Bezpieczeństwo sieci
Bezpieczeństwo sieci komputerowych jest aktualnie ważnym, lecz coraz bardziej skomplikowanym zagadnieniem. Książki zebrane w tej kategorii przedstawiają praktycznie wszystkie jego aspekty. Nauczycie się implementacji bezpiecznych połączeń z wykorzystaniem szeregu różnych protokołów sieciowych, a także wykorzystywać protokół SSH do pracy na zdalnych systemach.
Opanujecie ponadto umiejętność konfiguracji tuneli VPN z wykorzystaniem protokołów SSL i IPSec. Dzięki wiedzy zawartej w tym dziale, nauczycie się skutecznie bronić przed włamaniami, atakami DDoS czy działaniom typu IP-spoofing.
Jason Brown
Ransomware, phishing, and data breaches are major concerns affecting all organizations as a new cyber threat seems to emerge every day, making it paramount to protect the security of your organization and be prepared for potential cyberattacks. This book will ensure that you can build a reliable cybersecurity framework to keep your organization safe from cyberattacks.This Executive’s Cybersecurity Program Handbook explains the importance of executive buy-in, mission, and vision statement of the main pillars of security program (governance, defence, people and innovation). You’ll explore the different types of cybersecurity frameworks, how they differ from one another, and how to pick the right framework to minimize cyber risk. As you advance, you’ll perform an assessment against the NIST Cybersecurity Framework, which will help you evaluate threats to your organization by identifying both internal and external vulnerabilities. Toward the end, you’ll learn the importance of standard cybersecurity policies, along with concepts of governance, risk, and compliance, and become well-equipped to build an effective incident response team.By the end of this book, you’ll have gained a thorough understanding of how to build your security program from scratch as well as the importance of implementing administrative and technical security controls.
Carey Parker
Internet jest obecny w większości obszarów naszego życia. To już nie tylko korzystanie ze stron internetowych, ale także bankowość, zakupy w sieci czy podtrzymywanie relacji z rodziną i ze znajomymi. Oznacza to, że niemal cały czas Twoje bezpieczeństwo, pieniądze i prywatność są narażone na ataki. Aby skutecznie chronić siebie i swoich bliskich, musisz zdobyć pewne minimum wiedzy. Nie sposób obronić się przed naprawdę zdeterminowanym hakerem, ale ochrona przed pospolitymi włamaniami czy masową inwigilacją jest jak najbardziej możliwa, i to z wykorzystaniem prostych narzędzi. Trzeba tylko wiedzieć, jak się do tego zabrać! To przystępny i kompleksowy przewodnik po zagadnieniach bezpieczeństwa, skierowany do osób, które nie znają się na komputerach i informatyce. Kwestie cyberbezpieczeństwa przedstawiono tu krok po kroku, z minimalnym użyciem specjalistycznego języka. Opisano dziesiątki całkiem prostych sposobów pozwalających każdemu zabezpieczyć swoje urządzenia i dane. Książka została napisana tak, aby maksymalnie uprościć zarządzanie Twoim bezpieczeństwem w sieci. W każdym rozdziale znalazła się kompletna lista kontrolna ze szczegółowymi instrukcjami i rysunkami. Najważniejsze zagadnienia: zarządzanie hasłami dostępu blokowanie inwigilacji i śledzenia w internecie bezpieczne korzystanie z bankowości, ze sklepów i z serwisów społecznościowych bezpieczeństwo smartfona, tabletu i domowej sieci ochrona dzieci korzystających z internetu Nie musisz być informatykiem, by pamiętać o bezpieczeństwie!
Rosato Fabbri, Fabrizio Volpe
FortiGate from Fortinet is a highly successful family of appliances enabled to manage routing and security on different layers, supporting dynamic protocols, IPSEC and VPN with SSL, application and user control, web contents and mail scanning, endpoint checks, and more, all in a single platform. The heart of the appliance is the FortiOS (FortiOS 5 is the latest release) which is able to unify a friendly web interface with a powerful command line to deliver high performance. FortiGate is able to give users the results they usually achieve at a fraction of the cost of what they would have to invest with other vendors.This practical, hands-on guide addresses all the tasks required to configure and manage a FortiGate unit in a logical order. The book starts with topics related to VLAN and routing (static and advanced) and then discusses in full the UTM features integrated in the appliance. The text explains SSL VPN and IPSEC VPN with all the required steps you need to deploy the aforementioned solutions. High availability and troubleshooting techniques are also explained in the last two chapters of the book.This concise, example-oriented book explores all the concepts you need to administer a FortiGate unit. You will begin by covering the basic tools required to administer a FortiGate unit, including NAT, routing, and VLANs. You will then be guided through the concepts of firewalling, UTM inside the appliance, tunnelling using SSL, and IPSEC and dial-up configurations. Next, you will get acquainted with important topics like high availability and Vdoms. Finally, you will end the book with an overview of troubleshooting tools and techniques.
Prateek Jadhwani
Web Components are a set of APIs that help you build reusable UI modules that can operate in any modern browser using just Vanilla JavaScript. The power of Web Components lies in their ability to build frontend web applications with or without web frameworks.With this practical guide, you will understand how Web Components can help you build reusable UI components for your modern web apps. The book starts by explaining the fundamentals of Web Components' design and strategies for using them in your existing frontend web projects. You will also learn how to use JavaScript libraries such as Polymer.js and Stencil.js for building practical components. As you progress, you will build a single-page application using only Web Components to fully realize their potential. This practical guide demonstrates how to work with Shadow DOM and custom elements to build the standard components of a web application. Toward the end of the book, you will learn how to integrate Web Components with standard web frameworks to help you manage large-scale web applications.By the end of this book, you will have learned about the capabilities of Web Components in building custom elements and have the necessary skills for building a reusable UI for your web applications.
Hacking and Security. The Comprehensive Guide to Penetration Testing and Cybersecurity
Rheinwerk Publishing, Inc, Michael Kofler, Klaus Gebeshuber,...
This book provides a comprehensive guide to cybersecurity, covering hacking techniques, tools, and defenses. It begins by introducing key concepts, distinguishing penetration testing from hacking, and explaining hacking tools and procedures. Early chapters focus on security fundamentals, such as attack vectors, intrusion detection, and forensic methods to secure IT systems.As the book progresses, readers explore topics like exploits, authentication, and the challenges of IPv6 security. It also examines the legal aspects of hacking, detailing laws on unauthorized access and negligent IT security. Readers are guided through installing and using Kali Linux for penetration testing, with practical examples of network scanning and exploiting vulnerabilities.Later sections cover a range of essential hacking tools, including Metasploit, OpenVAS, and Wireshark, with step-by-step instructions. The book also explores offline hacking methods, such as bypassing protections and resetting passwords, along with IT forensics techniques for analyzing digital traces and live data. Practical application is emphasized throughout, equipping readers with the skills needed to address real-world cybersecurity threats.
Carlos A. Lozano , Dhruv Shah, Riyaz...
Burp suite is a set of graphic tools focused towards penetration testing of web applications. Burp suite is widely used for web penetration testing by many security professionals for performing different web-level security tasks.The book starts by setting up the environment to begin an application penetration test. You will be able to configure the client and apply target whitelisting. You will also learn to setup and configure Android and IOS devices to work with Burp Suite. The book will explain how various features of Burp Suite can be used to detect various vulnerabilities as part of an application penetration test. Once detection is completed and the vulnerability is confirmed, you will be able to exploit a detected vulnerability using Burp Suite. The book will also covers advanced concepts like writing extensions and macros for Burp suite. Finally, you will discover various steps that are taken to identify the target, discover weaknesses in the authentication mechanism, and finally break the authentication implementation to gain access to the administrative console of the application.By the end of this book, you will be able to effectively perform end-to-end penetration testing with Burp Suite.
Alessandro Parisi
Today's organizations spend billions of dollars globally on cybersecurity. Artificial intelligence has emerged as a great solution for building smarter and safer security systems that allow you to predict and detect suspicious network activity, such as phishing or unauthorized intrusions.This cybersecurity book presents and demonstrates popular and successful AI approaches and models that you can adapt to detect potential attacks and protect your corporate systems. You'll learn about the role of machine learning and neural networks, as well as deep learning in cybersecurity, and you'll also learn how you can infuse AI capabilities into building smart defensive mechanisms. As you advance, you'll be able to apply these strategies across a variety of applications, including spam filters, network intrusion detection, botnet detection, and secure authentication.By the end of this book, you'll be ready to develop intelligent systems that can detect unusual and suspicious patterns and attacks, thereby developing strong network security defenses using AI.
Himanshu Sharma, Joe Marshall
Bug bounties have quickly become a critical part of the security economy. This book shows you how technical professionals with an interest in security can begin productively—and profitably—participating in bug bounty programs.You will learn about SQli, NoSQLi, XSS, XXE, and other forms of code injection. You’ll see how to create CSRF PoC HTML snippets, how to discover hidden content (and what to do with it once it’s found), and how to create the tools for automated pentesting work?ows.Then, you’ll format all of this information within the context of a bug report that will have the greatest chance of earning you cash. With detailed walkthroughs that cover discovering, testing, and reporting vulnerabilities, this book is ideal for aspiring security professionals. You should come away from this work with the skills you need to not only find the bugs you're looking for, but also the best bug bounty programs to participate in, and how to grow your skills moving forward in freelance security research.
Hands-On Cryptography with Python. Leverage the power of Python to encrypt and decrypt data
Samuel Bowne
Cryptography is essential for protecting sensitive information, but it is often performed inadequately or incorrectly. Hands-On Cryptography with Python starts by showing you how to encrypt and evaluate your data. The book will then walk you through various data encryption methods,such as obfuscation, hashing, and strong encryption, and will show how you can attack cryptographic systems. You will learn how to create hashes, crack them, and will understand why they are so different from each other. In the concluding chapters, you will use three NIST-recommended systems: the Advanced Encryption Standard (AES), the Secure Hash Algorithm (SHA), and the Rivest-Shamir-Adleman (RSA). By the end of this book, you will be able to deal with common errors in encryption.
Rajneesh Gupta
Blockchain technology is being welcomed as one of the most revolutionary and impactful innovations of today. Blockchain technology was first identified in the world’s most popular digital currency, Bitcoin, but has now changed the outlook of several organizations and empowered them to use it even for storage and transfer of value.This book will start by introducing you to the common cyberthreat landscape and common attacks such as malware, phishing, insider threats, and DDoS. The next set of chapters will help you to understand the workings of Blockchain technology, Ethereum and Hyperledger architecture and how they fit into the cybersecurity ecosystem. These chapters will also help you to write your first distributed application on Ethereum Blockchain and the Hyperledger Fabric framework. Later, you will learn about the security triad and its adaptation with Blockchain. The last set of chapters will take you through the core concepts of cybersecurity, such as DDoS protection, PKI-based identity, 2FA, and DNS security. You will learn how Blockchain plays a crucial role in transforming cybersecurity solutions.Toward the end of the book, you will also encounter some real-world deployment examples of Blockchain in security cases, and also understand the short-term challenges and future of cybersecurity with Blockchain.
Hands-On Ethical Hacking Tactics. Strategies, tools, and techniques for effective cyber defense
Shane Hartman, Ken Dunham
If you’re an ethical hacker looking to boost your digital defenses and stay up to date with the evolving cybersecurity landscape, then this book is for you. Hands-On Ethical Hacking Tactics is a comprehensive guide that will take you from fundamental to advanced levels of ethical hacking, offering insights into both offensive and defensive techniques. Written by a seasoned professional with 20+ years of experience, this book covers attack tools, methodologies, and procedures, helping you enhance your skills in securing and defending networks.The book starts with foundational concepts such as footprinting, reconnaissance, scanning, enumeration, vulnerability assessment, and threat modeling. Next, you’ll progress to using specific tools and procedures for hacking Windows, Unix, web servers, applications, and databases. The book also gets you up to speed with malware analysis. Throughout the book, you’ll experience a smooth transition from theoretical concepts to hands-on techniques using various platforms. Finally, you’ll explore incident response, threat hunting, social engineering, IoT hacking, and cloud exploitation, which will help you address the complex aspects of ethical hacking.By the end of this book, you’ll have gained the skills you need to navigate the ever-changing world of cybersecurity.
Nipun Jaswal
Network forensics is a subset of digital forensics that deals with network attacks and their investigation. In the era of network attacks and malware threat, it’s now more important than ever to have skills to investigate network attacks and vulnerabilities.Hands-On Network Forensics starts with the core concepts within network forensics, including coding, networking, forensics tools, and methodologies for forensic investigations. You’ll then explore the tools used for network forensics, followed by understanding how to apply those tools to a PCAP file and write the accompanying report. In addition to this, you will understand how statistical flow analysis, network enumeration, tunneling and encryption, and malware detection can be used to investigate your network. Towards the end of this book, you will discover how network correlation works and how to bring all the information from different types of network devices together.By the end of this book, you will have gained hands-on experience of performing forensics analysis tasks.
Hands-On Networking with Azure. Build large-scale, real-world apps using Azure networking solutions
Mohamed Waly
Microsoft Azure networking is one of the most valuable and important offerings in Azure. No matter what solution you are building for the cloud, you'll fi nd a compelling use for it. This book will get you up to speed quickly on Microsoft Azure Networking by teaching you how to use different networking services.By reading this book, you will develop a strong networking foundation for Azure virtual machines and for expanding your on-premise environment to Azure. Hands-On Networking with Azure starts with an introduction to Microsoft Azure networking and creating Azure Virtual Networks with subnets of different types within them. The book helps you understand the architecture of Azure networks. You will then learn the best practices for designing both Windows- and Linux-based Azure VM networks. You will also learn to expand your networks into Azure and how to use Azure DNS. Moreover, you will master best practices for dealing with Azure Load Balancer and the solutions they offer in different scenarios. Finally, we will demonstrate how the Azure Application Gateway works, offering various layer-7 load balancing capabilities for applications. By the end of this book, you will be able to architect your networking solutions for Azure.
Phil Bramwell
Windows has always been the go-to platform for users around the globe to perform administration and ad hoc tasks, in settings that range from small offices to global enterprises, and this massive footprint makes securing Windows a unique challenge. This book will enable you to distinguish yourself to your clients.In this book, you'll learn advanced techniques to attack Windows environments from the indispensable toolkit that is Kali Linux. We'll work through core network hacking concepts and advanced Windows exploitation techniques, such as stack and heap overflows, precision heap spraying, and kernel exploitation, using coding principles that allow you to leverage powerful Python scripts and shellcode.We'll wrap up with post-exploitation strategies that enable you to go deeper and keep your access. Finally, we'll introduce kernel hacking fundamentals and fuzzing testing, so you can discover vulnerabilities and write custom exploits. By the end of this book, you'll be well-versed in identifying vulnerabilities within the Windows OS and developing the desired solutions for them.
Furqan Khan
With the current technological and infrastructural shift, penetration testing is no longer a process-oriented activity. Modern-day penetration testing demands lots of automation and innovation; the only language that dominates all its peers is Python. Given the huge number of tools written in Python, and its popularity in the penetration testing space, this language has always been the first choice for penetration testers.Hands-On Penetration Testing with Python walks you through advanced Python programming constructs. Once you are familiar with the core concepts, you’ll explore the advanced uses of Python in the domain of penetration testing and optimization. You’ll then move on to understanding how Python, data science, and the cybersecurity ecosystem communicate with one another. In the concluding chapters, you’ll study exploit development, reverse engineering, and cybersecurity use cases that can be automated with Python.By the end of this book, you’ll have acquired adequate skills to leverage Python as a helpful tool to pentest and secure infrastructure, while also creating your own custom exploits.
Hands-On Red Team Tactics. A practical guide to mastering Red Team operations
Himanshu Sharma, Harpreet Singh
Red Teaming is used to enhance security by performing simulated attacks on an organization in order to detect network and system vulnerabilities. Hands-On Red Team Tactics starts with an overview of pentesting and Red Teaming, before giving you an introduction to few of the latest pentesting tools. We will then move on to exploring Metasploit and getting to grips with Armitage. Once you have studied the fundamentals, you will learn how to use Cobalt Strike and how to set up its team server.The book introduces some common lesser known techniques for pivoting and how to pivot over SSH, before using Cobalt Strike to pivot. This comprehensive guide demonstrates advanced methods of post-exploitation using Cobalt Strike and introduces you to Command and Control (C2) servers and redirectors. All this will help you achieve persistence using beacons and data exfiltration, and will also give you the chance to run through the methodology to use Red Team activity tools such as Empire during a Red Team activity on Active Directory and Domain Controller.In addition to this, you will explore maintaining persistent access, staying untraceable, and getting reverse connections over different C2 covert channels.By the end of this book, you will have learned about advanced penetration testing tools, techniques to get reverse shells over encrypted channels, and processes for post-exploitation.
Naren Yellavula
Building RESTful web services can be tough as there are countless standards and ways to develop API. In modern architectures such as microservices, RESTful APIs are common in communication, making idiomatic and scalable API development crucial. This book covers basic through to advanced API development concepts and supporting tools.You’ll start with an introduction to REST API development before moving on to building the essential blocks for working with Go. You’ll explore routers, middleware, and available open source web development solutions in Go to create robust APIs, and understand the application and database layers to build RESTful web services. You’ll learn various data formats like protocol buffers and JSON, and understand how to serve them over HTTP and gRPC. After covering advanced topics such as asynchronous API design and GraphQL for building scalable web services, you’ll discover how microservices can benefit from REST. You’ll also explore packaging artifacts in the form of containers and understand how to set up an ideal deployment ecosystem for web services. Finally, you’ll cover the provisioning of infrastructure using infrastructure as code (IaC) and secure your REST API.By the end of the book, you’ll have intermediate knowledge of web service development and be able to apply the skills you’ve learned in a practical way.
Hands-On Security in DevOps. Ensure continuous security, deployment, and delivery with DevSecOps
Tony Hsiang-Chih Hsu
DevOps has provided speed and quality benefits with continuous development and deployment methods, but it does not guarantee the security of an entire organization. Hands-On Security in DevOps shows you how to adopt DevOps techniques to continuously improve your organization’s security at every level, rather than just focusing on protecting your infrastructure.This guide combines DevOps and security to help you to protect cloud services, and teaches you how to use techniques to integrate security directly in your product. You will learn how to implement security at every layer, such as for the web application, cloud infrastructure, communication, and the delivery pipeline layers. With the help of practical examples, you’ll explore the core security aspects, such as blocking attacks, fraud detection, cloud forensics, and incident response. In the concluding chapters, you will cover topics on extending DevOps security, such as risk assessment, threat modeling, and continuous security.By the end of this book, you will be well-versed in implementing security in all layers of your organization and be confident in monitoring and blocking attacks throughout your cloud services.
Hardware i testy penetracyjne. Przewodnik po metodach ataku i obrony
Jean-Georges Valle
Hardware i testy penetracyjne. Przewodnik po metodach ataku i obrony Wraz z rozwojem internetu rzeczy, a także upowszechnianiem się elektronicznego sterowania i kontrolowania różnych procesów przestępcy doskonalą techniki łamania zabezpieczeń systemów wbudowanych. Konsekwencje skutecznego ataku na jakiś kluczowy element infrastruktury mogą się okazać dotkliwe i niezwykle kosztowne. Oznacza to, że testowanie pod kątem bezpieczeństwa powinno dotyczyć sprzętu i systemów wbudowanych. Również elektronicy powinni umieć chronić przed atakami swoje urządzenia. Szczególną rolę w tym procesie odgrywają testy penetracyjne, których celem jest wyszukiwanie luk w zabezpieczeniach. Oto praktyczny przewodnik po bezpieczeństwie sprzętu. Opisuje podstawy sprzętowej architektury systemów wbudowanych i protokoły komunikacyjne stosowane w urządzeniach elektronicznych. Pokazuje, w jaki sposób można przechwytywać przesyłane dane i jak wykorzystać tę wiedzę do przeprowadzania ataków. W książce zaprezentowano techniki identyfikacji i klasyfikacji zagrożeń systemu. Przeanalizowano także zależności łączące system wbudowany z jego otoczeniem, przy czym zwrócono uwagę na możliwe podatności na ataki i konsekwencje ewentualnego odczytania oprogramowania układowego. W końcowej części natomiast omówiono zasady inżynierii wstecznej oprogramowania, umożliwiającej ataki na urządzenia. Znajdziemy tu również wskazówki dotyczące ochrony urządzeń przed najbardziej typowymi atakami. Dzięki książce dowiesz się, jak: testować systemy wbudowane i rozpoznawać ich najważniejsze funkcjonalności identyfikować i atakować krytyczne zabezpieczenia odczytywać i modyfikować dane zapisane w systemach wbudowanych badać zależności pomiędzy oprogramowaniem układowym a sprzętem atakować zabezpieczenia stosowane w różnych blokach funkcjonalnych urządzeń rozwijać laboratorium umożliwiające zaawansowane analizy i przygotowanie ataków Internet rzeczy również można skutecznie zaatakować!
Hartowanie Linuksa we wrogich środowiskach sieciowych. Ochrona serwera od TLS po Tor
Kyle Rankin
Bezpieczeństwo serwerów - od TLS do TOR W dzisiejszym świecie, w którym wiele codziennych aktywności odbywa się przez internet, bardzo dużo zależy od bezpieczeństwa serwerów. Kiedy zwykli ludzie tworzą społeczności, komunikują się i robią zakupy online, hakerzy niestrudzenie przeglądają sieć, poszukując słabych punktów. Atakują różne obiekty: mogą to być agencje rządowe, elektrownie i banki, ale równie dobrze ich celem może się stać jakakolwiek sieć komputerów. Chodzi o uzyskanie wrażliwych informacji, zbiorów danych osobowych czy wreszcie przejęcie kontroli nad systemem. Co gorsza, agresorzy odnoszą sukcesy nawet w przypadku sieci, w których wdrożono złożone i kosztowne zabezpieczenia. Dzięki tej książce poznasz sprawdzone i niezbyt skomplikowane procedury, które pozwolą Ci na zahartowanie swoich danych. Zawarte tu treści przedstawiono w sposób bardzo praktyczny, z uwzględnieniem najnowszych osiągnięć w dziedzinie zabezpieczania systemów. Najpierw zapoznasz się z ogólnym ujęciem tematyki bezpieczeństwa systemów, w tym stacji roboczych, serwerów i sieci. Następnie dowiesz się, w jaki sposób zahartować specyficzne usługi, takie jak serwery WWW, pocztę elektroniczną, systemy DNS i bazy danych. Na końcu książki znalazł się rozdział poświęcony reagowaniu na incydenty - to również jest wiedza potrzebna każdemu administratorowi. Najciekawsze zagadnienia: Hartowanie stacji roboczych, w tym stacji roboczych administratorów Zabezpieczanie infrastruktury i ustawienie zapory sieciowej Zaawansowane hartowanie serwerów poczty elektronicznej Korzystanie z podstawowych i zaawansowanych właściwości usługi DNS Poruszanie się w sieci TOR Po pierwsze: zabezpiecz swoją sieć i zahartuj swój system! Kyle Rankin od wielu lat zajmuje się administrowaniem systemów informatycznych. Jest uznanym ekspertem w dziedzinie zabezpieczania infrastruktury, architektury, automatyzacji i rozwiązywania problemów z tym związanych. Rankin jest nagradzanym felietonistą magazynu "Linux Journal" i przewodniczącym rady doradczej Purism. Często wygłasza referaty na konferencjach poświęconych oprogramowaniu open source i bezpieczeństwu, takich jak O'Reilly Security Conference, CactusCon, SCALE, OSCON, LinuxWorld Expo, Penguicon.
Nikki Robinson, Calvin Nobles, Chris Cochran
Cybersecurity isn’t just a technical problem; it’s a human one. Human Factors in Cybersecurity equips you to tackle today’s digital threats by designing systems that respect how cybersecurity professionals actually think, behave, and make decisions.Despite billions spent on advanced technologies, human behavior remains cybersecurity’s greatest vulnerability. This book shows how to design defenses that work with people, not against them. Blending cybersecurity operations expertise with human factors science, it reveals that security failures are not inevitable. They’re design failures. Inside, you’ll learn how to shift from user-blaming policies to human-centered security engineering. Discover how to predict and influence user behavior, design controls that support cognitive realities, and embed human factors strategies at scale. Through actionable frameworks, real-world examples, and clear guidance, you will learn to reduce errors, build trust, and design systems resilient to human limitations.Authored by experts in cybersecurity, machine learning, and human factors engineering, this book delivers the interdisciplinary insight needed to lead the shift toward systems that are not only secure but genuinely usable. It transforms human factors from cybersecurity’s biggest blind spot into its most powerful driver of resilience.
Sreekanth Iyer
Security is a primary concern for enterprises going through digital transformation and accelerating their journey to multi-cloud environments. This book recommends a simple pattern-based approach to architecting, designing and implementing security for workloads deployed on AWS, Microsoft Azure, Google Cloud, and IBM Cloud.The book discusses enterprise modernization trends and related security opportunities and challenges. You’ll understand how to implement identity and access management for your cloud resources and applications. Later chapters discuss patterns to protect cloud infrastructure (compute, storage and network) and provide protection for data at rest, in transit and in use. You’ll also learn how to shift left and include security in the early stages of application development to adopt DevSecOps. The book also deep dives into threat monitoring, configuration and vulnerability management, and automated incident response. Finally, you’ll discover patterns to implement security posture management backed with intelligence and automated protection to stay ahead of threats.By the end of this book, you’ll have learned all the hybrid cloud security patterns and be able to use them to create zero trust architecture that provides continuous security and compliance for your cloud workloads.
Eric Siron, Andy Syrewicze
Hyper-V Security is intended for administrators with a solid working knowledge of Hyper-V Server, Windows Server, and Active Directory. An administrator with a functional environment will be able to use the knowledge and examples present in this book to enhance security.