enterprise cybersecurity program. It enables an enterprise to architect, design, implement, and operate a coherent cybersecurity program that is seamlessly coordinated with policy, programmatics, IT life cycle, and assessment.

Fail-safe cyberdefense is a pipe dream. Given sufficient time, an intelligent attacker can eventually defeat defensive measures protecting an enterprise’s computer systems and IT networks.
Continue reading “Enterprise Cybersecurity: How to Build a Successful Cyberdefense Program Against Advanced Threats”

Automatic Malware Analysis: An Emulator Based Approach (SpringerBriefs in Computer Science)

Amazon Price: $39.95 $39.95 (as of December 11, 2017 23:10 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Malicious software (i.e., malware) has become a severe threat to interconnected computer systems for decades and has caused billions of dollars damages each year. A large volume of new malware samples are discovered daily. Even worse, malware is rapidly evolving becoming more sophisticated and evasive to strike against current malware analysis and defense systems. Automatic Malware Analysis presents a virtualized malware analysis framework that addresses common challenges in malware analysis. In regards to this new analysis framework, a series of analysis techniques for automatic malware analysis is developed. These techniques capture intrinsic characteristics of malware, and are well suited for dealing with new malware samples and attack mechanisms.