Wydawca: K-i-s-publishing
Cody Jackson, Steven F. Lott
This book covers the unexplored secrets of Python, delve into its depths, and uncover its mysteries.You’ll unearth secrets related to the implementation of the standard library, by looking at how modules actually work. You’ll understand the implementation of collections, decimals, and fraction modules. If you haven’t used decorators, coroutines, and generator functions much before, as you make your way through the recipes, you’ll learn what you’ve been missing out on. We’ll cover internal special methods in detail, so you understand what they are and how they can be used to improve the engineering decisions you make. Next, you’ll explore the CPython interpreter, which is a treasure trove of secret hacks that not many programmers are aware of. We’ll take you through the depths of the PyPy project, where you’ll come across several exciting ways that you can improve speed and concurrency. Finally, we’ll take time to explore the PEPs of the latest versions to discover some interesting hacks.
Alessandro Parisi
Blockchain adoption has extended from niche research to everyday usage. However, despite the blockchain revolution, one of the key challenges faced in blockchain development is maintaining security, and this book will demonstrate the techniques for doing this.You’ll start with blockchain basics and explore various blockchain attacks on user wallets, and denial of service and pool mining attacks. Next, you’ll learn cryptography concepts, consensus algorithms in blockchain security, and design principles while understanding and deploying security implementation guidelines. You’ll not only cover architectural considerations, but also work on system and network security and operational configurations for your Ethereum and Hyperledger Fabric network. You’ll later implement security at each level of blockchain app development, understanding how to secure various phases of a blockchain app using an example-based approach. You’ll gradually learn to securely implement and develop decentralized apps, and follow deployment best practices. Finally, you’ll explore the architectural components of Hyperledger Fabric, and how they can be configured to build secure private blockchain networks.By the end of this book, you’ll have learned blockchain security concepts and techniques that you can implement in real blockchain production environments.
Dominiek Verham, Johan Vanneuville, Christiaan Brinkhoff, Scott...
Do you want to effectively implement and maintain secure virtualized systems? This book will give you a comprehensive understanding of Microsoft virtual endpoints, from the fundamentals of Windows 365 and Azure Virtual Desktop to advanced security measures, enabling you to secure, manage, and optimize virtualized environments in line with contemporary cybersecurity challenges.You’ll start with an introduction to Microsoft technologies, gaining a foundational understanding of their capabilities. Next, you’ll delve into the importance of endpoint security, addressing the challenges faced by companies in safeguarding their digital perimeters. This book serves as a practical guide to securing virtual endpoints, covering topics such as network access, data leakage prevention, update management, threat detection, and access control configuration. As you progress, the book offers insights into the nuanced security measures required for Windows 365, Azure Virtual Desktop, and the broader Microsoft Azure infrastructure. The book concludes with real-world use cases, providing practical scenarios for deploying Windows 365 and Azure Virtual Desktop.By the end of this book, you’ll be equipped with practical skills for implementing and evaluating robust endpoint security strategies.
IT Governance Publishing, Lee Newcombe
Cloud computing plays a critical role in modern business, but with it comes a host of security challenges. This book explores the intricacies of securing cloud services, starting with foundational concepts of cloud computing and moving into specific service and deployment models. It provides insights into balancing security benefits with potential risks such as availability issues, shadow IT, and information leakage. The book goes on to focus on security threats, from hackers and insiders to government entities, while offering strategies to mitigate these risks. The practical approach continues with a deep dive into security architecture, providing a structured model to secure cloud environments across IaaS, PaaS, SaaS, and more. Further, it examines the regulatory landscape, including compliance requirements, privacy concerns, and data protection laws that impact cloud service security. Finally, the book concludes with projections about the future of cloud security and emerging challenges. Readers will gain not only the theoretical foundations but also real-world insights that they can apply to strengthen their cloud service security.
Securing Hadoop. Implement robust end-to-end security for your Hadoop ecosystem
Sudheesh Narayan
Security of Big Data is one of the biggest concerns for enterprises today. How do we protect the sensitive information in a Hadoop ecosystem? How can we integrate Hadoop security with existing enterprise security systems? What are the challenges in securing Hadoop and its ecosystem? These are the questions which need to be answered in order to ensure effective management of Big Data. Hadoop, along with Kerberos, provides security features which enable Big Data management and which keep data secure.This book is a practitioner's guide for securing a Hadoop-based Big Data platform. This book provides you with a step-by-step approach to implementing end-to-end security along with a solid foundation of knowledge of the Hadoop and Kerberos security models.This practical, hands-on guide looks at the security challenges involved in securing sensitive data in a Hadoop-based Big Data platform and also covers the Security Reference Architecture for securing Big Data. It will take you through the internals of the Hadoop and Kerberos security models and will provide detailed implementation steps for securing Hadoop. You will also learn how the internals of the Hadoop security model are implemented, how to integrate Enterprise Security Systems with Hadoop security, and how you can manage and control user access to a Hadoop ecosystem seamlessly. You will also get acquainted with implementing audit logging and security incident monitoring within a Big Data platform.
Jalal Bouhdada, Marco Ayala
As modern process facilities become increasingly sophisticated and vulnerable to cyber threats, securing critical infrastructure is more crucial than ever. This book offers an indispensable guide to industrial cybersecurity and Safety Instrumented Systems (SIS), vital for maintaining the safety and reliability of critical systems and protecting your operations, personnel, and assets.Starting with SIS design principles, the book delves into the architecture and protocols of safety networks. It provides hands-on experience identifying vulnerabilities and potential attack vectors, exploring how attackers might target SIS components. You’ll thoroughly analyze Key SIS technologies, threat modeling, and attack techniques targeting SIS controllers and engineer workstations. The book shows you how to secure Instrument Asset Management Systems (IAMS), implement physical security measures, and apply integrated risk management methodologies. It also covers compliance with emerging cybersecurity regulations and industry standards worldwide.By the end of the book, you’ll have gained practical insights into various risk assessment methodologies and a comprehensive understanding of how to effectively protect critical infrastructure.
Securing Network Infrastructure. Discover practical network security with Nmap and Nessus 7
Sairam Jetty, Sagar Rahalkar
Digitization drives technology today, which is why it’s so important for organizations to design security mechanisms for their network infrastructures. Analyzing vulnerabilities is one of the best ways to secure your network infrastructure.This Learning Path begins by introducing you to the various concepts of network security assessment, workflows, and architectures. You will learn to employ open source tools to perform both active and passive network scanning and use these results to analyze and design a threat model for network security. With a firm understanding of the basics, you will then explore how to use Nessus and Nmap to scan your network for vulnerabilities and open ports and gain back door entry into a network. As you progress through the chapters, you will gain insights into how to carry out various key scanning tasks, including firewall detection, OS detection, and access management to detect vulnerabilities in your network.By the end of this Learning Path, you will be familiar with the tools you need for network scanning and techniques for vulnerability scanning and network protection.This Learning Path includes content from the following Packt books:•Network Scanning Cookbook by Sairam Jetty•Network Vulnerability Assessment by Sagar Rahalkar
Tom Piens aka 'reaper'
This book builds on the content found in Mastering Palo Alto Networks, focusing on the different methods of establishing remote connectivity, automating log actions, and protecting against phishing attacks through user credential detection.Complete with step-by-step instructions, practical examples, and troubleshooting tips, you will gain a solid understanding of how to configure and deploy Palo Alto Networks remote access products. As you advance, you will learn how to design, deploy, and troubleshoot large-scale end-to-end user VPNs. Later, you will explore new features and discover how to incorporate them into your environment.By the end of this Palo Alto Networks book, you will have mastered the skills needed to design and configure SASE-compliant remote connectivity and prevent credential theft with credential detection.
Rinaldi Vincenzo, Luca Masini, Vincenzo Rinaldi
Security is a must in modern Enterprise architecture, and WebLogic implements a very complete and complex architecture for configuration and implementation, and we need to deeply know in technologies, terminology and how the security process works between all actors.Transparent security of your applications and Weblogic infrastructure need a good knowledge of the issues you can incur in this long and error prone configuration process.Securing WebLogic Server 12c will simplify a complex world like WebLogic Security, helping the reader to implement and configure. It's the only fast guide that will let you develop and deploy in a production system with best practices both from the development world and the operation world.This book will try to make a clear picture of Java EE Security with clean and simple step-by-step examples that will guide the reader to security implementation and configurationFrom the concepts of Java EE Security to the development of secure application, from the configuration of a realm to the setup of Kerberos Single Sign on, every concept is expressed in simple terms and surrounded by examples and pictures. Finally, also a way to develop WebLogic Security Providers with Maven, so that you can add the security part of your infrastructure to your enterprise best practices.
Akash Mahajan, MADHU AKULA
Security automation is one of the most interesting skills to have nowadays. Ansible allows you to write automation procedures once and use them across your entire infrastructure. This book will teach you the best way to use Ansible for seemingly complex tasks by using the various building blocks available and creating solutions that are easy to teach others, store for later, perform version control on, and repeat.We’ll start by covering various popular modules and writing simple playbooks to showcase those modules. You’ll see how this can be applied over a variety of platforms and operating systems, whether they are Windows/Linux bare metal servers or containers on a cloud platform. Once the bare bones automation is in place, you’ll learn how to leverage tools such as Ansible Tower or even Jenkins to create scheduled repeatable processes around security patching, security hardening, compliance reports, monitoring of systems, and so on. Moving on, you’ll delve into useful security automation techniques and approaches, and learn how to extend Ansible for enhanced security. While on the way, we will tackle topics like how to manage secrets, how to manage all the playbooks that we will create and how to enable collaboration using Ansible Galaxy. In the final stretch, we’ll tackle how to extend the modules of Ansible for our use, and do all the previous tasks in a programmatic manner to get even more powerful automation frameworks and rigs.
Corey Charles Sr., Frank McMahon
Designed to address the most common pain point for security teams—scalability—Security Automation with Python leverages the author’s years of experience in vulnerability management to provide you with actionable guidance on automating security workflows to streamline your operations and improve your organization’s overall security posture.What makes this book stand out is its hands-on approach. You won’t just learn theoretical concepts—you’ll apply Python-based automation techniques directly to real-world scenarios. Whether you're automating vulnerability scans, managing firewall rules, or responding to security incidents, this book provides clear examples and use cases, breaking down complex topics into easily digestible steps. With libraries like Paramiko, Requests, and PyAutoGUI, you’ll automate everything from network scanning and threat intelligence gathering to system patching and alert management. Plus, this book focuses heavily on practical tips for error handling, scaling automation workflows, and integrating Python scripts into larger security infrastructures.By the end of this book, you'll have developed a set of highly valuable skills, from creating custom automation scripts to deploying them in production environments, and completed projects that can be immediately put to use in your organization.
Bogdan Kireeve, Chas Clawson
Modernize your security operations with Sumo Logic’s Continuous Intelligence Platform that delivers real-time detection, analysis, and response to threats, and find out how it enables security teams to unify monitoring, apply advanced analytics, and strengthen defenses across diverse environments.Step by step, this guide takes you through configuring Sumo Logic to ingest and visualize log data, running versatile queries, and using Security Apps to meet compliance and audit demands. You’ll learn how to take full advantage of Cloud SIEM by creating enriched records, building correlation rules, proactively threat hunting, and tuning signals to reduce false positives.Beyond traditional SIEM use cases, discover how Sumo Logic supports modern DevSecOps practices that embed security into the development lifecycle without compromising delivery speed and features such as entity inventory, third-party integrations, and best practices that enhance investigation and detection accuracy.Finally, you’ll prepare for the future of security intelligence, where automation, machine learning, and AI-driven insights reshape threat defense, ensuring you’re ready to transform your security operations with Sumo Logic Cloud SIEM.*Email sign-up and proof of purchase required
Rajneesh Gupta, Santiago Bassett
Strengthen your cybersecurity posture with Wazuh’s powerful security monitoring and compliance capabilities.Security Monitoring with Wazuh is a comprehensive, hands-on guide that helps you deploy, configure, and optimize Wazuh to detect threats, automate incident response, and enforce compliance. With real-world use cases, step-by-step configurations, and tool integrations, this book equips you to build an enterprise-grade defense system.You'll begin by setting up an Intrusion Detection System (IDS) using Wazuh and integrating Suricata to monitor network and host-based threats. Moving forward, you'll explore malware detection, vulnerability assessment, and security automation with SOAR. The book also covers threat intelligence, incident response, and proactive threat hunting, helping you detect and mitigate cybersecurity risks effectively.Beyond detection, you'll enforce compliance with industry standards such as MITRE ATT&CK, PCI DSS, and GDPR, ensuring regulatory adherence and security best practices. By integrating Wazuh with TheHive, Cortex, MISP, and other security tools, you'll streamline threat analysis and response.By the end of this book, you'll master Wazuh's full potential, enabling you to deploy, manage, and enhance security monitoring across your infrastructure—from on-premises to cloud environments.
Benjamin Kovacevic, Nicholas Dicola
What your journey will look likeWith the help of this expert-led book, you’ll become well versed with SOAR, acquire new skills, and make your organization's security posture more robust.You’ll start with a refresher on the importance of understanding cyber security, diving into why traditional tools are no longer helpful and how SOAR can help.Next, you’ll learn how SOAR works and what its benefits are, including optimized threat intelligence, incident response, and utilizing threat hunting in investigations.You’ll also get to grips with advanced automated scenarios and explore useful tools such as Microsoft Sentinel, Splunk SOAR, and Google Chronicle SOAR.The final portion of this book will guide you through best practices and case studies that you can implement in real-world scenarios.By the end of this book, you will be able to successfully automate security tasks, overcome challenges, and stay ahead of threats.
Weimin Sun, Xun (Brian) Wu, Angela Kwok
The failure of initial coin offerings (ICOs) is no accident, as most ICOs do not link to a real asset and are not regulated. Realizing the shortcomings of ICOs, the blockchain community and potential investors embraced security token offerings (STOs) and stablecoins enthusiastically.In this book, we start with an overview of the blockchain technology along with its basic concepts. We introduce the concept behind STO, and cover the basic requirements for launching a STO and the relevant regulations governing its issuance. We discuss U.S. securities laws development in launching security digital tokens using blockchain technology and show some real use cases. We also explore the process of STO launches and legal considerations. We introduce popular security tokens in the current blockchain space and talk about how to develop a security token DApp, including smart contract development for ERC1404 tokens. Later, you'll learn to build frontend side functionalities to interact with smart contracts. Finally, we discuss stablecoin technical design functionalities for issuing and operating STO tokens by interacting with Ethereum smart contracts.By the end of this book, you will have learned more about STOs and gained a detailed knowledge of building relevant applications—all with the help of practical examples.
Security with Go. Explore the power of Golang to secure host, web, and cloud services
John Daniel Leon
Go is becoming more and more popular as a language for security experts. Its wide use in server and cloud environments, its speed and ease of use, and its evident capabilities for data analysis, have made it a prime choice for developers who need to think about security.Security with Go is the first Golang security book, and it is useful for both blue team and red team applications. With this book, you will learn how to write secure software, monitor your systems, secure your data, attack systems, and extract information.Defensive topics include cryptography, forensics, packet capturing, and building secure web applications.Offensive topics include brute force, port scanning, packet injection, web scraping, social engineering, and post exploitation techniques.
Security-Driven Software Development. Learn to analyze and mitigate risks in your software projects
Aspen Olmsted
Extend your software development skills to integrate security into every aspect of your projects. Perfect for any programmer or developer working on mission-critical applications, this hands-on guide helps you adopt secure software development practices. Explore core concepts like security specifi cation, modeling, and threat mitigation with the iterative approach of this book that allows you to trace security requirements through each phase of software development. You won’t stop at the basics; you’ll delve into multiple-layer att acks and develop the mindset to prevent them. Through an example application project involving an entertainment ticketing software system, you’ll look at high-profi le security incidents that have aff ected popular music stars and performers. Drawing from the author’s decades of experience building secure applications in this domain, this book off ers comprehensive techniques where problem-solving meets practicality for secure development.By the end of this book, you’ll have gained the expertise to systematically secure software projects, from crafting robust security specifi cations to adeptly mitigating multifaceted threats, ensuring your applications stand resilient in the face of evolving cybersecurity challenges.
Security+(R) Practice Tests. Prepare for, practice, and pass the CompTIA Security+ exam
Mike Chapple
Security+ certification is the most popular entry-level certification for cybersecurity professionals. It has no work experience requirement, making it accessible to everyone willing to put in the time to prepare for the exam. Security+? Practice Tests are the perfect tools to prepare for the CompTIA Security+ exam.The first six chapters each cover one of the six Security+ domains. Each of those chapters contains around 100 practice test questions covering the material from that domain. The last two chapters each contain a full-length Security+ practice test that’s designed to assess your readiness to take the actual test. At the end of each chapter, you’ll find the answers to all of the questions along with detailed explanations to help reinforce your learning of the material.By the end of the book, you’ll have enough practice to easily ace the CompTIA Security+ exam.
Segment Routing in MPLS Networks. Transition from traditional MPLS to SR-MPLS with TI-LFA FRR
Hemant Sharma, Wendell Odom
In this book, you will learn about segment routing (SR), a cornerstone of modern networking, and topology-independent loop-free alternate (TI-LFA), with hands-on labs to hit the ground running. Written by a key contributor to global segment routing multiprotocol label switching (SR-MPLS) network designs, this book makes learning SR-MPLS both accessible and insightful.The book offers an extensive learning path, taking you from a traditional MPLS network using the label distribution protocol (LDP) to a modern SR-MPLS network using SR, and provides a holistic view of their interworking. You’ll also explore TI-LFA fast reroute protection scenarios, and find out how SR-MPLS strengthens network reliability with its source routing paradigm. Using intermediate system–to–intermediate system (IS-IS) as the foundational link-state routing protocol, the chapters ensure that you get a clear understanding of both SR and IS-IS. Following a consistent network topology throughout, this book enables smooth transitions between scenarios, helping you master the technical concepts without distraction.By the end of this book, you’ll have a solid grasp of MPLS, SR-MPLS, and TI-LFA fast reroute techniques, ready to tackle real-world networking challenges with confidence.
Carl Cocchiaro
The Selenium WebDriver 3.x Technology is an open source API available to test both Browser and Mobile applications. It is completely platform independent in that tests built for one browser or mobile device, will also work on all other browsers and mobile devices. Selenium supports all major development languages which allow it to be tied directly into the technology used to develop the applications. This guide will provide a step-by-step approach to designing and building a data-driven test framework using Selenium WebDriver, Java, and TestNG.The book starts off by introducing users to the Selenium Page Object Design Patterns and D.R.Y Approaches to Software Development. In doing so, it covers designing and building a Selenium WebDriver framework that supports both Browser and Mobile Devices. It will lead the user through a journey of architecting their own framework with a scalable driver class, Java utility classes, JSON Data Provider, Data-Driven Test Classes, and support for third party tools and plugins.Users will learn how to design and build a Selenium Grid from scratch to allow the framework to scale and support different browsers, mobile devices, versions, and platforms, and how they can leverage third party grids in the Cloud like SauceLabs.Other topics covered include designing abstract base and sub-classes, inheritance, dual-driver support, parallel testing, testing multi-branded applications, best practices for using locators, and data encapsulation.Finally, you will be presented with a sample fully-functional framework to get them up and running with the Selenium WebDriver for browser testing.By the end of the book, you will be able to design your own automation testing framework and perform data-driven testing with Selenium WebDriver.
UNMESH GUNDECHA
This book is an incremental guide that will help you learn and use the advanced features of the Selenium toolset including the WebDriver API in various situations to build a reliable test automation. You start off by setting up the test development environment and gain tips on the advanced locater strategy and the effective use of the Selenium WebDriver API. After that, the use of design patterns such as data - driven tests and PageFactory are demonstrated. You will then be familiarised with extending Selenium WebDriver API by implementing custom tasks and setting up your own distributed environment to run tests in parallel for cross-browser testing.Finally, we give you some tips on integrating Selenium WebDriver with other popular tools and testing mobile applications. By the end of this book, you will have learned enough to solve complex testing issues on your own.
UNMESH GUNDECHA
Web technologies are becoming increasingly complex and there is a need to test your web applications against a vast number of browsers and platforms, so you need to build highly reliable and maintainable test automation. This book will help you test your web applications effectively and efficiently with Selenium WebDriver.Selenium Testing Tools Cookbook is an incremental guide that will help you learn and use advanced features of Selenium WebDriver API in various situations for building reliable test automation. You will learn how to effectively use features of Selenium using simple and detailed examples. This book will also teach you best practices, design patterns, and how to extend Selenium.Selenium Testing Tools Cookbook shows developers and testers who already use Selenium, how to go to the next step and build a highly maintainable and reliable test framework using advanced features of the tool.The book starts with tips on advanced location strategy and effective use of Selenium WebDriver API. Then it demonstrates the use of design patterns such as Data Driven Tests and PageFactory for building maintainable test automation. It also explains extending Selenium WebDriver API along with implementing custom tasks and setting up your own distributed environment to run tests in parallel.It concludes with tips on integrating Selenium WebDriver with other popular tools, testing mobile web applications, and capturing videos of test runs. This books provides examples in Java, C#, Ruby, and Python.Selenium Testing Tools Cookbook will help you in building a highly robust and maintainable test automation framework from start to finish.