Adversarial Tradecraft in Cybersecurity. Offense versus defense in real-time computer conflict

Dan Borges

Little has been written about what to do when live hackers are on your system and running amok. Even experienced hackers tend to choke up when they realize the network defender has caught them and is zoning in on their implants in real time. This book will provide tips and tricks all along the kill chain of an attack, showing where hackers can have the upper hand in a live conflict and how defenders can outsmart them in this adversarial game of computer cat and mouse.This audiobook contains two subsections in each chapter, specifically focusing on the offensive and defensive teams. It begins by introducing you to adversarial operations and principles of computer conflict where you will explore the core principles of deception, humanity, economy, and more about human-on-human conflicts. Additionally, you will understand everything from planning to setting up infrastructure and tooling that both sides should have in place.Throughout this audiobook, you will learn how to gain an advantage over opponents by disappearing from what they can detect. You will further understand how to blend in, uncover other actors’ motivations and means, and learn to tamper with them to hinder their ability to detect your presence. Finally, you will learn how to gain an advantage through advanced research and thoughtfully concluding an operation.By the end of this audiobook, you will have achieved a solid understanding of cyberattacks from both an attacker’s and a defender’s perspective.

AWS Certified Cloud Practitioner Exam Guide. Build your cloud computing knowledge and build your skills as an AWS Certified Cloud Practitioner (CLF-C01)

Rajesh Daswani

Amazon Web Services is the largest cloud computing service provider in the world. Its foundational certification, AWS Certified Cloud Practitioner (CLF-C01), is the first step to fast-tracking your career in cloud computing. This certification will add value even to those in non-IT roles, including professionals from sales, legal, and finance who may be working with cloud computing or AWS projects. If you are a seasoned IT professional, this certification will make it easier for you to prepare for more technical certifications to progress up the AWS ladder and improve your career prospects.The book is divided into four parts. The first part focuses on the fundamentals of cloud computing and the AWS global infrastructure. The second part examines key AWS technology services, including compute, network, storage, and database services. The third part covers AWS security, the shared responsibility model, and several security tools. In the final part, you'll study the fundamentals of cloud economics and AWS pricing models and billing practices.Complete with exercises that highlight best practices for designing solutions, detailed use cases for each of the AWS services, quizzes, and two complete practice tests, this CLF-C01 exam study guide will help you gain the knowledge and hands-on experience necessary to ace the AWS Certified Cloud Practitioner exam.

Bezpiecznie już było. Jak żyć w świecie sieci, terrorystów i ciągłej niepewności

Paulina Polko, Roman Polko

  XXI wiek wszystkich strachów   W roku 1989 pożegnaliśmy komunizm i - nie wiedząc wtedy jeszcze o tym - powitaliśmy niepewność jutra. Zniknęły gwarancje zatrudnienia, jako społeczeństwo odbyliśmy przyspieszony kurs ekonomicznej samodzielności. Do NATO wkraczaliśmy z kilkunastoprocentowym bezrobociem i wielką rzeszą ludzi żyjących poniżej progu ubóstwa, ale gdzieś na niezbyt odległym horyzoncie pojawiła się już perspektywa wstąpienia do Unii Europejskiej i nadzieja na otwarcie się zagranicznych rynków na polskich pracowników. Później w dalekim Nowym Jorku w zamachu terrorystycznym runęły dwie wieże World Trade Center. To nas przeraziło, ale terroryści z turbanami na głowach byli dla nas tak odlegli jak - nie przymierzając - kosmici. Na naszym kontynencie był spokój, a w naszym kraju czuliśmy się szczególnie bezpiecznie, uznając, że to peryferia Zachodu. O, czyżby? Drugie dziesięciolecie obecnego wieku wytrąciło nas ze strefy komfortu. Za wschodnią granicą wybuchła regularna, choć oficjalnie niewypowiedziana wojna. Terroryści wyprowadzili się z odległego Iraku i Afganistanu, wybierając zamiast nich obiecaną ziemię Europy. Dziś już raz po raz natykamy się w internecie na cybernetyczne potyczki sterowanych sieciowych trolli. Z tsunami fake newsów coraz trudniej wyłowić rzetelne informacje... Czego naprawdę należy się bać? Czy będziemy obiektem ataku terrorystycznego? Czy polską ziemię mogą rozjechać rosyjskie czołgi? A może lepiej zamknąć oczy na politykę i zwyczajnie pilnować kursu franka, bo tym, co najbardziej zagraża naszemu bezpieczeństwu, są wahania wartości szwajcarskiej waluty? Jak żyć w świecie, który nieprędko (jeśli kiedykolwiek) znów będzie względnie bezpieczny, i nie dać się zwariować?   Co nam zagraża? Jak żyć bezpiecznie w sieciowej rzeczywistości? Jaka jest hierarchia potrzeb człowieka w świecie ciągłej niepewności? Odpowiedź na te fundamentalne pytania stanowi treść bogatej w fakty i przemyślenia książki Pauliny i Romana Polko. Napisana barwnym językiem, w sposób niezwykle przystępny tłumaczy czytelnikowi zawiłości i fenomeny współczesnego świata: konsekwencje migracji, terroryzmu, globalnego ocieplenia; zagadnienia wojen informacyjnych i cyberbezpieczeństwa, rywalizacji o zasoby i surowce naturalne. Nie zapomina przy tym o wyzwaniach bardziej tradycyjnych, związanych z konfliktami zbrojnymi i ekspansją terytorialną, współzawodnictwem ekonomicznym czy też przesuwaniem się ciężkości świata w kierunku Dalekiego Wschodu. Ciekawa, barwna i pełna szczegółów opowieść o bezpieczeństwie Polski i świata w XXI wieku. Nieszablonowa, obalająca stereotypy i polityczne mistyfikacje; pozwalająca zrozumieć wyzwania przyszłości, a nie rozpamiętywać przeszłe konflikty. Lektura obowiązkowa nie tylko dla zainteresowanych sprawami międzynarodowymi w naszym kraju. Aleksander Kwaśniewski, Prezydent RP w latach 1995-2005  

Building a Cyber Resilient Business. A cyber handbook for executives and boards

Dr. Magda Lilia Chelly, Shamane Tan, Hai Tran

With cyberattacks on the rise, it has become essential for C-suite executives and board members to step up and collectively recognize cyber risk as a top priority business risk. However, non-cyber executives find it challenging to understand their role in increasing the business’s cyber resilience due to its complex nature and the lack of a clear return on investment.This audiobook demystifies the perception that cybersecurity is a technical problem, drawing parallels between the key responsibilities of the C-suite roles to line up with the mission of the Chief Information Security Officer (CISO).The audiobook equips you with all you need to know about cyber risks to run the business effectively. Each chapter provides a holistic overview of the dynamic priorities of the C-suite (from the CFO to the CIO, COO, CRO, and so on), and unpacks how cybersecurity must be embedded in every business function. The audiobook also contains self-assessment questions, which are a helpful tool in evaluating any major cybersecurity initiatives and/or investment required.With this audiobook, you’ll have a deeper appreciation of the various ways all executives can contribute to the organization’s cyber program, in close collaboration with the CISO and the security team, and achieve a cyber-resilient, profitable, and sustainable business.

Cloud Auditing Best Practices. Perform Security and IT Audits across AWS, Azure, and GCP by building effective cloud auditing plans

Shinesa Cambric, Michael Ratemo

As more and more companies are moving to cloud and multi-cloud environments, being able to assess the compliance of these environments properly is becoming more important. But in this fast-moving domain, getting the most up-to-date information is a challenge—so where do you turn?Cloud Auditing Best Practices has all the information you’ll need. With an explanation of the fundamental concepts and hands-on walk-throughs of the three big cloud players, this audiobook will get you up to speed with cloud auditing before you know it.After a quick introduction to cloud architecture and an understanding of the importance of performing cloud control assessments, you’ll quickly get to grips with navigating AWS, Azure, and GCP cloud environments. As you explore the vital role an IT auditor plays in any company’s network, you'll learn how to successfully build cloud IT auditing programs, including using standard tools such as Terraform, Azure Automation, AWS Policy Sentry, and many more.You’ll also get plenty of tips and tricks for preparing an effective and advanced audit and understanding how to monitor and assess cloud environments using standard tools.By the end of this audiobook, you will be able to confidently apply and assess security controls for AWS, Azure, and GCP, allowing you to independently and effectively confirm compliance in the cloud.

Cloud Identity Patterns and Strategies. Design enterprise cloud identity models with OAuth 2.0 and Azure Active Directory

Giuseppe Di Federico, Fabrizio Barcaroli

Identity is paramount for every architecture design, making it crucial for enterprise and solutions architects to understand the benefits and pitfalls of implementing identity patterns. However, information on cloud identity patterns is generally scattered across different sources and rarely approached from an architect’s perspective, and this is what Cloud Identity Patterns and Strategies aims to solve, empowering solutions architects to take an active part in implementing identity solutions.Throughout this audiobook, you’ll cover various theoretical topics along with practical examples that follow the implementation of a standard de facto identity provider (IdP) in an enterprise, such as Azure Active Directory. As you progress through the chapters, you’ll explore the different factors that contribute to an enterprise's current status quo around identities and harness modern authentication approaches to meet specific requirements of an enterprise. You’ll also be able to make sense of how modern application designs are impacted by the company’s choices and move on to recognize how a healthy organization tackles identity and critical tasks that the development teams pivot on.By the end of this audiobook, you’ll be able to breeze through creating portable, robust, and reliable applications that can interact with each other.

CompTIA CASP+ CAS-004 Certification Guide. Develop CASP+ skills and learn all the key topics needed to prepare for the certification exam

Mark Birch

CompTIA Advanced Security Practitioner (CASP+) ensures that security practitioners stay on top of the ever-changing security landscape. The CompTIA CASP+ CAS-004 Certification Guide offers complete, up-to-date coverage of the CompTIA CAS-004 exam so you can take it with confidence, fully equipped to pass on the first attempt.Written in a clear, succinct way with self-assessment questions, exam tips, and mock exams with detailed explanations, this audiobook covers security architecture, security operations, security engineering, cryptography, governance, risk, and compliance. You'll begin by developing the skills to architect, engineer, integrate, and implement secure solutions across complex environments to support a resilient enterprise. Moving on, you'll discover how to monitor and detect security incidents, implement incident response, and use automation to proactively support ongoing security operations. The audiobook also shows you how to apply security practices in the cloud, on-premises, to endpoints, and to mobile infrastructure. Finally, you'll understand the impact of governance, risk, and compliance requirements throughout the enterprise.By the end of this CASP study guide, you'll have covered everything you need to pass the CompTIA CASP+ CAS-004 certification exam and have a handy reference guide.

Cyber Warfare - Truth, Tactics, and Strategies. Strategic concepts and truths to help you and your organization survive on the battleground of cyber warfare

Dr. Chase Cunningham

The era of cyber warfare is now upon us. What we do now and how we determine what we will do in the future is the difference between whether our businesses live or die and whether our digital self survives the digital battlefield. Cyber Warfare – Truth, Tactics, and Strategies takes you on a journey through the myriad of cyber attacks and threats that are present in a world powered by AI, big data, autonomous vehicles, drones video, and social media.Dr. Chase Cunningham uses his military background to provide you with a unique perspective on cyber security and warfare. Moving away from a reactive stance to one that is forward-looking, he aims to prepare people and organizations to better defend themselves in a world where there are no borders or perimeters. He demonstrates how the cyber landscape is growing infinitely more complex and is continuously evolving at the speed of light.The audiobook not only covers cyber warfare, but it also looks at the political, cultural, and geographical influences that pertain to these attack methods and helps you understand the motivation and impacts that are likely in each scenario.Cyber Warfare – Truth, Tactics, and Strategies is as real-life and up-to-date as cyber can possibly be, with examples of actual attacks and defense techniques, tools. and strategies presented for you to learn how to think about defending your own systems and data.