book

Advanced Persistent Security

by Ira Winkler, Araceli Treu Gomes

November 2016

Intermediate to advanced

260 pages

7h 31m

English

Syngress

Read now

Unlock full access

ProtectionDetectionReactionDefense in DepthWhat is Advanced Persistent Security?Advanced Persistent Threat and Advanced Persistent SecurityApplying Advanced Persistent Security to the Sony Hack

Confidentiality, Integrity, and AvailabilityComputer Network AttackComputer Network ExploitationComputer Network Defense
Kill Chain BasicsChanging the GameThreat HuntingSummary
Death by 1000 CutsUnderstanding RiskRisk Optimization Versus Risk MinimizationPractical ImplementationGetting the Budget You Need, Not the Budget You Deserve
Security ResearchersTwo Ways to Hack a Computer or Other TechnologyTechnology Is Irrelevant
Why Threats Are Important to ConsiderWho Threats Versus What ThreatsMalignant Threats Versus Malicious ThreatsAdversary CategorizationThreat Summary
Highly Sophisticated Adversary InfrastructureDeep/Dark WebTorBitcoinBotnetsRansomwareSecurity ResearchersLeased or Purchased MalwareBrokerage or Escrow of DataHackers for HireEncrypted AppsSummary
The Importance of Security Policies, Standards, Guidelines, and ProceduresStandardsPoliciesProceduresGuidelinesSummary
Operational VulnerabilitiesPersonnel VulnerabilitiesPhysical VulnerabilitiesTechnical VulnerabilitiesSummary
Operational CountermeasuresPersonnel CountermeasuresPhysical CountermeasuresTechnical CountermeasuresSummary
What is Security Culture?Forming a Security CultureThe ABCs of BehaviorElements of a Security Awareness ProgramManagement SupportSummary
Types of Threat IntelligenceThreat Intelligence PlatformsThreat Intelligence Platform CapabilitiesSummary
Prevention Is InsufficientLasting Damage Follows After Initial CompromiseDetermine What Is to Be DetectedDetermine where to LookEnable the Detection Capabilities that you haveHuman Intrusion Detection SystemsSummary
What Is ADD?What Is DDD?Diagnosing DDDTreating DDDSummary
Perform Positive OutreachIf You See Something, Say SomethingKnowing What to Look forIt's Better to Be Safe Than SorryEliminate Punishments When Reporting IncidentsImplement Rewards for DetectionKnowing How to Report ThingsSummary
Why the Kill Chain Is in DetectionWhat Is a Kill Chain?The Cyber Kill ChainApplying the Cyber Kill Chain to DetectionApplying the Kill Chain to Protection and ReactionSummary
Executive SupportDefine Your TeamDefine an IncidentControls Success Versus Program SuccessMetrics: A Tale of Two LensesSummary
Incident Response is ComplicatedProper TrainingOrder of OperationsThe IR ImperativeHouston, We Have a Standard!Response Readiness AssessmentForensic ReadinessSummary
Is There Proper Governance in Place?How Many People Are There in the Enterprise?What Is the Range of Job Functions?What Information Is Involved?What Industry Are You in?What Is Your Technology Posture?Are There Special Technologies in Use?Do You Understand Your Network?Perform a Security AssessmentWhat Is Your Physical Security Posture?How Is Data Transported?Who Are Your Adversaries?What Is the Security Posture of Similar Enterprises?Summary
List the Most Likely ThreatsDetail the Likely Attack StrategiesDefine Vulnerabilities to Be ExploitedPrioritize Vulnerabilities by Potential Loss and Likelihood to Be ExploitedSummary
Implement Proper GovernanceAssess the Program in PlaceReview Past IncidentsDetermine Information and Other ResourcesReview The Vulnerability AnalysisCreate Potential Attack ScenariosSummary
Addressing VulnerabilitiesEvaluate the Completeness of Protection, Detection, and ReactionPerforming a Cost/Benefit Sanity CheckSummary
Adaptive Persistent SecuritySummary

Content preview from Advanced Persistent Security

Chapter 1

What Is Advanced Persistent Security?

Abstract

The Sony hack is iconic in many ways. The attack devastated the organization, yet many chief information security officers (CISOs) defend Sony saying that the attack was inevitable. We, however, believe that although the attackers inevitably might have been able to gain access, it does not mean that the damage was inevitable.

Protection might inevitably fail, but if that failure can be detected and then the appropriate reaction implemented, the security program will not fail. Security is a program of combined protection, detection, and reaction. Although we do advocate Defense in Depth, it does need to be combined with the detection and reaction strategies.

Keywords

Advanced persistent threat; ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Publisher Resources

ISBN: 9780128093658

Advanced Persistent Security

by Ira Winkler, Araceli Treu Gomes

What Is Advanced Persistent Security?

Abstract

Keywords

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

You might also like

Advanced Persistent Threat

Enhanced Cyber Resilience Solution by Threat Detection using IBM Cloud Object Storage System and IBM QRadar SIEM

The Ransomware Threat Landscape

Securing the Internet of Things

Publisher Resources

Abstract

Keywords

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,and much more.

You might also like

Advanced Persistent Threat

Enhanced Cyber Resilience Solution by Threat Detection using IBM Cloud Object Storage System and IBM QRadar SIEM

The Ransomware Threat Landscape

Securing the Internet of Things

Publisher Resources

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.