Bezpieczeństwo systemów
Defensive Security with Kali Purple. Cybersecurity strategies using ELK Stack and Kali Linux
Karl Lane
Defensive Security with Kali Purple combines red team tools from the Kali Linux OS and blue team tools commonly found within a security operations center (SOC) for an all-in-one approach to cybersecurity. This book takes you from an overview of today's cybersecurity services and their evolution to building a solid understanding of how Kali Purple can enhance training and support proof-of-concept scenarios for your technicians and analysts.After getting to grips with the basics, you’ll learn how to develop a cyber defense system for Small Office Home Office (SOHO ) services. This is demonstrated through the installation and configuration of supporting tools such as virtual machines, the Java SDK, Elastic, and related software. You’ll then explore Kali Purple’s compatibility with the Malcolm suite of tools, including Arkime, CyberChef, Suricata, and Zeek. As you progress, the book introduces advanced features, such as security incident response with StrangeBee’s Cortex and TheHive and threat and intelligence feeds. Finally, you’ll delve into digital forensics and explore tools for social engineering and exploit development.By the end of this book, you’ll have a clear and practical understanding of how this powerful suite of tools can be implemented in real-world scenarios.
Kamalmeet Singh, Ianculescu, Lucian-Paul Torje
Having a knowledge of design patterns enables you, as a developer, to improve your code base, promote code reuse, and make the architecture more robust. As languages evolve, new features take time to fully understand before they are adopted en masse. The mission of this book is to ease the adoption of the latest trends and provide good practices for programmers.We focus on showing you the practical aspects of smarter coding in Java. We'll start off by going over object-oriented (OOP) and functional programming (FP) paradigms, moving on to describe the most frequently used design patterns in their classical format and explain how Java’s functional programming features are changing them.You will learn to enhance implementations by mixing OOP and FP, and finally get to know about the reactive programming model, where FP and OOP are used in conjunction with a view to writing better code. Gradually, the book will show you the latest trends in architecture, moving from MVC to microservices and serverless architecture. We will finish off by highlighting the new Java features and best practices. By the end of the book, you will be able to efficiently address common problems faced while developing applications and be comfortable working on scalable and maintainable projects of any size.
DevOps Bootcamp. The fastest way to learn DevOps
Mitesh Soni
DevOps Bootcamp delivers practical learning modules in manageable chunks. Each chunk is delivered in a day, and each day is a productive one. Each day builds your competency in DevOps. You will be able to take the task you learn every day and apply it to cultivate the DevOps culture.Each chapter presents core concepts and key takeaways about a topic in DevOps and provides a series of hands-on exercises. You will not only learn the importance of basic concepts or practices of DevOps but also how to use different tools to automate application lifecycle management. We will start off by building the foundation of the DevOps concepts. On day two, we will perform Continuous Integration using Jenkins and VSTS both by configuring Maven-based JEE Web Application?. We will also integrate Jenkins and Sonar qube for Static Code Analysis. Further, on day three, we will focus on Docker containers where we will install and configure Docker and also create a Tomcat Container to deploy our Java based web application. On day four, we will create and configure the environment for application deployment in AWS and Microsoft Azure Cloud for which we will use Infrastructure as a Service and Open Source Configuration Management tool Chef. For day five, our focus would be on Continuous Delivery. We will automate application deployment in Docker container using Jenkins Plugin, AWS EC2 using Script, AWS Elastic Beanstalk using Jenkins Plugin, Microsoft Azure VM using script, and Microsoft Azure App Services Using Jenkins. We will also configure Continuous Delivery using VSTS. We will then learn the concept of Automated Testing on day six using Apache JMeter and URL-based tests in VSTS. Further, on day seven, we will explore various ways to automate application lifecycle management using orchestration. We will see how Pipeline can be created in Jenkins and VSTS, so the moment Continuous? Integration is completed successfully, Continuous Delivery will start and application will be deployed. On the final day, our focus would be on Security access to Jenkins and Monitoring of CI resources, and cloud-based resources in AWS and Microsoft Azure Platform as a Service.
DevSecOps for Azure. End-to-end supply chain security for GitHub, Azure DevOps, and the Azure cloud
David Okeyode, Joylynn Kirui, Scott Hanselman
Businesses must prioritize security, especially when working in the constantly evolving Azure cloud. However, many organizations struggle to maintain security and compliance. Attackers are increasingly targeting software development processes, making software supply chain security crucial. This includes source control systems, build systems, CI/CD platforms, and various artifacts. With the help of this book, you’ll be able to enhance security and compliance in Azure software development processes.Starting with an overview of DevOps and its relationship with Agile methodologies and cloud computing, you'll gain a solid foundation in DevSecOps principles. The book then delves into the security challenges specific to DevOps workflows and how to address them effectively. You'll learn how to implement security measures in the planning phase, including threat modeling and secure coding practices. You'll also explore pre-commit security controls, source control security, and the integration of various security tools in the build and test phases. The book covers crucial aspects of securing the release and deploy phases, focusing on artifact integrity, infrastructure as code security, and runtime protection.By the end of this book, you’ll have the knowledge and skills to implement a secure code-to-cloud process for the Azure cloud.
Gerard Johansen
Embark on a journey into the forefront of cyber defense with Digital Forensics and Incident Response, 4th Edition. This guide is your gateway to mastering the sophisticated techniques and methodologies essential for tackling today’s cyber threats. Authored by leading cybersecurity expert Gerard Johansen, this book provides an insider's look at the cutting-edge tools and innovative strategies needed to prevent, detect, and respond to digital vulnerabilities. With its focus on practical applications and up-to-date examples, it equips you with the skills to develop and refine robust digital forensic capabilities within your organizationThe fourth edition goes beyond traditional approaches by integrating the latest advancements in cloud technology and machine learning, offering a comprehensive look at how these technologies can enhance forensic practices. Dive into the nuances of deploying scalable incident response strategies, using open-source tools for effective threat hunting, and applying ML/AI to uncover and counteract emerging cyber threats. Each chapter is designed to build your proficiency in handling real-world challenges, making you indispensable in your fieldBy the end of the book, you will be well-versed in the various tasks and techniques associated with incident response.
Gerard Johansen
An understanding of how digital forensics integrates with the overall response to cybersecurity incidents is key to securing your organization’s infrastructure from attacks. This updated third edition will help you perform cutting-edge digital forensic activities and incident response with a new focus on responding to ransomware attacks.After covering the fundamentals of incident response that are critical to any information security team, you’ll explore incident response frameworks. From understanding their importance to creating a swift and effective response to security incidents, the book will guide you using examples. Later, you’ll cover digital forensic techniques, from acquiring evidence and examining volatile memory through to hard drive examination and network-based evidence. You’ll be able to apply these techniques to the current threat of ransomware. As you progress, you’ll discover the role that threat intelligence plays in the incident response process. You’ll also learn how to prepare an incident response report that documents the findings of your analysis. Finally, in addition to various incident response activities, the book will address malware analysis and demonstrate how you can proactively use your digital forensic skills in threat hunting.By the end of this book, you’ll be able to investigate and report unwanted security breaches and incidents in your organization.
Docker and Kubernetes for Java Developers. Scale, deploy, and monitor multi-container applications
Jaroslaw Krochmalski, Jarosław Krochmalski
Imagine creating and testing Java EE applications on Apache Tomcat Server or Wildfly Application server in minutes along with deploying and managing Java applications swiftly. Sounds too good to be true? But you have a reason to cheer as such scenarios are only possible by leveraging Docker and Kubernetes.This book will start by introducing Docker and delve deep into its networking and persistent storage concepts. You will then proceed to learn how to refactor monolith application into separate services by building an application and then packaging it into Docker containers. Next, you will create an image containing Java Enterprise Application and later run it using Docker. Moving on, the book will focus on Kubernetes and its features and you will learn to deploy a Java application to Kubernetes using Maven and monitor a Java application in production. By the end of the book, you will get hands-on with some more advanced topics to further extend your knowledge about Docker and Kubernetes.
Docker Quick Start Guide. Learn Docker like a boss, and finally own your applications
Earl Waud
Docker is an open source software platform that helps you with creating, deploying, and running your applications using containers. This book is your ideal introduction to Docker and containerization.You will learn how to set up a Docker development environment on a Linux, Mac, or Windows workstation, and learn your way around all the commands to run and manage your Docker images and containers.You will explore the Dockerfile and learn how to build your own enterprise-grade Docker images. Then you will learn about Docker networks, Docker swarm, and Docker volumes, and how to use these features with Docker stacks in order to define, deploy, and maintain highly-scalable, fault-tolerant multi-container applications.Finally, you will learn how to leverage Docker with Jenkins to automate the building of Docker images and the deployment of Docker containers. By the end of this book, you will be well prepared when it comes to using Docker for your next project.