Inne
Ochrona danych osobowych w służbach mundurowych
Janusz Becker
W książce omówiono zagadnienia dotyczące ochrony danych osobowych w różnych służbach mundurowych. Pozycja skierowana jest do wykładowców i studentów szkół wyższych o kierunku bezpieczeństwo wewnętrzne. Będzie również przydatna dla wszystkich osób zainteresowanych tematyką ochrony danych osobowych.
Ochrona informacji i systemów teleinformatycznych w cyberprzestrzeni
Jakub Kowalewski, Marian Kowalewski
W skrypcie omówiono zagrożenia informacji i systemów teleinformatycznych, takich jak oprogramowanie złośliwe, cyberprzestępstwa i cyberterroryzm. Zaprezentowano różnorodne metody ochrony informacji przed zagrożeniami w cyberprzestrzeni, dzieląc je na metody administracyjno-organizacyjne, prawne i normalizacyjne, techniczne oraz fizyczne. Omówiono systemy monitorowania i reagowania na zagrożenia w cyberprzestrzeni, działania edukacyjne w zakresie bezpieczeństwa informacji i systemów teleinformatycznych oraz podstawy prawne ich ochrony. Przytoczono także informacje dotyczące zarządzania bezpieczeństwem organizacji.
Dr. Ahmad MK Nasser, Dr. Dennis Kengo...
Offensive Automotive Cybersecurity is your practical guide to understanding how modern automotive vulnerabilities are exploited—so you can build resilient defenses against proven attack methods.As vehicles evolve into software-defined systems, their expanding attack surface increases exposure to sophisticated threats. This book examines the entire connected vehicle ecosystem—from cloud backends and wireless protocols to in-vehicle networks, HPCs, ECUs, and physical sensors—through an offensive security lens.Through a blend of theory and reviewing practical examples, you will learn to execute the full penetration testing lifecycle, encompassing active and passive reconnaissance, firmware reverse engineering, and the construction of complex attack chains. The book provides hands-on insights into exploiting memory corruption bugs in HPCs, abusing diagnostic protocols, and leveraging hardware-level vulnerabilities such as fault injection and side-channel leakage. These techniques are brought to life through detailed real-world case studies, including remote takeovers and exploits of well-known vehicle platforms.By the end of this book, you’ll be able to think like an adversary, uncover hidden risks before attackers do, apply secure-by-design principles, and implement layered defenses to reduce exploitable weaknesses.
Kyle Wilhoit, Joseph Opacki
We’re living in an era where cyber threat intelligence is becoming more important. Cyber threat intelligence routinely informs tactical and strategic decision-making throughout organizational operations. However, finding the right resources on the fundamentals of operationalizing a threat intelligence function can be challenging, and that’s where this book helps.In Operationalizing Threat Intelligence, you’ll explore cyber threat intelligence in five fundamental areas: defining threat intelligence, developing threat intelligence, collecting threat intelligence, enrichment and analysis, and finally production of threat intelligence. You’ll start by finding out what threat intelligence is and where it can be applied. Next, you’ll discover techniques for performing cyber threat intelligence collection and analysis using open source tools. The book also examines commonly used frameworks and policies as well as fundamental operational security concepts. Later, you’ll focus on enriching and analyzing threat intelligence through pivoting and threat hunting. Finally, you’ll examine detailed mechanisms for the production of intelligence.By the end of this book, you’ll be equipped with the right tools and understand what it takes to operationalize your own threat intelligence function, from collection to production.
Adrian Neagu
For almost all organizations, data security is a matter of prestige and credibility. The Oracle Database is one of the most rich in features and probably the most used Database in a variety of industries where security is essential. To ensure security of data both in transit and on the disk, Oracle has implemented the security technologies to achieve a reliable and solid system. In Oracle 11g Anti-Hacker's Cookbook, you will learn about the most important solutions that can be used for better database security.Oracle 11g Anti-hacker's Cookbook covers all the important security measures and includes various tips and tricks to protect your Oracle Database.Oracle 11g Anti-hacker's Cookbook uses real-world scenarios to show you how to secure the Oracle Database server from different perspectives and against different attack scenarios. Almost every chapter has a possible threads section, which describes the major dangers that can be confronted. The initial chapters cover how to defend the operating system, the network, the data and the users. The defense scenarios are linked and designed to prevent these attacks. The later chapters cover Oracle Vault, Oracle VPD, Oracle Labels, and Oracle Audit. Finally, in the Appendices, the book demonstrates how to perform a security assessment against the operating system and the database, and how to use a DAM tool for monitoring.
Maja Veselica & Zoran Pavlovic, Zoran Pavlovic,...
Businesses around the world are paying much greater attention toward database security than they ever have before. Not only does the current regulatory environment require tight security, particularly when dealing with sensitive and personal data, data is also arguably a company’s most valuable asset - why wouldn’t you want to protect it in a secure and reliable database? Oracle Database lets you do exactly that. It’s why it is one of the world’s leading databases – with a rich portfolio of features to protect data from contemporary vulnerabilities, it’s the go-to database for many organizations. Oracle Database 12c Security Cookbook helps DBAs, developers, and architects to better understand database security challenges. Let it guide you through the process of implementing appropriate security mechanisms, helping you to ensure you are taking proactive steps to keep your data safe. Featuring solutions for common security problems in the new Oracle Database 12c, with this book you can be confident about securing your database from a range of different threats and problems.
PCI DSS Version 4.0.1. A guide to the payment card industry data security standard
IT Governance Publishing, Stephen Hancock
This book provides an essential resource for anyone involved in managing or ensuring PCI DSS compliance. It begins by introducing the Payment Card Industry Data Security Standard (PCI DSS), explaining its importance, and the regulatory framework that governs it. Readers will understand how to assess their organization’s compliance status and the vital steps to avoid data breaches. The book offers a comprehensive exploration of compliance programs and how organizations can design their own effective strategies.The text then dives into the specifics of PCI DSS, focusing on its core components and requirements. Key chapters describe how to comply with and maintain compliance, as well as how to use tools like the PCI self-assessment questionnaire (SAQ). Real-world case studies of cardholder data breaches highlight the consequences of non-compliance. Readers will also learn about the integration of PCI DSS with other standards like ISO/IEC 27001.Throughout, this guide emphasizes practical advice for implementing key security frameworks such as the Software Security Framework (SSF) and Point-to-Point Encryption (P2PE). By the end of the book, readers will have a clear roadmap to not only meet but sustain PCI DSS compliance and strengthen their organization's data security practices.
Penetration Testing: A Survival Guide. A Survival Guide
Wolf Halton, Bo Weaver, Srinivasa Rao Kotipalli,...
The need for penetration testers has grown well over what the IT industry ever anticipated. Running just a vulnerability scanner is no longer an effective method to determine whether a business is truly secure. This learning path will help you develop the most effective penetration testing skills to protect your Windows, web applications, and Android devices. The first module focuses on the Windows platform, which is one of the most common OSes, and managing its security spawned the discipline of IT security. Kali Linux is the premier platform for testing and maintaining Windows security. Employs the most advanced tools and techniques to reproduce the methods used by sophisticated hackers. In this module first,you’ll be introduced to Kali's top ten tools and other useful reporting tools. Then, you will find your way around your target network and determine known vulnerabilities so you can exploit a system remotely. You’ll not only learn to penetrate in the machine, but will also learn to work with Windows privilege escalations.The second module will help you get to grips with the tools used in Kali Linux 2.0 that relate to web application hacking. You will get to know about scripting and input validation flaws, AJAX, and security issues related to AJAX. You will also use an automated technique called fuzzing so you can identify flaws in a web application. Finally, you’ll understand the web application vulnerabilities and the ways they can be exploited.In the last module, you’ll get started with Android security. Android, being the platform with the largest consumer base, is the obvious primary target for attackers. You’ll begin this journey with the absolute basics and will then slowly gear up to the concepts of Android rooting, application security assessments, malware, infecting APK files, and fuzzing. You’ll gain the skills necessary to perform Android application vulnerability assessments and to create an Android pentesting lab.This Learning Path is a blend of content from the following Packt products:• Kali Linux 2: Windows Penetration Testing by Wolf Halton and Bo Weaver• Web Penetration Testing with Kali Linux, Second Edition by Juned Ahmed Ansari• Hacking Android by Srinivasa Rao Kotipalli and Mohammed A. Imran