Bezpieczeństwo systemów
W kategorii Bezpieczeństwo systemów zebrano książki, które pomogą zabezpieczyć Wasze prywatne lub firmowe komputery przed programami szpiegującymi, atakami hakerów czy wirusami. Poznacie procedury i normy związane z profesjonalną ochroną informacji oraz procedury przeprowadzenia audytu bezpieczeństwa. Opanujecie zaawansowane techniki zapewniające bezpieczeństwo komputerów, niezależnie jaki system operacyjny został na nich zainstalowany. Jeżeli jesteście twórcami oprogramowania, to znajdziecie tutaj informacje jak skutecznie zabezpieczyć własne aplikacje przed crackerami i hackerami, oraz jak tworzyć bezpieczne w użytkowaniu programy czy aplikacje sieciowe.
Viktor Farcic
Building on The DevOps 2.0 Toolkit, The DevOps 2.1 Toolkit: Docker Swarm, and The DevOps 2.2 Toolkit: Self-Sufficient Docker Clusters, Viktor Farcic brings his latest exploration of the DevOps Toolkit as he takes you on a journey to explore the features of Kubernetes.The DevOps 2.3 Toolkit: Kubernetes is a book in the series that helps you build a full DevOps Toolkit. This book in the series looks at Kubernetes, the tool designed to, among other roles, make it easier in the creation and deployment of highly available and fault-tolerant applications at scale, with zero downtime.Within this book, Viktor will cover a wide range of emerging topics, including what exactly Kubernetes is, how to use both first and third-party add-ons for projects, and how to get the skills to be able to call yourself a “Kubernetes ninja.” Work with Viktor and dive into the creation and exploration of Kubernetes with a series of hands-on guides.
Chad Maurice, Jeremy Thompson, William Copeland, Anthony...
Threat hunting is a concept that takes traditional cyber defense and spins it onto its head. It moves the bar for network defenses beyond looking at the known threats and allows a team to pursue adversaries that are attacking in novel ways that have not previously been seen. To successfully track down and remove these advanced attackers, a solid understanding of the foundational concepts and requirements of the threat hunting framework is needed. Moreover, to confidently employ threat hunting in a business landscape, the same team will need to be able to customize that framework to fit a customer’s particular use case.This book breaks down the fundamental pieces of a threat hunting team, the stages of a hunt, and the process that needs to be followed through planning, execution, and recovery. It will take you through the process of threat hunting, starting from understanding cybersecurity basics through to the in-depth requirements of building a mature hunting capability. This is provided through written instructions as well as multiple story-driven scenarios that show the correct (and incorrect) way to effectively conduct a threat hunt.By the end of this cyber threat hunting book, you’ll be able to identify the processes of handicapping an immature cyber threat hunt team and systematically progress the hunting capabilities to maturity.
The Modern C# Challenge. Become an expert C# programmer by solving interesting programming problems
Rod Stephens
C# is a multi-paradigm programming language. The Modern C# Challenge covers with aspects of the .NET Framework such as the Task Parallel Library (TPL) and CryptoAPI. It also encourages you to explore important programming trade-offs such as time versus space or simplicity. There may be many ways to solve a problem and there is often no single right way, but some solutions are definitely better than others. This book has combined these solutions to help you solve real-world problems with C#.In addition to describing programming trade-offs, The Modern C# Challenge will help you build a useful toolkit of techniques such as value caching, statistical analysis, and geometric algorithms.By the end of this book, you will have walked through challenges in C# and explored the .NET Framework in order to develop program logic for real-world applications.
The OSINT Handbook. A practical guide to gathering and analyzing online information
Dale Meredith, Greg Shields
The OSINT Handbook offers practical guidance and insights to enhance your OSINT capabilities and counter the surge in online threats that this powerful toolset was built to tackle. Starting with an introduction to the concept of OSINT, this book will take you through all the applications, as well as the legal and ethical considerations associated with OSINT research. You'll conquer essential techniques for gathering and analyzing information using search engines, social media platforms, and other web-based resources. As you advance, you’ll get to grips with anonymity and techniques for secure browsing, managing digital footprints, and creating online personas. You'll also gain hands-on experience with popular OSINT tools such as Recon-ng, Maltego, Shodan, and Aircrack-ng, and leverage OSINT to mitigate cyber risks with expert strategies that enhance threat intelligence efforts. Real-world case studies will illustrate the role of OSINT in anticipating, preventing, and responding to cyber threats. By the end of this book, you'll be equipped with both the knowledge and tools to confidently navigate the digital landscape and unlock the power of information using OSINT.*Email sign-up and proof of purchase required
The Ransomware Threat Landscape. Prepare for, recognise and survive ransomware attacks
IT Governance Publishing, Alan Calder
The Ransomware Threat Landscape offers an in-depth examination of ransomware, explaining how it works, its modes of access, and the consequences of attacks. The book begins by detailing the mechanisms of ransomware, how cybercriminals exploit vulnerabilities, and the damage it causes to organizations. It further explores the types of ransomware, their infection methods, and how attackers use ransomware for financial gain.The guide provides practical, actionable advice on basic and advanced cybersecurity measures to protect against ransomware. Topics like cybersecurity hygiene, staff awareness, and the importance of creating an anti-ransomware program are covered. The book emphasizes the role of a well-structured risk management framework and its application in preventing attacks and mitigating fallout from infections.For organizations of all sizes, the book offers tailored controls to strengthen defenses. It also explains the steps needed for a comprehensive recovery plan. Advanced prevention strategies for larger enterprises are discussed, making this guide suitable for IT professionals, security experts, and organizational leaders aiming to protect their systems from ransomware threats.
IT Governance Publishing, Richard Bingley
Becoming a successful security consultant requires a unique set of skills that span both the business and security worlds. This handbook serves as a practical guide to help professionals navigate the complex landscape of security consulting. It covers everything from the entrepreneurial aspects of starting a business to the essential security disciplines like private investigations, information security, and protective security. You’ll also explore the growing importance of resilience in both personal and organizational contexts.The book also delves into the crucial elements of security legislation and regulation, offering a thorough understanding of the legal frameworks that affect security professionals. From UK human rights laws to international laws related to corporate management and conflict, readers will gain the knowledge necessary to operate securely and legally in a variety of environments. Whether you are just starting out or looking to refine your security consulting expertise, this handbook provides the insights needed to thrive in the ever-evolving security industry. It’s a must-read for anyone seeking to build a reputation as a trusted expert in the security consulting field.
Glen D. Singh
Journey into the world of Kali Linux – the central hub for advanced penetration testing, with this ultimate guide to exposing security vulnerabilities in websites and both wired and wireless enterprise networks.With real-world scenarios, practical steps and coverage of popular tools, this third edition of the bestselling Ultimate Kali Linux Book is your fast track to learning penetration testing with Kali Linux 2024.x. As you work through the book, from preliminary penetration testing activities through performing network and website penetration testing, to exploring Active Directory and social engineering attacks, you’ll discover the range of vulnerability assessment tools in Kali Linux, building your confidence and proficiency as a penetration tester or ethical hacker.This new edition of the book features a brand new chapter on Open Source Intelligence (OSINT), as well as new labs on web applications and social engineering. Procedures for building virtual labs have also been improved, making these easier to understand and follow.Think of this book as your stepping stone into the modern world of penetration testing and ethical hacking – with the practical guidance and industry best practices the book provides, you’ll be ready to tackle real-world cybersecurity challenges head-on.*Email sign-up and proof of purchase required
Glen D. Singh
Kali Linux is the most popular and advanced penetration testing Linux distribution within the cybersecurity industry. Using Kali Linux, a cybersecurity professional will be able to discover and exploit various vulnerabilities and perform advanced penetration testing on both enterprise wired and wireless networks. This book is a comprehensive guide for those who are new to Kali Linux and penetration testing that will have you up to speed in no time. Using real-world scenarios, you’ll understand how to set up a lab and explore core penetration testing concepts. Throughout this book, you’ll focus on information gathering and even discover different vulnerability assessment tools bundled in Kali Linux. You’ll learn to discover target systems on a network, identify security flaws on devices, exploit security weaknesses and gain access to networks, set up Command and Control (C2) operations, and perform web application penetration testing. In this updated second edition, you’ll be able to compromise Active Directory and exploit enterprise networks. Finally, this book covers best practices for performing complex web penetration testing techniques in a highly secured environment. By the end of this Kali Linux book, you’ll have gained the skills to perform advanced penetration testing on enterprise networks using Kali Linux.
Donald A. Tevault
Dive into the world of Linux shell scripting with this hands-on guide. If you’re comfortable using the command line on Unix or Linux but haven’t fully explored Bash, this book is for you. It’s designed for programmers familiar with languages like Python, JavaScript, or PHP who want to make the most of shell scripting.This isn’t just another theory-heavy book—you’ll learn by doing. Each chapter builds on the last, taking you from shell basics to writing practical scripts that solve real-world problems. With nearly a hundred interactive labs, you’ll gain hands-on experience in automation, system administration, and troubleshooting.While Bash is the primary focus, you'll also get a look at Z Shell and PowerShell, expanding your skills and adaptability. From mastering command redirection and pipelines to writing scripts that work across different Unix-like systems, this book equips you for real-world Linux challenges.By the end, you'll be equipped to write efficient shell scripts that streamline your workflow and improve system automation.
Andrew Pease
Threat Hunting with Elastic Stack will show you how to make the best use of Elastic Security to provide optimal protection against cyber threats. With this book, security practitioners working with Kibana will be able to put their knowledge to work and detect malicious adversary activity within their contested network.You'll take a hands-on approach to learning the implementation and methodologies that will have you up and running in no time. Starting with the foundational parts of the Elastic Stack, you'll explore analytical models and how they support security response and finally leverage Elastic technology to perform defensive cyber operations.You’ll then cover threat intelligence analytical models, threat hunting concepts and methodologies, and how to leverage them in cyber operations. After you’ve mastered the basics, you’ll apply the knowledge you've gained to build and configure your own Elastic Stack, upload data, and explore that data directly as well as by using the built-in tools in the Kibana app to hunt for nefarious activities.By the end of this book, you'll be able to build an Elastic Stack for self-training or to monitor your own network and/or assets and use Kibana to monitor and hunt for adversaries within your network.
Threat Modeling Best Practices. Proven frameworks and practical techniques to secure modern systems
Derek Fisher
Threat modeling has become a cornerstone of modern cybersecurity, yet it is often overlooked, leaving security gaps that attackers can exploit. With the rise in system complexity, cloud adoption, AI-driven threats, and stricter compliance requirements, security teams need a structured approach to proactively spot and stop risks before attackers do. This book delivers exactly that, offering actionable insights for applying industry best practices and emerging technologies to secure systems. It breaks down the fundamentals of threat modeling and walks you through key frameworks and tools such as STRIDE, MITRE ATT&CK, PyTM, and Attack Paths, helping you choose the right model and create a roadmap tailored to your business. You'll learn how to use leading threat modeling tools, identify and prioritize potential threats, and integrate these practices into the software development life cycle to detect risks early. The book also examines how AI can enhance analysis and streamline security decision-making for faster, stronger defenses.By the end, you'll have everything you need to build systems that anticipate and withstand evolving threats, keeping your organization secure in an ever-changing digital landscape.*Email sign-up and proof of purchase required
Threat Modeling Gameplay with EoP. A reference manual for spotting threats in software architecture
Brett Crawley, Adam Shostack
Are you looking to navigate security risks, but want to make your learning experience fun? Here's a comprehensive guide that introduces the concept of play to protect, helping you discover the threats that could affect your software design via gameplay.Each chapter in this book covers a suit in the Elevation of Privilege (EoP) card deck (a threat category), providing example threats, references, and suggested mitigations for each card. You’ll explore the methodology for threat modeling—Spoofing, Tampering, Repudiation, Information Disclosure, and Elevation of Privilege (S.T.R.I.D.E.) with Privacy deck and the T.R.I.M. extension pack. T.R.I.M. is a framework for privacy that stands for Transfer, Retention/Removal, Inference, and Minimization. Throughout the book, you’ll learn the meanings of these terms and how they should be applied. From spotting vulnerabilities to implementing practical solutions, the chapters provide actionable strategies for fortifying the security of software systems.By the end of this book, you will be able to recognize threats, understand privacy regulations, access references for further exploration, and get familiarized with techniques to protect against these threats and minimize risks.
Dr. Paul Duplys, Dr. Roland Schmitz
TLS is the most widely used cryptographic protocol today, enabling e-commerce, online banking, and secure online communication. Written by Dr. Paul Duplys, Security, Privacy & Safety Research Lead at Bosch, and Dr. Roland Schmitz, Internet Security Professor at Stuttgart Media University, this book will help you gain a deep understanding of how and why TLS works, how past attacks on TLS were possible, and how vulnerabilities that enabled them were addressed in the latest TLS version 1.3. By exploring the inner workings of TLS, you’ll be able to configure it and use it more securely.Starting with the basic concepts, you’ll be led step by step through the world of modern cryptography, guided by the TLS protocol. As you advance, you’ll be learning about the necessary mathematical concepts from scratch. Topics such as public-key cryptography based on elliptic curves will be explained with a view on real-world applications in TLS. With easy-to-understand concepts, you’ll find out how secret keys are generated and exchanged in TLS, and how they are used to creating a secure channel between a client and a server.By the end of this book, you’ll have the knowledge to configure TLS servers securely. Moreover, you’ll have gained a deep knowledge of the cryptographic primitives that make up TLS.
Zhassulan Zhussupov
Skuteczne wzmacnianie cyberbezpieczeństwa wymaga wiedzy o sposobach działania hakerów. Żaden analityk złośliwego oprogramowania, pentester czy łowca zagrożeń nie obejdzie się bez wiedzy o budowie malware ani bez umiejętności programowania ofensywnego. Innymi słowy, jeśli chcesz poprawić bezpieczeństwo IT w swojej organizacji, musisz dobrze znać narzędzia, taktyki i techniki używane przez cyberprzestępców. Ta książka jest kompleksowym przewodnikiem po ciemnej stronie cyberbezpieczeństwa ― zapewni Ci wiedzę i umiejętności niezbędne do skutecznego zwalczania złośliwego oprogramowania. Nauczysz się poruszać wśród zawiłości związanych z tworzeniem złośliwego oprogramowania, a także dobrze poznasz techniki i strategie stosowane przez cyberprzestępców. Zdobędziesz też praktyczne doświadczenie w projektowaniu i implementowaniu popularnych rozwiązań stosowanych w prawdziwych złośliwych aplikacjach, na przykład Carbanak, Carberp, Stuxnet, Conti, Babuk i BlackCat. Nie zabrakło tu zasad etycznego hakingu i tajników budowy złośliwego oprogramowania, jak techniki unikania wykrycia, mechanizmy persystencji i wiele innych, które poznasz dzięki lekturze. W książce: sposób myślenia twórców złośliwego oprogramowania techniki stosowane w różnych rodzajach malware rekonstrukcja ataków APT metody obchodzenia mechanizmów bezpieczeństwa ponad 80 działających przykładów malware matematyczne podstawy współczesnego złośliwego oprogramowania O książce w mediach: Eksperyment myślowy ― recenzja książki
Parth Ghiya
In the last few years or so, microservices have achieved the rock star status and right now are one of the most tangible solutions in enterprises to make quick, effective, and scalable applications. The apparent rise of Typescript and long evolution from ES5 to ES6 has seen lots of big companies move to ES6 stack. If you want to learn how to leverage the power of microservices to build robust architecture using reactive programming and Typescript in Node.js, then this book is for you.Typescript Microservices is an end-to-end guide that shows you the implementation of microservices from scratch; right from starting the project to hardening and securing your services. We will begin with a brief introduction to microservices before learning to break your monolith applications into microservices. From here, you will learn reactive programming patterns and how to build APIs for microservices. The next set of topics will take you through the microservice architecture with TypeScript and communication between services. Further, you will learn to test and deploy your TypeScript microservices using the latest tools and implement continuous integration. Finally, you will learn to secure and harden your microservice.By the end of the book, you will be able to build production-ready, scalable, and maintainable microservices using Node.js and Typescript.
Ukryta tożsamość. Jak się obronić przed utratą prywatności
Tomasz Ciborski
Wymknij się podglądaczom! Totalna inwigilacja, czyli witajcie w globalnej wiosce Bezpieczeństwo w sieci i mailu, czyli sprytne sposoby chronienia prywatności Tor i kryptowaluty, czyli zaawansowane sposoby zachowania anonimowości Żyjemy w globalnej wiosce. Sieć WWW dokładnie oplotła świat - kawiarenki internetowe są w peruwiańskiej dżungli i wioskach Pigmejów, a łącza satelitarne mają nawet stacje badawcze na Antarktydzie. Wszechobecność internetu jest oczywiście szalenie wygodna… ale ma to też swoje konsekwencje. Każde Twoje wejście do sieci jest rejestrowane. Analizie poddawane są Twoje preferencje w wyborze stron, na ekranie wyświetlają Ci się dobrane do nich reklamy, a każdy w miarę sprawny haker mógłby bez trudu dotrzeć do Twoich prywatnych e-maili. Niezbyt miła perspektywa, prawda? Na szczęście istnieją sposoby ochrony swojej prywatności w sieci. Jeśli chcesz je poznać i poczuć się bezpiecznie, sięgnij po tę książkę. Znajdziesz w niej mnóstwo metod zacierania własnych śladów. Dowiesz się, jak pozostać anonimowym podczas przeglądania sieci i jak szyfrować swoje wiadomości e-mail (lub korzystać z alternatywnych metod ich przesyłania). Zorientujesz się, jak działa undergroundowy bliźniak Internetu, czyli Tor. Sprawdzisz, co można kupić za bitcoiny. Odkryjesz także, jak zapewnić bezpieczeństwo Twoim urządzeniom i nie dać wykraść sobie żadnych danych. Nie daj się złapać w sieć! Inwigilacja globalna i lokalna Naucz się otwartego oprogramowania Bezpieczne przeglądanie internetu Poczta i szyfrowanie wiadomości Bitmessage — alternatywa dla e-maili W mrokach cebulowej sieci Kryptowaluty i pieniądz wirtualny Bezpieczeństwo dysków i partycji dyskowych Bezpieczeństwo mobilne Jeszcze więcej sposobów na ochronę prywatności — komunikatory internetowe, sieci I2P i VPN Wszystko w jednym — Linux Tails Naucz się dobrze pilnować swoich danych!