Go to A-Z Databases: Books & eBooks to search for more eBooks. Must access on campus or login with your COM account for off campus access.
Want more on finding books or eBooks? Try our How to Use Books & eBooks guides.
Advanced Infrastructure Penetration Testing
A highly detailed guide to performing powerful attack vectors in many hands-on scenarios and defending significant security flaws in your company's infrastructure Key Features Advanced exploitation techniques to breach modern operating systems and complex network devices Learn about Docker breakouts, Active Directory delegation, and CRON jobs Practical use cases to deliver an intelligent endpoint-protected system Book Description It has always been difficult to gain hands-on experience and a comprehensive understanding of advanced penetration testing techniques and vulnerability assessment and management. This book will be your one-stop solution to compromising complex network devices and modern operating systems. This book provides you with advanced penetration testing techniques that will help you exploit databases, web and application servers, switches or routers, Docker, VLAN, VoIP, and VPN. With this book, you will explore exploitation abilities such as offensive PowerShell tools and techniques, CI servers, database exploitation, Active Directory delegation, kernel exploits, cron jobs, VLAN hopping, and Docker breakouts. Moving on, this book will not only walk you through managing vulnerabilities, but will also teach you how to ensure endpoint protection. Toward the end of this book, you will also discover post-exploitation tips, tools, and methodologies to help your organization build an intelligent security system. By the end of this book, you will have mastered the skills and methodologies needed to breach infrastructures and provide complete endpoint protection for your system. What you will learn Exposure to advanced infrastructure penetration testing techniques and methodologies Gain hands-on experience of penetration testing in Linux system vulnerabilities and memory exploitation Understand what it takes to break into enterprise networks Learn to secure the configuration management environment and continuous delivery pipeline Gain an understanding of how to exploit networks and IoT devices Discover real-world, post-exploitation techniques and countermeasures Who this book is for If you are a system administrator, SOC analyst, penetration tester, or a network engineer and want to take your penetration testing skills and security knowledge to the next level, then this book is for you. Some prior experience with penetration testing tools and knowledge of Linux and Windows command-line syntax is beneficial.
The Art of Attack: Attacker Mindset for Security Professionals
Take on the perspective of an attacker with this insightful new resource for ethical hackers, pentesters, and social engineers In The Art of Attack: Attacker Mindset for Security Professionals, experienced physical pentester and social engineer Maxie Reynolds untangles the threads of a useful, sometimes dangerous, mentality. The book shows ethical hackers, social engineers, and pentesters what an attacker mindset is and how to use it to their advantage. Adopting this mindset will result in the improvement of security, offensively and defensively, by allowing you to see your environment objectively through the eyes of an attacker. The book shows you the laws of the mindset and the techniques attackers use, from persistence to "start with the end" strategies and non-linear thinking, that make them so dangerous. You'll discover: A variety of attacker strategies, including approaches, processes, reconnaissance, privilege escalation, redundant access, and escape techniques The unique tells and signs of an attack and how to avoid becoming a victim of one What the science of psychology tells us about amygdala hijacking and other tendencies that you need to protect against Perfect for red teams, social engineers, pentesters, and ethical hackers seeking to fortify and harden their systems and the systems of their clients, The Art of Attack is an invaluable resource for anyone in the technology security space seeking a one-stop resource that puts them in the mind of an attacker.
Careers in Cybersecurity
Careers in Cybersecurity provides detailed and need-to-know information on various careers in cybersecurity. Each chapter provides a wealth of real-world information including A Day in the Life, Work Environment, Education & Training, Earnings & Advancement, Employment Outlook, and Conversations with Real Professionals, as well as contacts for more information.
Computer Security and Encryption
Because of the rapid growth of cybercrime, cryptography and systemsecurity may be the fastest growing technologies in our culture today. Thisbook describes various aspects of cryptography and system security, with aparticular emphasis on the use of rigorous security models and practices in the design of networks and systems. The first portion of the book presents the overall system security concepts and provides a general overview of its features, such as object model and inter-object communications. The objective is to provide an understanding of the cryptography underpinnings on which therest of the book is based. The book is designed to meet the needs of beginnersas well as more advanced readers. Features: Covers the major components of cryptography and system security, with a particular emphasis on the use of rigorous security models and practices used in the design of networks and systems Includes a discussion of emerging technologies such as Big Data Analytics, cloud computing, Internet of Things (IoT), Smart Grid, SCADA, control systems, and Wireless Sensor Networks (WSN)
Conversations in Cyberspace : Insights on Cyber- Threat Prevention from IT Professionals, Blockchain developers and Growth Hackers
Conversations in Cyberspace is a collection of insights on the current state of security and privacy in the Internet world. The book contains a brief introduction to some of the most used open-source intelligence (OSINT) tools and a selection of interviews with some of the key figures in industrial control systems (ICS), advanced persistent threat (APT) and online/deep web members organizations. It aims to be an introduction to the relationships between security, OSINT and the vast and complex world hiding in the deep web. The information provided will be beneficial to security professionals and system administrators interested in exploring today's concerns in database design, privacy and security-by-design, and deep web members organizations, including Cicada 3301, the Unknowns, Anonymous, and more.
Cyber Resilience
Modern cyber systems acquire more emergent system properties, as far as their complexity increases: cyber resilience, controllability, self-organization, proactive cyber security and adaptability. Each of the listed properties is the subject of cybernetics research and each subsequent feature makes sense only if there is a previous one. Cyber resilience is the most important feature of any cyber system, especially during the transition to the sixth technological stage and related Industry 4.0 technologies: Artificial Intelligence (AI), Cloud and foggy computing, 5G +, IoT/IIoT, Big Data and ETL, Q-computing, Blockchain, VR/AR, etc. We should even consider the cyber resilience as a primary one, because the mentioned systems cannot exist without it. Indeed, without the sustainable formation made of the interconnected components of the critical information infrastructure, it does not make sense to discuss the existence of 4.0 Industry cyber-systems. In cases when the cyber security of these systems is mainly focused on the assessment of the incidents' probability and prevention of possible security threats, the cyber resilience is mainly aimed at preserving the targeted behavior and cyber systems' performance under the conditions of known (about 45 %) as well as unknown (the remaining 55 %) cyber attacks. This monograph shows that modern Industry 4.0. cyber systems do not have the required cyber resilience for targeted performance under heterogeneous mass intruder cyber-attacks. The main reasons include a high cyber system structural and functional complexity, a potential danger of existing vulnerabilities and "sleep" hardware and software tabs, as well as an inadequate efficiency of modern models, methods, and tools to ensure cyber security, reliability, response and recovery. A new formulation of the cyber resilience problem under heterogeneous mass cyber-attacks is proposed, in which the cyber system performance recovery in destructive software impacts prevents significant or catastrophic consequences. Here, the idea of ensuring the cyber resilience is to give the cyber systems the ability to develop immunity to disturbances of the computational processes under destructive influences, by analogy with the immune system protecting a living organism. The book contains three chapters, devoted to the following topics: Development of the Cyber Resilience Management Concept of modern technological platforms and cyber-systems of 4.0 Industry; Development of a corporate cyber risk management methodology; Technical implementation of the corporate program of business sustainability management based on the best practices (standards).
Cybersecurity : A Self-Teaching Introduction
This book is designed to provide the reader with the fundamental concepts of cybersecurity and cybercrime in an easy to understand, "self-teaching" format.It introduces all of the major subjects related to cybersecurity, includingdata security, threats and viruses, malicious software, firewalls and VPNs, security architecture and design, security policies, cyberlaw, cloud security, and more. Features: Provides an overview ofcybersecurity and cybercrime subjects in an easy to understand, "self-teaching"format Covers security related to emerging technologies such as cloud security, IoT, AES, and grid challenges Includes discussion of information systems, cryptography, data andnetwork security, threats and viruses, electronic payment systems, malicioussoftware, firewalls and VPNs, security architecture and design, securitypolicies, cyberlaw, and more.
Cybersecurity: Current Writings on Threats and Protection
This handbook of cybersecurity best practices is for public officials and citizens, employers and employees, corporations and consumers. Essays also address the development of state-of-the-art software systems and hardware for public and private organizations.
Cyber Security in Parallel and Distributed Computing
The book contains several new concepts, techniques, applications and case studies for cyber securities in parallel and distributed computing The main objective of this book is to explore the concept of cybersecurity in parallel and distributed computing along with recent research developments in the field. Also included are various real-time/offline applications and case studies in the fields of engineering and computer science and the modern tools and technologies used. Information concerning various topics relating to cybersecurity technologies is organized within the sixteen chapters of this book. Some of the important topics covered include: Research and solutions for the problem of hidden image detection Security aspects of data mining and possible solution techniques A comparative analysis of various methods used in e-commerce security and how to perform secure payment transactions in an efficient manner Blockchain technology and how it is crucial to the security industry Security for the Internet of Things Security issues and challenges in distributed computing security such as heterogeneous computing, cloud computing, fog computing, etc. Demonstrates the administration task issue in unified cloud situations as a multi-target enhancement issue in light of security Explores the concepts of cybercrime and cybersecurity and presents the statistical impact it is having on organizations Security policies and mechanisms, various categories of attacks (e.g., denial-of-service), global security architecture, along with distribution of security mechanisms Security issues in the healthcare sector with existing solutions and emerging threats.
Developing a Cybersecurity Immune System for Industry 4. 0
Cyber immune systems try to mimic the adaptive immune system of humans and animals because of their capability to detect and fend off new, unseen pathogens. Today's current cybersecurity systems provide an effective defense mechanism against known cyber-attacks but are not so good when it comes to defending against unknown attacks. This book describes the possible development and organization of self-healing computing based on cyber immunity techniques and aimed at working in the new realm of Industry 4.0. Industry 4.0 is the trend towards automation and data exchange in manufacturing technologies and processes which include cyber-physical systems (CPS), the internet of things (IoT), industrial internet of things (IIOT), cloud computing, cognitive computing and artificial intelligence. The book describes the author's research and development of cyber-immunity systems that will prevent the destruction of critical information infrastructure by future unknown cyber-attacks and thus avoid the significant or catastrophic consequences of such attacks. The book is designed for undergraduate and post-graduate students, for engineers in related fields as well as managers of corporate and state structures, chief information officers (CIO), chief information security officers (CISO), architects, and research engineers in the field of cybersecurity. This book contains four chapters Cyber Immunity Concept of the Industry 4.0; Mathematical Framework for Immune Protection of Industry 4.0; Trends and prospects of the development of Immune Protection of Industry 4.0; From detecting cyber-attacks to self-healing Industry 4.0
Empirical Research for Software Security
Developing secure software requires the integration of numerous methods and tools into the development process, and software design is based on shared expert knowledge, claims, and opinions. Empirical methods, including data analytics, allow extracting knowledge and insights from the data that organizations collect from their processes and tools, and from the opinions of the experts who practice these processes and methods. This book introduces the reader to the fundamentals of empirical research methods, and demonstrates how these methods can be used to hone a secure software development lifecycle based on empirical data and published best practices.
Hands-On Cybersecurity with Blockchain
Develop blockchain application with step-by-step instructions, working example and helpful recommendations Key Features Understanding the blockchain technology from the cybersecurity perspective Developing cyber security solutions with Ethereum blockchain technology Understanding real-world deployment of blockchain based applications Book Description Blockchain technology is being welcomed as one of the most revolutionary and impactful innovations of today. Blockchain technology was first identified in the world's most popular digital currency, Bitcoin, but has now changed the outlook of several organizations and empowered them to use it even for storage and transfer of value. This book will start by introducing you to the common cyberthreat landscape and common attacks such as malware, phishing, insider threats, and DDoS. The next set of chapters will help you to understand the workings of Blockchain technology, Ethereum and Hyperledger architecture and how they fit into the cybersecurity ecosystem. These chapters will also help you to write your first distributed application on Ethereum Blockchain and the Hyperledger Fabric framework. Later, you will learn about the security triad and its adaptation with Blockchain. The last set of chapters will take you through the core concepts of cybersecurity, such as DDoS protection, PKI-based identity, 2FA, and DNS security. You will learn how Blockchain plays a crucial role in transforming cybersecurity solutions. Toward the end of the book, you will also encounter some real-world deployment examples of Blockchain in security cases, and also understand the short-term challenges and future of cybersecurity with Blockchain. What you will learn Understand the cyberthreat landscape Learn about Ethereum and Hyperledger Blockchain Program Blockchain solutions Build Blockchain-based apps for 2FA, and DDoS protection Develop Blockchain-based PKI solutions and apps for storing DNS entries Challenges and the future of cybersecurity and Blockchain Who this book is for The book is targeted towards security professionals, or any stakeholder dealing with cybersecurity who wants to understand the next-level of securing infrastructure using Blockchain. Basic understanding of Blockchain can be an added advantage.
IoT Security Issues
IoT Security Issues looks at the burgeoning growth of devices of all kinds controlled over the Internet of all varieties, where product comes first and security second. In this case, security trails badly. This book examines the issues surrounding these problems, vulnerabilities, what can be done to solve the problem, investigating the stack for the roots of the problems and how programming and attention to good security practice can combat the problems today that are a result of lax security processes on the Internet of Things. This book is for people interested in understanding the vulnerabilities on the Internet of Things, such as programmers who have not yet been focusing on the IoT, security professionals and a wide array of interested hackers and makers. This book assumes little experience or knowledge of the Internet of Things. To fully appreciate the book, limited programming background would be helpful for some of the chapters later in the book, though the basic content is explained. The author, Alasdair Gilchrist, has spent 25 years as a company director in the fields of IT, Data Communications, Mobile Telecoms and latterly Cloud/SDN/NFV technologies, as a professional technician, support manager, network and security architect. He has project-managed both agile SDLC software development as well as technical network architecture design. He has experience in the deployment and integration of systems in enterprise, cloud, fixed/mobile telecoms, and service provider networks. He is therefore knowledgeable in a wide range of technologies and has written a number of books in related fields.
Navigating the Cybersecurity Career Path
Land the perfect cybersecurity role--and move up the ladder--with this insightful resource Finding the right position in cybersecurity is challenging. Being successful in the profession takes a lot of work. And becoming a cybersecurity leader responsible for a security team is even more difficult. In Navigating the Cybersecurity Career Path, decorated Chief Information Security Officer Helen Patton delivers a practical and insightful discussion designed to assist aspiring cybersecurity professionals entering the industry and help those already in the industry advance their careers and lead their first security teams. In this book, readers will find: Explanations of why and how the cybersecurity industry is unique and how to use this knowledge to succeed Discussions of how to progress from an entry-level position in the industry to a position leading security teams and programs Advice for every stage of the cybersecurity career arc Instructions on how to move from single contributor to team leader, and how to build a security program from scratch Guidance on how to apply the insights included in this book to the reader's own situation and where to look for personalized help A unique perspective based on the personal experiences of a cybersecurity leader with an extensive security background Perfect for aspiring and practicing cybersecurity professionals at any level of their career, Navigating the Cybersecurity Career Path is an essential, one-stop resource that includes everything readers need to know about thriving in the cybersecurity industry.
Security and Privacy in the Digital Era
"The state, that must eradicate all feelings of insecurity, even potential ones, has been caught in a spiral of exception, suspicion and oppression that may lead to a complete disappearance of liberties." --Mireille Delmas Marty, Libertés et sûreté dans un monde dangereux, 2010 This book will examine the security/freedom duo in space and time with regards to electronic communications and technologies used in social control. It will follow a diachronic path from the relative balance between philosophy and human rights, very dear to Western civilization (at the end of the 20th Century), to the current situation, where there seems to be less freedom in terms of security to the point that some scholars have wondered whether privacy should be redefined in this era. The actors involved (the Western states, digital firms, human rights organizations etc.) have seen their roles impact the legal and political science fields.
Successful Cybersecurity Professionals : How to Change Your Behavior to Protect Your Organization
This book provides a unique perspective into the mindset of psychology and cybersecurity. It presents a view of incorporating the latest research in cybersecurity and behavior. The newest cybersecurity challenge is not just understanding cybercriminals' behavior, but our behavior as well, and to realize that some of behaviors could lead us in making bad cybersecurity decisions. By using models and literature rooted in psychology and comparing those to cybersecurity attacks, this book will help those who make crucial cybersecurity decisions to protect their organization, even better decisions. Dr. Brown also presents even a possible theory of cybersecurity. Key areas include: behaviorism; learning models; cybersecurity vulnerabilities; stereotypes; cybersecurity traits; conditioned response; social engineering; deep fakes.