Hacking
Rejah Rehim
Penetration testing is a practice of testing a computer system, network, or web application to find weaknesses in security that an attacker can exploit. Effective Python Penetration Testing will help you utilize your Python scripting skills to safeguard your networks from cyberattacks. We will begin by providing you with an overview of Python scripting and penetration testing. You will learn to analyze network traffic by writing Scapy scripts and will see how to fingerprint web applications with Python libraries such as ProxMon and Spynner. Moving on, you will find out how to write basic attack scripts, and will develop debugging and reverse engineering skills with Python libraries. Toward the end of the book, you will discover how to utilize cryptography toolkits in Python and how to automate Python tools and libraries.
Mostafa Yahia
Effective threat investigation requires strong technical expertise, analytical skills, and a deep understanding of cyber threats and attacker techniques. It's a crucial skill for SOC analysts, enabling them to analyze different threats and identify security incident origins. This book provides insights into the most common cyber threats and various attacker techniques to help you hone your incident investigation skills.The book begins by explaining phishing and email attack types and how to detect and investigate them, along with Microsoft log types such as Security, System, PowerShell, and their events. Next, you’ll learn how to detect and investigate attackers' techniques and malicious activities within Windows environments. As you make progress, you’ll find out how to analyze the firewalls, flows, and proxy logs, as well as detect and investigate cyber threats using various security solution alerts, including EDR, IPS, and IDS. You’ll also explore popular threat intelligence platforms such as VirusTotal, AbuseIPDB, and X-Force for investigating cyber threats and successfully build your own sandbox environment for effective malware analysis.By the end of this book, you’ll have learned how to analyze popular systems and security appliance logs that exist in any environment and explore various attackers' techniques to detect and investigate them with ease.
Electron Projects. Build over 9 cross-platform desktop applications from scratch
Denys Vuika
The Electron framework allows you to use modern web technologies to build applications that share the same code across all operating systems and platforms. This also helps designers to easily transition from the web to the desktop. Electron Projects guides you through building cross-platform Electron apps with modern web technologies and JavaScript frameworks such as Angular, React.js, and Vue.js.You’ll explore the process of configuring modern JavaScript frameworks and UI libraries, real-time analytics and automatic updates, and interactions with the operating system. You’ll get hands-on with building a basic Electron app, before moving on to implement a Markdown Editor. In addition to this, you’ll be able to experiment with major JavaScript frameworks such as Angular and Vue.js, discovering ways to integrate them with Electron apps for building cross-platform desktop apps. Later, you’ll learn to build a screenshot snipping tool, a mini-game, and a music player, while also gaining insights into analytics, bug tracking, and licensing. You’ll then get to grips with building a chat app, an eBook generator and finally a simple digital wallet app.By the end of this book, you’ll have experience in building a variety of projects and project templates that will help you to apply your knowledge when creating your own cross-platform applications.
Empirical Cloud Security. A Guide To Practical Intelligence to Evaluate Risks and Attacks
Mercury Learning and Information, Aditya K. Sood
This book, updated to include the latest research and developments in cloud security, is essential for security professionals, DevOps engineers, penetration testers, cloud security engineers, and cloud software developers. It offers practical approaches to securing cloud infrastructure and applications against threats, attacks, and data breaches. The content is refined for better accessibility and engagement, providing a comprehensive guide to cloud security.The course starts with fundamental cloud security concepts and progresses to hands-on assessment techniques based on real-world case studies. It covers cloud architecture, IAM for authentication and authorization, network security, database and storage security, cryptography controls, secure code review, and monitoring and logging. The practical strategies for assessing security and privacy are crucial for building a robust cloud infrastructure.The journey concludes with advanced topics such as privacy in the cloud, identifying security flaws and attacks, and understanding the impact of malicious code. New case studies reveal how threat actors exploit cloud environments, offering preventative measures to enhance cloud security. This structured approach ensures a thorough understanding and practical application of cloud security principles.
Guven Boyraz
In this data-driven age, safeguarding sensitive data and privacy has become paramount, demanding a deep understanding of the intricacies of cyberspace and its associated threats. With a focus on endpoint defense, Endpoint Detection and Response Essentials guides you in implementing EDR solutions to stay ahead of attackers and ensure the overall security posture of your IT infrastructure.Starting with an insightful introduction to EDR and its significance in the modern cyber threat landscape, this book offers a quick overview of popular EDR tools followed by their practical implementation. From real-world case studies, best practices, and deployment strategies to maximizing the effectiveness of EDR, including endpoint hardening techniques and advanced DNS visibility methods, this comprehensive resource equips you with the knowledge and hands-on skills to strengthen your organization’s defense against cyber attacks. Recognizing the role of the DNS protocol, you’ll fortify your organization's endpoint defense proactively.By the end of this book, you'll have honed the skills needed to construct a resilient cybersecurity defense for yourself and your organization.
Yuri Diogenes
Cloud security is a pivotal aspect of modern IT infrastructure, essential for safeguarding critical data and services. This comprehensive book explores Cloud Native Application Protection Platform (CNAPP), guiding you through adopting, deploying, and managing these solutions effectively. Written by Yuri Diogenes, Principal PM at Microsoft, who has been with Defender for Cloud (formerly Azure Security Center) since its inception, this book distills complex concepts into actionable knowledge making it an indispensable resource for Cloud Security professionals.The book begins with a solid foundation detailing the why and how of CNAPP, preparing you for deeper engagement with the subject. As you progress, it delves into practical applications, including using Microsoft Defender for Cloud to enhance your organization's security posture, handle multicloud environments, and integrate governance and continuous improvement practices into your operations.Further, you'll learn how to operationalize your CNAPP framework, emphasizing risk management & attack disruption, leveraging AI to enhance security measures, and integrating Defender for Cloud with Microsoft Security Exposure Management. By the end, you'll be ready to implement and optimize a CNAPP solution in your workplace, ensuring a robust defense against evolving threats.
Enterprise Agility. Being Agile in a Changing World
Sunil Mundra
The biggest challenge enterprises face today is dealing with fast-paced change in all spheres of business. Enterprise Agility shows how an enterprise can address this challenge head on and thrive in the dynamic environment. Avoiding the mechanistic construction of existing enterprises that focus on predictability and certainty, Enterprise Agility delivers practical advice for responding and adapting to the scale and accelerating pace of disruptive change in the business environment.Agility is a fundamental shift in thinking about how enterprises work to effectively deal with disruptive changes in the business environment. The core belief underlying agility is that enterprises are open and living systems. These living systems, also known as complex adaptive systems (CAS), are ideally suited to deal with change very effectively.Agility is to enterprises what health is to humans. There are some foundational principles that can be broadly applied, but the definition of healthy is very specific to each individual. Enterprise Agility takes a similar approach with regard to agility: it suggests foundational practices to improve the overall health of the body—culture, mindset, and leadership—and the health of its various organs: people, process, governance, structure, technology, and customers. The book also suggests a practical framework to create a plan to enhance agility.
Ganesan Senthilvel, Ovais Mehboob Ahmed Khan, Habib...
If you want to design and develop enterprise applications using .NET Core as the development framework and learn about industry-wide best practices and guidelines, then this book is for you. The book starts with a brief introduction to enterprise architecture, which will help you to understand what enterprise architecture is and what the key components are. It will then teach you about the types of patterns and the principles of software development, and explain the various aspects of distributed computing to keep your applications effective and scalable. These chapters act as a catalyst to start the practical implementation, and design and develop applications using different architectural approaches, such as layered architecture, service oriented architecture, microservices and cloud-specific solutions. Gradually, you will learn about the different approaches and models of the Security framework and explore various authentication models and authorization techniques, such as social media-based authentication and safe storage using app secrets. By the end of the book, you will get to know the concepts and usage of the emerging fields, such as DevOps, BigData, architectural practices, and Artificial Intelligence.