book

Advanced Persistent Threat

Name: Advanced Persistent Threat
Author: Eric Cole
ISBN: 9781597499552

by Eric Cole

December 2012

Intermediate to advanced

320 pages

11h 11m

English

Syngress

Read now

Unlock full access

Cover image
Title page
Table of Contents
Copyright
Dedication
Author Biography
Preface
Section I. Understanding the Problem
Chapter 1. The Changing Threat
IntroductionThe Current LandscapeOrganizations View on SecurityYou will be CompromisedThe Cyber ShopLifterThe New Defense in DepthProactive vs ReactiveLoss of Common SenseIt is All About RiskWhat Was In Place?Pain Killer SecurityReducing the Surface SpaceHTML Embedded EmailBuffer OverflowsMacros in Office DocumentsThe Traditional ThreatCommon ColdReactive SecurityAutomationThe Emerging ThreatAPT—Cyber CancerAdvanced Persistent Threat (APT)APT—Stealthy, Targeted, and Data FocusedCharacteristics of the APTDefending Against the APTAPT vs Traditional ThreatSample APT AttacksAPT Multi-Phased ApproachSummary
Chapter 2. Why are Organizations Being Compromised?
IntroductionDoing Good Things and Doing the Right ThingsSecurity is Not HelplessBeyond Good or BadAttackers are in Your NetworkProactive, Predictive, and AdaptiveExample of How to WinData Centric SecurityMoney Does Not Equal SecurityThe New Approach to APTSelling Security to Your ExecutivesTop Security TrendsSummary

Chapter 3. How are Organizations Being Compromised?
IntroductionWhat are Attackers After?Attacker ProcessReconnaissanceScanningExploitationCreate BackdoorsCover Their TracksCompromising a ServerCompromising a ClientInsider ThreatTraditional SecurityFirewallsDropped PacketsInBound Prevention and OutBound DetectionIntrusion DetectionSummary
Chapter 4. Risk-Based Approach to Security
IntroductionProducts vs. SolutionsLearning from the PastWhat is Risk?Focused SecurityFormal Risk ModelInsurance ModelCalculating RiskSummary
Section II. Emerging Trends
Chapter 5. Protecting Your Data
IntroductionData DiscoveryProtected EnclavesEverything Starts with Your DataCIAData ClassificationEncryptionTypes of EncryptionGoals of EncryptionData at RestData at MotionEncryption—More Than You Bargained ForNetwork Segmentation and De-ScopingEncryption Free ZoneSummary
Chapter 6. Prevention is Ideal but Detection is a Must
IntroductionInbound PreventionOutbound DetectionNetwork vs. HostMaking Hard DecisionsIs AV/Host Protection Dead?Summary
Chapter 7. Incident Response: Respond and Recover
IntroductionThe New RuleSuicidal MindsetIncident ResponseEvents/Audit TrailsSample Incidents6-Step ProcessForensic OverviewSummary
Chapter 8. Technologies for Success
IntroductionIntegrated Approach to APTHow Bad is the Problem?Trying to Hit a Moving TargetFinding the Needle in the HaystackUnderstand What You HaveIdentifying APTMinimizing the ProblemEnd to End Solution for the APTSummary
Section III. The Future and How to Win
Chapter 9. The Changing Landscape: Cloud and Mobilization
IntroductionYou Cannot Fight the CloudIs the Cloud Really New?What is the Cloud?Securing the CloudReducing Cloud Computing RisksMobilization—BYOD (Bring Your Own Device)Dealing with Future TechnologiesSummary
Chapter 10. Proactive Security and Reputational Ranking
IntroductionFacing RealityPredicting Attacks to Become ProactiveChanging How You Think About SecurityThe Problem has ChangedThe APT Defendable NetworkSummary
Chapter 11. Focusing in on the Right Security
IntroductionWhat is the Problem That is Being Solved?If the Offense Knows More Than the Defense You Will LooseEnhancing User AwarenessVirtualized SandboxingPatchingWhite ListingSummary
Chapter 12. Implementing Adaptive Security
IntroductionFocusing on the HumanFocusing on the DataGame PlanPrioritizing RisksKey Emerging TechnologiesThe Critical ControlsSummary
Index

Overview

The newest threat to security has been categorized as the Advanced Persistent Threat or APT. The APT bypasses most of an organization’s current security devices, and is typically carried out by an organized group, such as a foreign nation state or rogue group with both the capability and the intent to persistently and effectively target a specific entity and wreak havoc. Most organizations do not understand how to deal with it and what is needed to protect their network from compromise. In Advanced Persistent Threat: Understanding the Danger and How to Protect your Organization Eric Cole discusses the critical information that readers need to know about APT and how to avoid being a victim.

Advanced Persistent Threat is the first comprehensive manual that discusses how attackers are breaking into systems and what to do to protect and defend against these intrusions.

How and why organizations are being attacked
How to develop a "Risk based Approach to Security"
Tools for protecting data and preventing attacks
Critical information on how to respond and recover from an intrusion
The emerging threat to Cloud based networks

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Proactive EarlyThreat Detection and Securing Oracle Database with IBM QRadar, IBM Security Guardium Data Protection, and IBM Copy Services Manager by using IBM FlashSystem Safeguarded Copy

Shashank Shingornikar, Raninder Ravi Bhandari

Publisher Resources

ISBN: 9781597499491

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills