Bezpieczeństwo sieci

Cybersecurity w pytaniach i odpowiedziach

Wojciech Ciemski

Co o cyberbezpieczeństwie każdy wiedzieć powinien W świecie, w którym większość naszych mniej lub bardziej wrażliwych danych przechowywana jest w sieci, cyberbezpieczeństwo powinno być tematem numer jeden. Niestety, na ogół nie jest, bo… Po prostu nie chce się nam myśleć o zastosowaniu odpowiednich zabezpieczeń. Stają się one dla nas kluczowe dopiero, kiedy ktoś się cyberwłamie i realnie skradnie coś, co było dla nas istotne: hasło do poczty e-mail, pieniądze z konta w banku, zdjęcia, które wolelibyśmy zachować dla siebie, itd. Tyle że wtedy jest już za późno.  Ta książka powstała po to, by jej czytelnik zdążył wyprzedzić zagrożenie. Stanowi wprowadzenie do zagadnienia cyberbezpieczeństwa. Podzielona na kilka kluczowych części (systemy operacyjne, sieci komputerowe, aplikacje webowe, kryptografia, wreszcie cyberbezpieczeństwo jako takie), pozwala zapoznać się z najważniejszymi zagrożeniami i ze sposobami zabezpieczeń. Przybliża terminologię związaną z tematem i stanowi świetny punkt wyjścia do dalszego zgłębiania jego wybranych aspektów.  Cyberniebezpieczeństwo czyha. Czy jesteś na nie przygotowany?

Deep Reinforcement Learning Hands-On. Apply modern RL methods to practical problems of chatbots, robotics, discrete optimization, web automation, and more - Second Edition

Maxim Lapan

Deep Reinforcement Learning Hands-On, Second Edition is an updated and expanded version of the bestselling guide to the very latest reinforcement learning (RL) tools and techniques. It provides you with an introduction to the fundamentals of RL, along with the hands-on ability to code intelligent learning agents to perform a range of practical tasks.With six new chapters devoted to a variety of up-to-the-minute developments in RL, including discrete optimization (solving the Rubik's Cube), multi-agent methods, Microsoft's TextWorld environment, advanced exploration techniques, and more, you will come away from this book with a deep understanding of the latest innovations in this emerging field.In addition, you will gain actionable insights into such topic areas as deep Q-networks, policy gradient methods, continuous control problems, and highly scalable, non-gradient methods. You will also discover how to build a real hardware robot trained with RL for less than $100 and solve the Pong environment in just 30 minutes of training using step-by-step code optimization.In short, Deep Reinforcement Learning Hands-On, Second Edition, is your companion to navigating the exciting complexities of RL as it helps you attain experience and knowledge through real-world examples.

DevSecOps in Practice with VMware Tanzu. Build, run, and manage secure multi-cloud apps at scale on Kubernetes with the Tanzu portfolio

Parth Pandit, Robert Hardt

As Kubernetes (or K8s) becomes more prolific, managing large clusters at scale in a multi-cloud environment becomes more challenging – especially from a developer productivity and operational efficiency point of view. DevSecOps in Practice with VMware Tanzu addresses these challenges by automating the delivery of containerized workloads and controlling multi-cloud Kubernetes operations using Tanzu tools.This comprehensive guide begins with an overview of the VMWare Tanzu platform and discusses its tools for building useful and secure applications using the App Accelerator, Build Service, Catalog service, and API portal. Next, you’ll delve into running those applications efficiently at scale with Tanzu Kubernetes Grid and Tanzu Application Platform. As you advance, you’ll find out how to manage these applications, and control, observe, and connect them using Tanzu Mission Control, Tanzu Observability, and Tanzu Service Mesh. Finally, you’ll explore the architecture, capabilities, features, installation, configuration, implementation, and benefits of these services with the help of examples.By the end of this VMware book, you’ll have gained a thorough understanding of the VMWare Tanzu platform and be able to efficiently articulate and solve real-world business problems.

Digital Forensics and Incident Response. Incident response tools and techniques for effective cyber threat response - Third Edition

Gerard Johansen

An understanding of how digital forensics integrates with the overall response to cybersecurity incidents is key to securing your organization’s infrastructure from attacks. This updated third edition will help you perform cutting-edge digital forensic activities and incident response with a new focus on responding to ransomware attacks.After covering the fundamentals of incident response that are critical to any information security team, you’ll explore incident response frameworks. From understanding their importance to creating a swift and effective response to security incidents, the book will guide you using examples. Later, you’ll cover digital forensic techniques, from acquiring evidence and examining volatile memory through to hard drive examination and network-based evidence. You’ll be able to apply these techniques to the current threat of ransomware. As you progress, you’ll discover the role that threat intelligence plays in the incident response process. You’ll also learn how to prepare an incident response report that documents the findings of your analysis. Finally, in addition to various incident response activities, the book will address malware analysis and demonstrate how you can proactively use your digital forensic skills in threat hunting.By the end of this book, you’ll be able to investigate and report unwanted security breaches and incidents in your organization.

Digital Forensics with Kali Linux. Enhance your investigation skills by performing network and memory forensics with Kali Linux 2022.x - Third Edition

Shiva V. N. Parasram

Kali Linux is a Linux-based distribution that's widely used for penetration testing and digital forensics. This third edition is updated with real-world examples and detailed labs to help you take your investigation skills to the next level using powerful tools.This new edition will help you explore modern techniques for analysis, extraction, and reporting using advanced tools such as FTK Imager, Hex Editor, and Axiom. You’ll cover the basics and advanced areas of digital forensics within the world of modern forensics while delving into the domain of operating systems. As you advance through the chapters, you'll explore various formats for file storage, including secret hiding places unseen by the end user or even the operating system. You’ll also discover how to install Windows Emulator, Autopsy 4 in Kali, and how to use Nmap and NetDiscover to find device types and hosts on a network, along with creating forensic images of data and maintaining integrity using hashing tools. Finally, you'll cover advanced topics such as autopsies and acquiring investigation data from networks, memory, and operating systems.By the end of this digital forensics book, you'll have gained hands-on experience in implementing all the pillars of digital forensics: acquisition, extraction, analysis, and presentation – all using Kali Linux's cutting-edge tools.

Diving into Secure Access Service Edge. A technical leadership guide to achieving success with SASE at market speed

Jeremiah Ginn

The SASE concept was coined by Gartner after seeing a pattern emerge in cloud and SD-WAN projects where full security integration was needed. The market behavior lately has sparked something like a space race for all technology manufacturers and cloud service providers to offer a SASE solution. The current training available in the market is minimal and manufacturer-oriented, with new services being released every few weeks. Professional architects and engineers trying to implement SASE need to take a manufacturer-neutral approach.This guide provides a foundation for understanding SASE, but it also has a lasting impact because it not only addresses the problems that existed at the time of publication, but also provides a continual learning approach to successfully lead in a market that evolves every few weeks. Technology teams need a tool that provides a model to keep up with new information as it becomes available and stay ahead of market hype.With this book, you’ll learn about crucial models for SASE success in designing, building, deploying, and supporting operations to ensure the most positive user experience (UX). In addition to SASE, you’ll gain insight into SD-WAN design, DevOps, zero trust, and next-generation technical education methods.

Docker Networking Cookbook. 60 practical recipes that help you gain expertise with Docker networking and understand the underlying constructs that make it all work

Jon Langemak, Aditya Amar

Networking functionality in Docker has changed considerably since its first release, evolving to offer a rich set of built-in networking features, as well as an extensible plugin model allowing for a wide variety of networking functionality. This book explores Docker networking capabilities from end to end. Begin by examining the building blocks used by Docker to implement fundamental containing networking before learning how to consume built-in networking constructs as well as custom networks you create on your own. Next, explore common third-party networking plugins, including detailed information on how these plugins inter-operate with the Docker engine. Consider available options for securing container networks, as well as a process for troubleshooting container connectivity.Finally, examine advanced Docker networking functions and their relevant use cases, tying together everything you need to succeed with your own projects.

Efektywne zarządzanie podatnościami na zagrożenia. Jak minimalizować ryzyko w cyfrowym ekosystemie

Chris Hughes, Nikki Robinson

Musisz sobie uświadomić, że korzystanie z systemów opartych na chmurze wiąże się z cyberzagrożeniami - podobnie jak w przypadku tradycyjnej infrastruktury. Musisz się dobrze orientować w złożoności swojego systemu i w powiązaniach poszczególnych elementów. Dopiero na tej podstawie możesz planować i ustalać priorytety we własnym programie zarządzania ryzykiem, uwzględniając przy tym wiele innych zagadnień. W tej praktycznej książce znajdziesz opis kompleksowych praktyk, dzięki którym współczesne organizacje utrzymujące złożone ekosystemy oprogramowania mogą skutecznie identyfikować podatności, zarządzać nimi i ograniczać ryzyko wystąpienia poważnych naruszeń bezpieczeństwa. Dowiesz się, dlaczego nie wystarczy po prostu "użyć łatki", aby naprawić znane luki w oprogramowaniu. Poznasz zasady profesjonalnego zarządzania podatnościami uwzględniające monitorowanie systemów i baz danych podatności. Przekonasz się, jak ważne są czynnik ludzki i identyfikacja czynników psychologicznych, które podczas interakcji użytkownika z oprogramowaniem przyczyniają się do powstawania podatności. W miarę lektury książki przyswoisz wydajne i skuteczne strategie, dzięki którym zapewnisz swojej organizacji wysoki poziom cyberbezpieczeństwa. Najciekawsze zagadnienia: zarządzanie złożonymi środowiskami poprawki do oprogramowania i bezpieczna konfiguracja ocena podatności i łączenie ich w łańcuch czynnik ludzki w zarządzaniu podatnościami oprogramowanie bezpieczne już na etapie projektu budowa dojrzałego modelu zarządzania podatnościami Sprawdź, jak w erze chmury zarządzać ryzykiem informatycznym!