- Pasta blanda: 261 páginas
- Editor: Oreilly & Associates Inc (21 de abril de 2017)
- Idioma: Inglés
- ISBN-10: 1491960388
- ISBN-13: 978-1491960387
- Dimensiones del producto: 17.5 x 1.3 x 22.9 cm
- Peso del envío: 454 g
- Opinión media de los clientes sobre el producto: Sé el primero en calificar este artículo
- Clasificación en los más vendidos de Amazon: nº1,182 en Libros (Ver el Top 100 en Libros)
Defensive Security Handbook: Best Practices for Securing Infrastructure (Inglés) Pasta blanda – 21 abr 2017
Precio de Amazon
|Nuevo desde||Usado desde|
"Vuelva a intentarlo"
Comprados juntos habitualmente
Los clientes que compraron este producto también compraron
Detalles del producto
Descripción del producto
Descripción del producto
Despite the increase of high-profile hacks, record-breaking data leaks, and ransomware attacks, many organizations don’t have the budget to establish or outsource an information security (InfoSec) program, forcing them to learn on the job. For companies obliged to improvise, this pragmatic guide provides a security-101 handbook with steps, tools, processes, and ideas to help you drive maximum-security improvement at little or no cost.
Each chapter in this book provides step-by-step instructions for dealing with a specific issue, including breaches and disasters, compliance, network infrastructure and password management, vulnerability scanning, and penetration testing, among others. Network engineers, system administrators, and security professionals will learn tools and techniques to help improve security in sensible, manageable chunks.
- Learn fundamentals of starting or redesigning an InfoSec program
- Create a base set of policies, standards, and procedures
- Plan and design incident response, disaster recovery, compliance, and physical security
- Bolster Microsoft and Unix systems, network infrastructure, and password management
- Use segmentation practices and designs to compartmentalize your network
- Explore automated process and tools for vulnerability management
- Securely develop code to reduce exploitable errors
- Understand basic penetration testing concepts through purple teaming
- Delve into IDS, IPS, SOC, logging, and monitoring
Biografía del autor
Lee Brotherston is a Senior Security Advisor with Leviathan Security, providing Information Security consulting services to a range of clients. Having spent more than a decade in Information Security, Lee has worked as an Internal Security resource across many verticals including Finance, Telecommunications, Hospitality, Entertainment, and Government in roles ranging from Engineer to IT Security Manager.
Amanda Berlin is an Information Security Architect for a consulting firm in Northern Ohio. She has spent over a decade in different areas of technology and sectors providing infrastructure support, triage, and design. Amanda has been involved in implementing a secure Payment Card Industries (PCI) process and Health Insurance Portability and Accountability Act (HIPAA) compliance as well as building a comprehensive phishing and awards-based user education program. She is the author for a Blue Team best practices book called "Defensive Security Handbook: Best Practices for Securing Infrastructure" through O'Reilly Media. She is a co-host on the Brakeing Down Security podcast and writes for several blogs. On Twitter, she's @InfoSystir.
Más información del producto
From the Preface
Our goal is to not only make this a standard that can be applied to most enterprise networks, but also be a little entertaining to read along the way. There are already deep-dive standards out there from a variety of government and private organizations that can drone on and on about the validity of one security measure or the next. We want this to be an informative dialog backed by real-life experiences in the industry. There will be good policy, best practices, code snippets, screenshots, walkthroughs, and snark all mixed in together. We want to reach out to the masses—the net admins who can’t get approval to hire help; directors who want to know they aren’t the only ones fighting the battles that we see day in and day out; and the people who are getting their hands dirty in the trenches and aren’t even close to being ready to start down the path of reading whitepapers and RFCs.
Who This Book Is For
This book is designed to serve as a Security 101 handbook that is applicable to as many environments as possible, in order to drive maximum improvement in your security posture for the minimum financial spend. Types of positions that will be able to take away knowledge and actionable data from this include upper-level CIOs, directors, security analysts, systems administrators, and other technological roles.
Navigating the Book
We have deliberately written this so that you do not have to adopt an all-or-nothing approach. Each of the chapters can serve as a standalone body of knowledge for a particular area of interest, meaning that you can pick and choose which subjects work for you and your organization, and ignore any that you feel may not apply. The aim is not to achieve compliance with a particular framework or compliance regime, but to improve on the current situation in sensible, pragmatic, manageable chunks.
We have purposefully ordered this book to begin with the fundamentals of starting or redesigning an information security program. It will take you from the skeleton steps of program creation on a wild rollercoaster ride into the depths of more technical topics.
Opiniones de clientes
|5 estrellas (0%)|
|4 estrellas (0%)|
|3 estrellas (0%)|
|2 estrellas (0%)|
|1 estrella (0%)|
Opiniones de clientes más útiles en Amazon.com
If you are an IT generalist who is interested in learning the basics of Blue Teaming, this book is an excellent place to start.