Oracle Database 12c Security Cookbook. Secure your Oracle Database 12c with this valuable Oracle support resource, featuring more than 100 solutions to the challenges of protecting your data

Zoran Pavlovic, Maja Veselica

Businesses around the world are paying much greater attention toward database security than they ever have before. Not only does the current regulatory environment require tight security, particularly when dealing with sensitive and personal data, data is also arguably a company’s most valuable asset - why wouldn’t you want to protect it in a secure and reliable database? Oracle Database lets you do exactly that. It’s why it is one of the world’s leading databases – with a rich portfolio of features to protect data from contemporary vulnerabilities, it’s the go-to database for many organizations. Oracle Database 12c Security Cookbook helps DBAs, developers, and architects to better understand database security challenges. Let it guide you through the process of implementing appropriate security mechanisms, helping you to ensure you are taking proactive steps to keep your data safe. Featuring solutions for common security problems in the new Oracle Database 12c, with this book you can be confident about securing your database from a range of different threats and problems.

Penetration Testing: A Survival Guide. A Survival Guide

Wolf Halton, Bo Weaver, Juned Ahmed Ansari, Srinivasa Rao Kotipalli, ...

The need for penetration testers has grown well over what the IT industry ever anticipated. Running just a vulnerability scanner is no longer an effective method to determine whether a business is truly secure. This learning path will help you develop the most effective penetration testing skills to protect your Windows, web applications, and Android devices. The first module focuses on the Windows platform, which is one of the most common OSes, and managing its security spawned the discipline of IT security. Kali Linux is the premier platform for testing and maintaining Windows security. Employs the most advanced tools and techniques to reproduce the methods used by sophisticated hackers. In this module first,you’ll be introduced to Kali's top ten tools and other useful reporting tools. Then, you will find your way around your target network and determine known vulnerabilities so you can exploit a system remotely. You’ll not only learn to penetrate in the machine, but will also learn to work with Windows privilege escalations.The second module will help you get to grips with the tools used in Kali Linux 2.0 that relate to web application hacking. You will get to know about scripting and input validation flaws, AJAX, and security issues related to AJAX. You will also use an automated technique called fuzzing so you can identify flaws in a web application. Finally, you’ll understand the web application vulnerabilities and the ways they can be exploited.In the last module, you’ll get started with Android security. Android, being the platform with the largest consumer base, is the obvious primary target for attackers. You’ll begin this journey with the absolute basics and will then slowly gear up to the concepts of Android rooting, application security assessments, malware, infecting APK files, and fuzzing. You’ll gain the skills necessary to perform Android application vulnerability assessments and to create an Android pentesting lab.This Learning Path is a blend of content from the following Packt products:• Kali Linux 2: Windows Penetration Testing by Wolf Halton and Bo Weaver• Web Penetration Testing with Kali Linux, Second Edition by Juned Ahmed Ansari• Hacking Android by Srinivasa Rao Kotipalli and Mohammed A. Imran

Podstawy kryptografii. Wydanie III

Marcin Karbowski

Przekonaj się, jak fascynująca jest kryptografia! Poznaj historię rozwoju kryptografii Opanuj jej matematyczne podstawy Rozpracuj najważniejsze algorytmy kryptograficzne Dowiedz się, jak zastosować je w praktyce Kryptografia to dziedzina nauki, której sedno stanowią sposoby bezpiecznego przekazywania informacji. Jest ona niemal tak stara, jak nasza cywilizacja, a dziś rozwija się w sposób niezwykle dynamiczny. Gdy tylko narodziły się pierwsze metody zapisu i komunikowania się, pojawiła się też konieczność zabezpieczenia informacji przed tymi, którzy mogliby wykorzystać je na niekorzyść osób dysponujących tymi informacjami. Od bezpieczeństwa ważnych informacji zależały często losy całych państw i narodów. O rozstrzygnięciach wielkich bitew nierzadko decydowały inteligencja i determinacja pojedynczych osób, które potrafiły odpowiednio skutecznie szyfrować (bądź też deszyfrować) nadawane (lub przechwytywane) komunikaty. O tej fascynującej dziedzinie wiedzy opowiada książka Podstawy kryptografii. Wydanie III. Wprowadza ona czytelnika w podstawowe zagadnienia kryptografii bez przygniatania nadmiarem teorii i skomplikowaną matematyką. Kusi za to barwnymi opisami i pasjonującymi przykładami "kryptograficznych wojen". Można dzięki niej poznać historię rozwoju technik szyfrowania informacji, matematyczne podstawy kryptografii, stojącą za nią teorię oraz praktyczne zastosowania tej nauki. Niezależnie od tego, czy chcesz poznać kryptografię na własny użytek, czy jest Ci to potrzebne w celach zawodowych, książka ta okaże się doskonałym przewodnikiem po świecie szyfrów, kluczy i algorytmów zabezpieczających dane. Znajdziesz w niej informacje na temat protokołów SSL i SSH, a także szczegółowy opis algorytmu SHA3. Przegląd klasycznych sposobów szyfrowania Matematyczne podstawy kryptografii Praktyczne zastosowanie mechanizmów matematycznych Teoria kryptoanalizy i informacji oraz jej praktyczne wykorzystanie Przegląd protokołów kryptograficznych Klucze publiczne i prywatne Zasady zabezpieczania danych, połączeń i systemów komputerowych Potwierdzanie tożsamości za pomocą podpisów elektronicznych Zabezpieczanie stron internetowych i szyfrowanie baz danych Naucz się chronić cenne dane!

PowerShell Automation and Scripting for Cybersecurity. Hacking and defense for red and blue teamers

Miriam C. Wiesner, Tanya Janca

Take your cybersecurity skills to the next level with this comprehensive guide to PowerShell security! Whether you’re a red or blue teamer, you’ll gain a deep understanding of PowerShell’s security capabilities and how to use them. After revisiting PowerShell basics and scripting fundamentals, you’ll dive into PowerShell Remoting and remote management technologies. You’ll learn how to configure and analyze Windows event logs and understand the most important event logs and IDs to monitor your environment. You’ll dig deeper into PowerShell’s capabilities to interact with the underlying system, Active Directory and Azure AD. Additionally, you’ll explore Windows internals including APIs and WMI, and how to run PowerShell without powershell.exe. You’ll uncover authentication protocols, enumeration, credential theft, and exploitation, to help mitigate risks in your environment, along with a red and blue team cookbook for day-to-day security tasks. Finally, you’ll delve into mitigations, including Just Enough Administration, AMSI, application control, and code signing, with a focus on configuration, risks, exploitation, bypasses, and best practices. By the end of this book, you’ll have a deep understanding of how to employ PowerShell from both a red and blue team perspective.

Practical Digital Forensics. Get started with the art and science of digital forensics with this practical, hands-on guide!

Richard Boddington

Digital Forensics is a methodology which includes using various tools, techniques, and programming language. This book will get you started with digital forensics and then follow on to preparing investigation plan and preparing toolkit for investigation.In this book you will explore new and promising forensic processes and tools based on ‘disruptive technology’ that offer experienced and budding practitioners the means to regain control of their caseloads. During the course of the book, you will get to know about the technical side of digital forensics and various tools that are needed to perform digital forensics. This book will begin with giving a quick insight into the nature of digital evidence, where it is located and how it can be recovered and forensically examined to assist investigators. This book will take you through a series of chapters that look at the nature and circumstances of digital forensic examinations and explains the processes of evidence recovery and preservation from a range of digital devices, including mobile phones, and other media. This book has a range of case studies and simulations will allow you to apply the knowledge of the theory gained to real-life situations. By the end of this book you will have gained a sound insight into digital forensics and its key components.

Practical Internet of Things Security. Beat IoT security threats by strengthening your security strategy and posture against IoT vulnerabilities

Drew Van Duren, Brian Russell

With the advent of Internet of Things (IoT), businesses will be faced with defending against new types of threats. The business ecosystem now includes cloud computing infrastructure, mobile and fixed endpoints that open up new attack surfaces, a desire to share information with many stakeholders and a need to take action quickly based on large quantities of collected data. . It therefore becomes critical to ensure that cyber security threats are contained to a minimum when implementing new IoT services and solutions. . The interconnectivity of people, devices, and companies raises stakes to a new level as computing and action become even more mobile, everything becomes connected to the cloud, and infrastructure is strained to securely manage the billions of devices that will connect us all to the IoT. This book shows you how to implement cyber-security solutions, IoT design best practices and risk mitigation methodologies to address device and infrastructure threats to IoT solutions.This book will take readers on a journey that begins with understanding the IoT and how it can be applied in various industries, goes on to describe the security challenges associated with the IoT, and then provides a set of guidelines to architect and deploy a secure IoT in your Enterprise. The book will showcase how the IoT is implemented in early-adopting industries and describe how lessons can be learned and shared across diverse industries to support a secure IoT.

Practical Linux Security Cookbook. Click here to enter text

Tajinder Kalsi

With the growing popularity of Linux, more and more administrators have started moving to the system to create networks or servers for any task. This also makes Linux the first choice for any attacker now. Due to the lack of information about security-related attacks, administrators now face issues in dealing with these attackers as quickly as possible. Learning about the different types of Linux security will help create a more secure Linux system.Whether you are new to Linux administration or experienced, this book will provide you with the skills to make systems more secure.With lots of step-by-step recipes, the book starts by introducing you to various threats to Linux systems. You then get to walk through customizing the Linux kernel and securing local files. Next you will move on to manage user authentication locally and remotely and also mitigate network attacks. Finally, you will learn to patch bash vulnerability and monitor system logs for security.With several screenshots in each example, the book will supply a great learning experience and help you create more secure Linux systems.

Practical Mobile Forensics. A hands-on guide to mastering mobile forensics for the iOS, Android, and the Windows Phone platforms - Second Edition

Heather Mahalik, Rohit Tamma, Satish Bommisetty

Mobile phone forensics is the science of retrieving data from a mobile phone under forensically sound conditions. This book is an update to Practical Mobile Forensics and it delves into the concepts of mobile forensics and its importance in today's world. We will deep dive into mobile forensics techniques in iOS 8 - 9.2, Android 4.4 - 6, and Windows Phone devices. We will demonstrate the latest open source and commercial mobile forensics tools, enabling you to analyze and retrieve data effectively. You will learn how to introspect and retrieve data from cloud, and document and prepare reports for your investigations.By the end of this book, you will have mastered the current operating systems and techniques so you can recover data from mobile devices by leveraging open source solutions.