O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Security Intelligence: A Practitioner's Guide to Solving Enterprise Security Challenges

Book Description

Similar to unraveling a math word problem, Security Intelligence: A Practitioner's Guide to Solving Enterprise Security Challenges guides you through a deciphering process that translates each security goal into a set of security variables, substitutes each variable with a specific security technology domain, formulates the equation that is the deployment strategy, then verifies the solution against the original problem by analyzing security incidents and mining hidden breaches, ultimately refines the security formula iteratively in a perpetual cycle. You will learn about:

  • Secure proxies - the necessary extension of the endpoints

  • Application identification and control - visualize the threats

  • Malnets - where is the source of infection and who are the pathogens

  • Identify the security breach - who was the victim and what was the lure

  • Security in Mobile computing - SNAFU

  • With this book, you will be able to:

  • Identify the relevant solutions to secure the infrastructure

  • Construct policies that provide flexibility to the users so to ensure productivity

  • Deploy effective defenses against the ever evolving web threats

  • Implement solutions that are compliant to relevant rules and regulations

  • Offer insight to developers who are building new security solutions and products

  • Table of Contents

    1. Cover Page
    2. Title Page
    3. Copyright
    4. Dedication
    5. Credits
    6. About the Authors
    7. Acknowledgments
    8. Contents
    9. Foreword
    10. Preface
    11. CHAPTER 1: Fundamentals of Secure Proxies
      1. Security Must Protect and Empower Users
      2. Conventional Security Solutions
      3. Security Proxy: A Necessary Extension of the End Point
      4. SSL Proxy and Interception
      5. Summary
    12. CHAPTER 2: Proxy Deployment Strategies and Challenges
      1. Definitions of Proxy Types: Transparent Proxy and Explicit Proxy
      2. Inline Deployment of Transparent Proxy: Physical Inline and Virtual Inline
      3. Challenges of Transparent Interception
      4. Asymmetric Traffic Flow Detection and Clustering
      5. Proxy Chaining
      6. Summary
    13. CHAPTER 3: Proxy Policy Engine and Policy Enforcements
      1. Policy System Overview
      2. Policy Updates and Versioning System
      3. Policy Evaluation
      4. Enforcing External Policy Decisions
      5. Summary
    14. CHAPTER 4: Malware and Malware Delivery Networks
      1. Cyber Warfare and Targeted Attacks
      2. Casting the Lures
      3. Malware Delivery Networks
      4. Antivirus Software and End-Point Solutions: The Losing Battle
      5. Summary
    15. CHAPTER 5: Malnet Detection Techniques
      1. Automated URL Reputation System
      2. Dynamic Webpage Content Rating
      3. Detecting Malicious Web Infrastructure
      4. Detecting Malicious Servers with a Honeyclient
      5. Summary
    16. CHAPTER 6: Writing Policies
      1. Overview of the ProxySG Policy Language
      2. Scenarios and Policy Implementation
      3. Data Loss Prevention
      4. Summary
    17. CHAPTER 7: The Art of Application Classification
      1. A Brief History of Classification Technology
      2. Signature-Based Pattern Matching Classification
      3. Machine Learning-Based Classification Technique
      4. Classifier Performance Evaluation
      5. Proxy versus Classifier
      6. Summary
    18. CHAPTER 8: Retrospective Analysis
      1. Data Acquisition
      2. Data Indexing and Query
      3. Notes on Building a Retrospective Analysis System
      4. Summary
    19. CHAPTER 9: Mobile Security
      1. Mobile Device Management, or Lack Thereof
      2. Mobile Applications and Their Impact on Security
      3. Security Threats and Hazards in Mobile Computing
      4. Research Results and Proposed Solutions
      5. Infrastructure-Centric Mobile Security Solution
      6. Summary
    20. Bibliography
    21. Index