Hacking

Empirical Cloud Security. A Guide To Practical Intelligence to Evaluate Risks and Attacks

Mercury Learning and Information, Aditya K. Sood

This book, updated to include the latest research and developments in cloud security, is essential for security professionals, DevOps engineers, penetration testers, cloud security engineers, and cloud software developers. It offers practical approaches to securing cloud infrastructure and applications against threats, attacks, and data breaches. The content is refined for better accessibility and engagement, providing a comprehensive guide to cloud security.The course starts with fundamental cloud security concepts and progresses to hands-on assessment techniques based on real-world case studies. It covers cloud architecture, IAM for authentication and authorization, network security, database and storage security, cryptography controls, secure code review, and monitoring and logging. The practical strategies for assessing security and privacy are crucial for building a robust cloud infrastructure.The journey concludes with advanced topics such as privacy in the cloud, identifying security flaws and attacks, and understanding the impact of malicious code. New case studies reveal how threat actors exploit cloud environments, offering preventative measures to enhance cloud security. This structured approach ensures a thorough understanding and practical application of cloud security principles.

Endpoint Detection and Response Essentials. Explore the landscape of hacking, defense, and deployment in EDR

Guven Boyraz

In this data-driven age, safeguarding sensitive data and privacy has become paramount, demanding a deep understanding of the intricacies of cyberspace and its associated threats. With a focus on endpoint defense, Endpoint Detection and Response Essentials guides you in implementing EDR solutions to stay ahead of attackers and ensure the overall security posture of your IT infrastructure.Starting with an insightful introduction to EDR and its significance in the modern cyber threat landscape, this book offers a quick overview of popular EDR tools followed by their practical implementation. From real-world case studies, best practices, and deployment strategies to maximizing the effectiveness of EDR, including endpoint hardening techniques and advanced DNS visibility methods, this comprehensive resource equips you with the knowledge and hands-on skills to strengthen your organization’s defense against cyber attacks. Recognizing the role of the DNS protocol, you’ll fortify your organization's endpoint defense proactively.By the end of this book, you'll have honed the skills needed to construct a resilient cybersecurity defense for yourself and your organization.

Enhancing Your Cloud Security with a CNAPP Solution. Unlock the full potential of Microsoft Defender for Cloud to fortify your cloud security

Yuri Diogenes

Cloud security is a pivotal aspect of modern IT infrastructure, essential for safeguarding critical data and services. This comprehensive book explores Cloud Native Application Protection Platform (CNAPP), guiding you through adopting, deploying, and managing these solutions effectively. Written by Yuri Diogenes, Principal PM at Microsoft, who has been with Defender for Cloud (formerly Azure Security Center) since its inception, this book distills complex concepts into actionable knowledge making it an indispensable resource for Cloud Security professionals.The book begins with a solid foundation detailing the why and how of CNAPP, preparing you for deeper engagement with the subject. As you progress, it delves into practical applications, including using Microsoft Defender for Cloud to enhance your organization's security posture, handle multicloud environments, and integrate governance and continuous improvement practices into your operations.Further, you'll learn how to operationalize your CNAPP framework, emphasizing risk management & attack disruption, leveraging AI to enhance security measures, and integrating Defender for Cloud with Microsoft Security Exposure Management. By the end, you'll be ready to implement and optimize a CNAPP solution in your workplace, ensuring a robust defense against evolving threats.

Enterprise Agility. Being Agile in a Changing World

Sunil Mundra

The biggest challenge enterprises face today is dealing with fast-paced change in all spheres of business. Enterprise Agility shows how an enterprise can address this challenge head on and thrive in the dynamic environment. Avoiding the mechanistic construction of existing enterprises that focus on predictability and certainty, Enterprise Agility delivers practical advice for responding and adapting to the scale and accelerating pace of disruptive change in the business environment.Agility is a fundamental shift in thinking about how enterprises work to effectively deal with disruptive changes in the business environment. The core belief underlying agility is that enterprises are open and living systems. These living systems, also known as complex adaptive systems (CAS), are ideally suited to deal with change very effectively.Agility is to enterprises what health is to humans. There are some foundational principles that can be broadly applied, but the definition of healthy is very specific to each individual. Enterprise Agility takes a similar approach with regard to agility: it suggests foundational practices to improve the overall health of the body—culture, mindset, and leadership—and the health of its various organs: people, process, governance, structure, technology, and customers. The book also suggests a practical framework to create a plan to enhance agility.

Enterprise Application Architecture with .NET Core. An architectural journey into the Microsoft .NET open source platform

Ganesan Senthilvel, Ovais Mehboob Ahmed Khan, Habib...

If you want to design and develop enterprise applications using .NET Core as the development framework and learn about industry-wide best practices and guidelines, then this book is for you. The book starts with a brief introduction to enterprise architecture, which will help you to understand what enterprise architecture is and what the key components are. It will then teach you about the types of patterns and the principles of software development, and explain the various aspects of distributed computing to keep your applications effective and scalable. These chapters act as a catalyst to start the practical implementation, and design and develop applications using different architectural approaches, such as layered architecture, service oriented architecture, microservices and cloud-specific solutions. Gradually, you will learn about the different approaches and models of the Security framework and explore various authentication models and authorization techniques, such as social media-based authentication and safe storage using app secrets. By the end of the book, you will get to know the concepts and usage of the emerging fields, such as DevOps, BigData, architectural practices, and Artificial Intelligence.

Enterprise Cloud Security and Governance. Efficiently set data protection and privacy principles

Zeal Vora

Modern day businesses and enterprises are moving to the Cloud, to improve efficiency and speed, achieve flexibility and cost effectiveness, and for on-demand Cloud services. However, enterprise Cloud security remains a major concern because migrating to the public Cloud requires transferring some control over organizational assets to the Cloud provider. There are chances these assets can be mismanaged and therefore, as a Cloud security professional, you need to be armed with techniques to help businesses minimize the risks and misuse of business data.The book starts with the basics of Cloud security and offers an understanding of various policies, governance, and compliance challenges in Cloud. This helps you build a strong foundation before you dive deep into understanding what it takes to design a secured network infrastructure and a well-architected application using various security services in the Cloud environment.Automating security tasks, such as Server Hardening with Ansible, and other automation services, such as Monit, will monitor other security daemons and take the necessary action in case these security daemons are stopped maliciously. In short, this book has everything you need to secure your Cloud environment with. It is your ticket to obtain industry-adopted best practices for developing a secure, highly available, and fault-tolerant architecture for organizations.

Enterprise Security: A Data-Centric Approach to Securing the Enterprise. A guide to applying data-centric security concepts for securing enterprise data to enable an agile enterprise

Aaron Woody

Enterprise security redefined using a data-centric approach and trust models to transform information security into a business enablement process. It is a unique and forward thinking approach for deciding the best method to secure data in the enterprise, the cloud, and in BYOD environments.Enterprise Security: A Data-Centric Approach to Securing the Enterprise will guide you through redefining your security architecture to be more affective and turn information security into a business enablement process rather than a roadblock. This book will provide you with the areas where security must focus to ensure end-to-end security throughout the enterprise-supporting enterprise initiatives such as cloud and BYOD. Enterprise Security: A Data-Centric Approach to Securing the Enterprise will first introduce the reader to a new security architecture model and then explores the must have security methods and new tools that can used to secure the enterprise.This book will take a data-centric approach to securing the enterprise through the concept of Trust Models and building a layered security implementation focused on data. This is not your traditional security book focused on point solutions and the network aspect of security. This book combines best practice methods with new methods to approach enterprise security and how to remain agile as the enterprise demands more access to data from traditionally untrusted assets, hosted solutions, and third parties. Applied Information Security - A Data-Centric Approach to Securing the Enterprise will provide the reader an easy-to-follow flow from architecture to implementation, diagrams and recommended steps, and resources for further research and solution evaluation.This book is a reference and guide for all levels of enterprise security programs that have realized that non-data centric security is no longer practical and new methods must be used to secure the most critical assets in the enterprise.

Essential Cryptography for JavaScript Developers. A practical guide to leveraging common cryptographic operations in Node.js and the browser

Alessandro Segala

If you’re a software developer, this book will give you an introduction to cryptography, helping you understand how to make the most of it for your applications. The book contains extensive code samples in JavaScript, both for Node.js and for frontend apps running in a web browser, although the core concepts can be used by developers working with any programming language and framework.With a purely hands-on approach that is focused on sharing actionable knowledge, you’ll learn about the common categories of cryptographic operations that you can leverage in all apps you’re developing, including hashing, encryption with symmetric, asymmetric and hybrid ciphers, and digital signatures. You’ll learn when to use these operations and how to choose and implement the most popular algorithms to perform them, including SHA-2, Argon2, AES, ChaCha20-Poly1305, RSA, and Elliptic Curve Cryptography. Later, you’ll learn how to deal with password and key management. All code in this book is written in JavaScript and designed to run in Node.js or as part of frontend apps for web browsers.By the end of this book, you'll be able to build solutions that leverage cryptography to protect user privacy, offer better security against an expanding and more complex threat landscape, help meet data protection requirements, and unlock new opportunities.