book

Advanced Persistent Threat

by Eric Cole

December 2012

Intermediate to advanced

320 pages

11h 11m

English

Syngress

Read now

Unlock full access

IntroductionThe Current LandscapeOrganizations View on SecurityYou will be CompromisedThe Cyber ShopLifterThe New Defense in DepthProactive vs ReactiveLoss of Common SenseIt is All About RiskWhat Was In Place?Pain Killer SecurityReducing the Surface SpaceHTML Embedded EmailBuffer OverflowsMacros in Office DocumentsThe Traditional ThreatCommon ColdReactive SecurityAutomationThe Emerging ThreatAPT—Cyber CancerAdvanced Persistent Threat (APT)APT—Stealthy, Targeted, and Data FocusedCharacteristics of the APTDefending Against the APTAPT vs Traditional ThreatSample APT AttacksAPT Multi-Phased ApproachSummary
IntroductionDoing Good Things and Doing the Right ThingsSecurity is Not HelplessBeyond Good or BadAttackers are in Your NetworkProactive, Predictive, and AdaptiveExample of How to WinData Centric SecurityMoney Does Not Equal SecurityThe New Approach to APTSelling Security to Your ExecutivesTop Security TrendsSummary

IntroductionWhat are Attackers After?Attacker ProcessReconnaissanceScanningExploitationCreate BackdoorsCover Their TracksCompromising a ServerCompromising a ClientInsider ThreatTraditional SecurityFirewallsDropped PacketsInBound Prevention and OutBound DetectionIntrusion DetectionSummary
IntroductionProducts vs. SolutionsLearning from the PastWhat is Risk?Focused SecurityFormal Risk ModelInsurance ModelCalculating RiskSummary
IntroductionData DiscoveryProtected EnclavesEverything Starts with Your DataCIAData ClassificationEncryptionTypes of EncryptionGoals of EncryptionData at RestData at MotionEncryption—More Than You Bargained ForNetwork Segmentation and De-ScopingEncryption Free ZoneSummary
IntroductionInbound PreventionOutbound DetectionNetwork vs. HostMaking Hard DecisionsIs AV/Host Protection Dead?Summary
IntroductionThe New RuleSuicidal MindsetIncident ResponseEvents/Audit TrailsSample Incidents6-Step ProcessForensic OverviewSummary
IntroductionIntegrated Approach to APTHow Bad is the Problem?Trying to Hit a Moving TargetFinding the Needle in the HaystackUnderstand What You HaveIdentifying APTMinimizing the ProblemEnd to End Solution for the APTSummary
IntroductionYou Cannot Fight the CloudIs the Cloud Really New?What is the Cloud?Securing the CloudReducing Cloud Computing RisksMobilization—BYOD (Bring Your Own Device)Dealing with Future TechnologiesSummary
IntroductionFacing RealityPredicting Attacks to Become ProactiveChanging How You Think About SecurityThe Problem has ChangedThe APT Defendable NetworkSummary
IntroductionWhat is the Problem That is Being Solved?If the Offense Knows More Than the Defense You Will LooseEnhancing User AwarenessVirtualized SandboxingPatchingWhite ListingSummary
IntroductionFocusing on the HumanFocusing on the DataGame PlanPrioritizing RisksKey Emerging TechnologiesThe Critical ControlsSummary

Content preview from Advanced Persistent Threat

Chapter 4

Risk-Based Approach to Security

Introduction

Security is a topic that organizations are concerned about. Most people do not even get surprised anymore when they hear about information being compromised and organizations being attacked. Security is a top priority for some individuals, many organizations, and most nations. However, while everyone likes to talk about security, very few organizations really know what it means to “be secure.” It is easy to say you are secure but it is hard for people to quantify and validate that they are implementing the proper level of security. Most people focus on the devastating impact that the APT can have on an organization but do not spend enough time on how to defend against it.

Organizations not ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Proactive EarlyThreat Detection and Securing Oracle Database with IBM QRadar, IBM Security Guardium Data Protection, and IBM Copy Services Manager by using IBM FlashSystem Safeguarded Copy

Shashank Shingornikar, Raninder Ravi Bhandari

Publisher Resources

ISBN: 9781597499491

Advanced Persistent Threat

by Eric Cole

Introduction

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

You might also like

Advanced Persistent Security

Enhanced Cyber Resilience Solution by Threat Detection using IBM Cloud Object Storage System and IBM QRadar SIEM

The Ransomware Threat Landscape

Proactive EarlyThreat Detection and Securing Oracle Database with IBM QRadar, IBM Security Guardium Data Protection, and IBM Copy Services Manager by using IBM FlashSystem Safeguarded Copy

Publisher Resources

Introduction

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,and much more.

You might also like

Advanced Persistent Security

Enhanced Cyber Resilience Solution by Threat Detection using IBM Cloud Object Storage System and IBM QRadar SIEM

The Ransomware Threat Landscape

Proactive EarlyThreat Detection and Securing Oracle Database with IBM QRadar, IBM Security Guardium Data Protection, and IBM Copy Services Manager by using IBM FlashSystem Safeguarded Copy

Publisher Resources

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.