Hacking

DevSecOps for Azure. End-to-end supply chain security for GitHub, Azure DevOps, and the Azure cloud

David Okeyode, Joylynn Kirui, Scott Hanselman

Businesses must prioritize security, especially when working in the constantly evolving Azure cloud. However, many organizations struggle to maintain security and compliance. Attackers are increasingly targeting software development processes, making software supply chain security crucial. This includes source control systems, build systems, CI/CD platforms, and various artifacts. With the help of this book, you’ll be able to enhance security and compliance in Azure software development processes.Starting with an overview of DevOps and its relationship with Agile methodologies and cloud computing, you'll gain a solid foundation in DevSecOps principles. The book then delves into the security challenges specific to DevOps workflows and how to address them effectively. You'll learn how to implement security measures in the planning phase, including threat modeling and secure coding practices. You'll also explore pre-commit security controls, source control security, and the integration of various security tools in the build and test phases. The book covers crucial aspects of securing the release and deploy phases, focusing on artifact integrity, infrastructure as code security, and runtime protection.By the end of this book, you’ll have the knowledge and skills to implement a secure code-to-cloud process for the Azure cloud.

DevSecOps in Practice with VMware Tanzu. Build, run, and manage secure multi-cloud apps at scale on Kubernetes with the Tanzu portfolio

Parth Pandit, Robert Hardt

As Kubernetes (or K8s) becomes more prolific, managing large clusters at scale in a multi-cloud environment becomes more challenging – especially from a developer productivity and operational efficiency point of view. DevSecOps in Practice with VMware Tanzu addresses these challenges by automating the delivery of containerized workloads and controlling multi-cloud Kubernetes operations using Tanzu tools.This comprehensive guide begins with an overview of the VMWare Tanzu platform and discusses its tools for building useful and secure applications using the App Accelerator, Build Service, Catalog service, and API portal. Next, you’ll delve into running those applications efficiently at scale with Tanzu Kubernetes Grid and Tanzu Application Platform. As you advance, you’ll find out how to manage these applications, and control, observe, and connect them using Tanzu Mission Control, Tanzu Observability, and Tanzu Service Mesh. Finally, you’ll explore the architecture, capabilities, features, installation, configuration, implementation, and benefits of these services with the help of examples.By the end of this VMware book, you’ll have gained a thorough understanding of the VMWare Tanzu platform and be able to efficiently articulate and solve real-world business problems.

Digital Ethics in the Age of AI. Navigating the ethical frontier today and beyond

IT Governance Publishing, Dr. Julie E. Mehan

Digital Ethics in the Age of AI explores the profound ethical challenges posed by the rise of artificial intelligence and its integration into our daily lives. The book covers AI’s disruptive effects across various sectors, including misinformation, privacy, and job displacement, offering clear explanations and real-world examples. The author delves into the role of AI in spreading misinformation and disinformation, including the creation of deepfakes, and highlights the increasing risk of online disinhibition driven by AI-powered interactions. The book also addresses the cognitive biases embedded within AI systems and the growing concerns over privacy, data security, and surveillance in an age of ubiquitous AI technologies. Finally, the book explores the potential for AI-driven job displacement, particularly in the cognitive class, and the societal implications of such disruptions. It also covers intellectual property challenges in the age of AI and the complexities surrounding generative AI’s impact on privacy and digital ownership. Offering solutions for mitigating these risks, Digital Ethics in the Age of AI provides a roadmap for navigating the ethical and regulatory landscape of AI today and in the future.

Digital Ethics in the Age of AI. Navigating the ethical frontier today and beyond

IT Governance Publishing, Dr. Julie E. Mehan

Digital Ethics in the Age of AI explores the profound ethical challenges posed by the rise of artificial intelligence and its integration into our daily lives. The book covers AI’s disruptive effects across various sectors, including misinformation, privacy, and job displacement, offering clear explanations and real-world examples. The author delves into the role of AI in spreading misinformation and disinformation, including the creation of deepfakes, and highlights the increasing risk of online disinhibition driven by AI-powered interactions. The book also addresses the cognitive biases embedded within AI systems and the growing concerns over privacy, data security, and surveillance in an age of ubiquitous AI technologies. Finally, the book explores the potential for AI-driven job displacement, particularly in the cognitive class, and the societal implications of such disruptions. It also covers intellectual property challenges in the age of AI and the complexities surrounding generative AI’s impact on privacy and digital ownership. Offering solutions for mitigating these risks, Digital Ethics in the Age of AI provides a roadmap for navigating the ethical and regulatory landscape of AI today and in the future.

Digital Forensics and Incident Response. Incident response tools and techniques for effective cyber threat response - Third Edition

Gerard Johansen

An understanding of how digital forensics integrates with the overall response to cybersecurity incidents is key to securing your organization’s infrastructure from attacks. This updated third edition will help you perform cutting-edge digital forensic activities and incident response with a new focus on responding to ransomware attacks.After covering the fundamentals of incident response that are critical to any information security team, you’ll explore incident response frameworks. From understanding their importance to creating a swift and effective response to security incidents, the book will guide you using examples. Later, you’ll cover digital forensic techniques, from acquiring evidence and examining volatile memory through to hard drive examination and network-based evidence. You’ll be able to apply these techniques to the current threat of ransomware. As you progress, you’ll discover the role that threat intelligence plays in the incident response process. You’ll also learn how to prepare an incident response report that documents the findings of your analysis. Finally, in addition to various incident response activities, the book will address malware analysis and demonstrate how you can proactively use your digital forensic skills in threat hunting.By the end of this book, you’ll be able to investigate and report unwanted security breaches and incidents in your organization.

Digital Forensics and Incident Response. Incident response tools and techniques for effective cyber threat response - Third Edition

Gerard Johansen

An understanding of how digital forensics integrates with the overall response to cybersecurity incidents is key to securing your organization’s infrastructure from attacks. This updated third edition will help you perform cutting-edge digital forensic activities and incident response with a new focus on responding to ransomware attacks.After covering the fundamentals of incident response that are critical to any information security team, you’ll explore incident response frameworks. From understanding their importance to creating a swift and effective response to security incidents, the book will guide you using examples. Later, you’ll cover digital forensic techniques, from acquiring evidence and examining volatile memory through to hard drive examination and network-based evidence. You’ll be able to apply these techniques to the current threat of ransomware. As you progress, you’ll discover the role that threat intelligence plays in the incident response process. You’ll also learn how to prepare an incident response report that documents the findings of your analysis. Finally, in addition to various incident response activities, the book will address malware analysis and demonstrate how you can proactively use your digital forensic skills in threat hunting.By the end of this book, you’ll be able to investigate and report unwanted security breaches and incidents in your organization.

Digital Forensics with Kali Linux. Enhance your investigation skills by performing network and memory forensics with Kali Linux 2022.x - Third Edition

Shiva V. N. Parasram

Kali Linux is a Linux-based distribution that's widely used for penetration testing and digital forensics. This third edition is updated with real-world examples and detailed labs to help you take your investigation skills to the next level using powerful tools.This new edition will help you explore modern techniques for analysis, extraction, and reporting using advanced tools such as FTK Imager, Hex Editor, and Axiom. You’ll cover the basics and advanced areas of digital forensics within the world of modern forensics while delving into the domain of operating systems. As you advance through the chapters, you'll explore various formats for file storage, including secret hiding places unseen by the end user or even the operating system. You’ll also discover how to install Windows Emulator, Autopsy 4 in Kali, and how to use Nmap and NetDiscover to find device types and hosts on a network, along with creating forensic images of data and maintaining integrity using hashing tools. Finally, you'll cover advanced topics such as autopsies and acquiring investigation data from networks, memory, and operating systems.By the end of this digital forensics book, you'll have gained hands-on experience in implementing all the pillars of digital forensics: acquisition, extraction, analysis, and presentation – all using Kali Linux's cutting-edge tools.

Disaster Recovery and Business Continuity. A quick guide for organisations and business managers

IT Governance Publishing, Thejendra B.S

This book delves into disaster recovery (DR) and business continuity (BC), offering practical strategies for organizations to prepare for and manage disruptions. It starts by defining core concepts of DR and BC, highlighting their role in crisis management. Early chapters explore business impact analysis, data protection, and risk assessment, while examining common IT and non-IT disasters like data loss, cyberattacks, and communication failures.Later sections focus on specific disaster scenarios, such as virus attacks, software failures, and data center risks, offering prevention methods and recovery plans. It also addresses human factors in DR, covering IT staff and contractor management, and the risks tied to outsourcing and project failures.In addition to IT risks, the book explores non-IT disasters, including health crises, financial challenges, and natural events, with strategies for mitigation. The final chapters provide guidance on creating and testing contingency plans, featuring checklists and mock run procedures. This book empowers readers to design, implement, and maintain effective DR and BC plans for their organization’s needs.

Disaster Recovery and Business Continuity. A quick guide for organisations and business managers

IT Governance Publishing, Thejendra B.S

This book delves into disaster recovery (DR) and business continuity (BC), offering practical strategies for organizations to prepare for and manage disruptions. It starts by defining core concepts of DR and BC, highlighting their role in crisis management. Early chapters explore business impact analysis, data protection, and risk assessment, while examining common IT and non-IT disasters like data loss, cyberattacks, and communication failures.Later sections focus on specific disaster scenarios, such as virus attacks, software failures, and data center risks, offering prevention methods and recovery plans. It also addresses human factors in DR, covering IT staff and contractor management, and the risks tied to outsourcing and project failures.In addition to IT risks, the book explores non-IT disasters, including health crises, financial challenges, and natural events, with strategies for mitigation. The final chapters provide guidance on creating and testing contingency plans, featuring checklists and mock run procedures. This book empowers readers to design, implement, and maintain effective DR and BC plans for their organization’s needs.

Discrete Mathematics With Cryptographic Applications. A Self-Teaching Guide to Unlocking the Power of Advanced Concepts and Computational Techniques

Mercury Learning and Information, Alexander I. Kheyfits

This book offers a comprehensive guide to discrete mathematics and its applications to cryptography. It is designed for students and professionals in fields such as discrete mathematics and finite mathematics, with all necessary prerequisites clearly explained and illustrated. The text introduces key concepts in number theory, coding theory, and information theory, which are essential for understanding cryptography.Understanding discrete mathematics is crucial for anyone working in cryptography and related fields. The book begins with a survey of elementary functions and moves on to propositional algebra, set theory, and algebraic structures like groups, rings, and fields. It covers binary relations, combinatorics, and elements of number theory, which are fundamental to cryptographic methods.Readers will explore topics such as Boolean functions, hashing functions, cryptographic maps, combinatorial circuits, and graph theory. The book also delves into advanced areas like finite automata, game theory, and Turing machines. Through numerous examples, problems, and solutions, readers will gain a solid foundation in discrete mathematics and its cryptographic applications.

Diving into Secure Access Service Edge. A technical leadership guide to achieving success with SASE at market speed

Jeremiah Ginn

The SASE concept was coined by Gartner after seeing a pattern emerge in cloud and SD-WAN projects where full security integration was needed. The market behavior lately has sparked something like a space race for all technology manufacturers and cloud service providers to offer a SASE solution. The current training available in the market is minimal and manufacturer-oriented, with new services being released every few weeks. Professional architects and engineers trying to implement SASE need to take a manufacturer-neutral approach.This guide provides a foundation for understanding SASE, but it also has a lasting impact because it not only addresses the problems that existed at the time of publication, but also provides a continual learning approach to successfully lead in a market that evolves every few weeks. Technology teams need a tool that provides a model to keep up with new information as it becomes available and stay ahead of market hype.With this book, you’ll learn about crucial models for SASE success in designing, building, deploying, and supporting operations to ensure the most positive user experience (UX). In addition to SASE, you’ll gain insight into SD-WAN design, DevOps, zero trust, and next-generation technical education methods.

Diving into Secure Access Service Edge. A technical leadership guide to achieving success with SASE at market speed

Jeremiah Ginn

The SASE concept was coined by Gartner after seeing a pattern emerge in cloud and SD-WAN projects where full security integration was needed. The market behavior lately has sparked something like a space race for all technology manufacturers and cloud service providers to offer a SASE solution. The current training available in the market is minimal and manufacturer-oriented, with new services being released every few weeks. Professional architects and engineers trying to implement SASE need to take a manufacturer-neutral approach.This guide provides a foundation for understanding SASE, but it also has a lasting impact because it not only addresses the problems that existed at the time of publication, but also provides a continual learning approach to successfully lead in a market that evolves every few weeks. Technology teams need a tool that provides a model to keep up with new information as it becomes available and stay ahead of market hype.With this book, you’ll learn about crucial models for SASE success in designing, building, deploying, and supporting operations to ensure the most positive user experience (UX). In addition to SASE, you’ll gain insight into SD-WAN design, DevOps, zero trust, and next-generation technical education methods.