Bezpieczeństwo systemów
Tim Rains, Timothy Youngblood
Tim Rains is Microsoft's former Global Chief Security Advisor and Amazon Web Services’ former Global Security Leader for Worldwide Public Sector. He has spent the last two decades advising private and public sector organizations all over the world on cybersecurity strategies.Cybersecurity Threats, Malware Trends, and Strategies, Second Edition builds upon the success of the first edition that has helped so many aspiring CISOs, and cybersecurity professionals understand and develop effective data-driven cybersecurity strategies for their organizations. In this edition, you’ll examine long-term trends in vulnerability disclosures and exploitation, regional differences in malware infections and the socio-economic factors that underpin them, and how ransomware evolved from an obscure threat to the most feared threat in cybersecurity. You’ll also gain valuable insights into the roles that governments play in cybersecurity, including their role as threat actors, and how to mitigate government access to data. The book concludes with a deep dive into modern approaches to cybersecurity using the cloud.By the end of this book, you will have a better understanding of the threat landscape, how to recognize good Cyber Threat Intelligence, and how to measure the effectiveness of your organization's cybersecurity strategy.
Tim Rains
After scrutinizing numerous cybersecurity strategies, Microsoft’s former Global Chief Security Advisor in this book helps you understand the efficacy of popular cybersecurity strategies and more.Cybersecurity Threats, Malware Trends, and Strategies offers an unprecedented long-term view of the global threat landscape by examining the twenty-year trend in vulnerability disclosures and exploitation, nearly a decade of regional differences in malware infections, the socio-economic factors that underpin them, and how global malware has evolved. This will give you further perspectives into malware protection for your organization. It also examines internet-based threats that CISOs should be aware of.The book will provide you with an evaluation of the various cybersecurity strategies that have ultimately failed over the past twenty years, along with one or two that have actually worked. It will help executives and security and compliance professionals understand how cloud computing is a game changer for them.By the end of this book, you will know how to measure the effectiveness of your organization’s cybersecurity strategy and the efficacy of the vendors you employ to help you protect your organization and yourself.
Cybersecurity w pytaniach i odpowiedziach
Wojciech Ciemski
Co o cyberbezpieczeństwie każdy wiedzieć powinien W świecie, w którym większość naszych mniej lub bardziej wrażliwych danych przechowywana jest w sieci, cyberbezpieczeństwo powinno być tematem numer jeden. Niestety, na ogół nie jest, bo… Po prostu nie chce się nam myśleć o zastosowaniu odpowiednich zabezpieczeń. Stają się one dla nas kluczowe dopiero, kiedy ktoś się cyberwłamie i realnie skradnie coś, co było dla nas istotne: hasło do poczty e-mail, pieniądze z konta w banku, zdjęcia, które wolelibyśmy zachować dla siebie, itd. Tyle że wtedy jest już za późno. Ta książka powstała po to, by jej czytelnik zdążył wyprzedzić zagrożenie. Stanowi wprowadzenie do zagadnienia cyberbezpieczeństwa. Podzielona na kilka kluczowych części (systemy operacyjne, sieci komputerowe, aplikacje webowe, kryptografia, wreszcie cyberbezpieczeństwo jako takie), pozwala zapoznać się z najważniejszymi zagrożeniami i ze sposobami zabezpieczeń. Przybliża terminologię związaną z tematem i stanowi świetny punkt wyjścia do dalszego zgłębiania jego wybranych aspektów. Cyberniebezpieczeństwo czyha. Czy jesteś na nie przygotowany?
Shane Molinari, Jim Packer
In today's world full of online threats, the complexity of harmful software presents a significant challenge for detection and analysis. This insightful guide will teach you how to apply the principles of data science to online security, acting as both an educational resource and a practical manual for everyday use.Data Science for Malware Analysis starts by explaining the nuances of malware, from its lifecycle to its technological aspects before introducing you to the capabilities of data science in malware detection by leveraging machine learning, statistical analytics, and social network analysis. As you progress through the chapters, you’ll explore the analytical methods of reverse engineering, machine language, dynamic scrutiny, and behavioral assessments of malicious software. You’ll also develop an understanding of the evolving cybersecurity compliance landscape with regulations such as GDPR and CCPA, and gain insights into the global efforts in curbing cyber threats.By the end of this book, you’ll have a firm grasp on the modern malware lifecycle and how you can employ data science within cybersecurity to ward off new and evolving threats.
Rohan Pinto
Looking forward to mastering digital identity? This book will help you get to grips with complete frameworks, tools, and strategies for safeguarding personal data, securing online transactions, and ensuring trust in digital interactions in today's cybersecurity landscape.Decentralized Identity Explained delves into the evolution of digital identities, from their historical roots to the present landscape and future trajectories, exploring crucial concepts such as IAM, the significance of trust anchors and sources of truth, and emerging trends such as SSI and DIDs. Additionally, you’ll gain insights into the intricate relationships between trust and risk, the importance of informed consent, and the evolving role of biometrics in enhancing security within distributed identity management systems. Through detailed discussions on protocols, standards, and authentication mechanisms, this book equips you with the knowledge and tools needed to navigate the complexities of digital identity management in both current and future cybersecurity landscapes.By the end of this book, you’ll have a detailed understanding of digital identity management and best practices to implement secure and efficient digital identity frameworks, enhancing both organizational security and user experiences in the digital realm.
Colin Domoney, Chris Wysopal, Isabelle Mauny
Along with the exponential growth of API adoption comes a rise in security concerns about their implementation and inherent vulnerabilities. For those seeking comprehensive insights into building, deploying, and managing APIs as the first line of cyber defense, this book offers invaluable guidance. Written by a seasoned DevSecOps expert, Defending APIs addresses the imperative task of API security with innovative approaches and techniques designed to combat API-specific safety challenges.The initial chapters are dedicated to API building blocks, hacking APIs by exploiting vulnerabilities, and case studies of recent breaches, while the subsequent sections of the book focus on building the skills necessary for securing APIs in real-world scenarios.Guided by clear step-by-step instructions, you’ll explore offensive techniques for testing vulnerabilities, attacking, and exploiting APIs. Transitioning to defensive techniques, the book equips you with effective methods to guard against common attacks. There are plenty of case studies peppered throughout the book to help you apply the techniques you’re learning in practice, complemented by in-depth insights and a wealth of best practices for building better APIs from the ground up.By the end of this book, you’ll have the expertise to develop secure APIs and test them against various cyber threats targeting APIs.
Defensive Security with Kali Purple. Cybersecurity strategies using ELK Stack and Kali Linux
Karl Lane
Defensive Security with Kali Purple combines red team tools from the Kali Linux OS and blue team tools commonly found within a security operations center (SOC) for an all-in-one approach to cybersecurity. This book takes you from an overview of today's cybersecurity services and their evolution to building a solid understanding of how Kali Purple can enhance training and support proof-of-concept scenarios for your technicians and analysts.After getting to grips with the basics, you’ll learn how to develop a cyber defense system for Small Office Home Office (SOHO ) services. This is demonstrated through the installation and configuration of supporting tools such as virtual machines, the Java SDK, Elastic, and related software. You’ll then explore Kali Purple’s compatibility with the Malcolm suite of tools, including Arkime, CyberChef, Suricata, and Zeek. As you progress, the book introduces advanced features, such as security incident response with StrangeBee’s Cortex and TheHive and threat and intelligence feeds. Finally, you’ll delve into digital forensics and explore tools for social engineering and exploit development.By the end of this book, you’ll have a clear and practical understanding of how this powerful suite of tools can be implemented in real-world scenarios.
Kamalmeet Singh, Ianculescu, Lucian-Paul Torje
Having a knowledge of design patterns enables you, as a developer, to improve your code base, promote code reuse, and make the architecture more robust. As languages evolve, new features take time to fully understand before they are adopted en masse. The mission of this book is to ease the adoption of the latest trends and provide good practices for programmers.We focus on showing you the practical aspects of smarter coding in Java. We'll start off by going over object-oriented (OOP) and functional programming (FP) paradigms, moving on to describe the most frequently used design patterns in their classical format and explain how Java’s functional programming features are changing them.You will learn to enhance implementations by mixing OOP and FP, and finally get to know about the reactive programming model, where FP and OOP are used in conjunction with a view to writing better code. Gradually, the book will show you the latest trends in architecture, moving from MVC to microservices and serverless architecture. We will finish off by highlighting the new Java features and best practices. By the end of the book, you will be able to efficiently address common problems faced while developing applications and be comfortable working on scalable and maintainable projects of any size.