Fr. 51.90

Practical Vulnerability Management

English · Paperback / Softback

Shipping usually within 1 to 3 weeks (not available at short notice)

Description

Read more

Zusatztext "An easy read and offers comprehensive solutions to keeping an organization secure and always prepared for possible attacks."  —Helga Labus, Help Net Security Informationen zum Autor Andrew Magnusson has been working in the information security field since 2002, in areas ranging from firewall configuration to security consulting to managing SOC2 compliance. As a consultant deploying enterprise vulnerability management tools he has seen how an organization's vulnerability management practices, or lack thereof, affects their overall information security posture. Klappentext Practical Vulnerability Management shows you how to weed out system security weaknesses and squash cyber threats in their tracks. Bugs: they're everywhere. Software, firmware, hardware -- they all have them. Bugs even live in the cloud. And when one of these bugs is leveraged to wreak havoc or steal sensitive information, a company's prized technology assets suddenly become serious liabilities. Fortunately, exploitable security weaknesses are entirely preventable; you just have to find them before the bad guys do. Practical Vulnerability Management will help you achieve this goal on a budget, with a proactive process for detecting bugs and squashing the threat they pose. The book starts by introducing the practice of vulnerability management, its tools and components, and detailing the ways it improves an enterprise's overall security posture. Then it's time to get your hands dirty! As the content shifts from conceptual to practical, you're guided through creating a vulnerability-management system from the ground up, using open-source software. Along the way, you'll learn how to: • Generate accurate and usable vulnerability intelligence • Scan your networked systems to identify and assess bugs and vulnerabilities • Prioritize and respond to various security risks • Automate scans, data analysis, reporting, and other repetitive tasks • Customize the provided scripts to adapt them to your own needs Playing whack-a-bug won't cut it against today's advanced adversaries. Use this book to set up, maintain, and enhance an effective vulnerability management system, and ensure your organization is always a step ahead of hacks and attacks. Leseprobe INTRODUCTION It’s human nature to pay attention to the problems that are big and flashy, attracting lots of interest, such as advanced persistent threat (APT) groups—state-sponsored attackers. APT-linked attackers have compromised major retailers, financial institutions, and even government networks. But when we focus all of our attention on APTs and other headline-generating activity, we miss basic issues. Even though you have new firewalls protecting your system and powerful traffic-monitoring devices, if you don’t keep up with the bread and butter of your security responsibilities, you’re leaving many chinks in your system’s armor. Neglecting the basics, like keeping your systems updated, can lead to serious consequences. Consider this example: suppose you’re an information security manager at a medium-sized e-commerce business. You’ve set up firewalls to block incoming traffic except for traffic to internet-facing services on systems in your demilitarized zone (DMZ) . You’ve turned on egress filtering to block unauthorized exit traffic. An antivirus is on the endpoints, and you’ve hardened your servers. You believe your system is safe.  But an old web service is running on an outdated version of Tomcat on a Linux server in the DMZ. It’s a relic from an ill-advised foray into selling some of your company’s valuable proprietary data to selected business partners. The initiative failed, but because you made some sales, you had a contractual obligation to keep that server up for another year. At the end of the year, the project was quietly shuttered, bu...

Product details

Authors Andrew Magnusson
Publisher No Starch Press
 
Languages English
Product format Paperback / Softback
Released 29.02.2020
 
EAN 9781593279882
ISBN 978-1-59327-988-2
No. of pages 270
Dimensions 178 mm x 235 mm x 12 mm
Subjects Natural sciences, medicine, IT, technology > IT, data processing

COMPUTERS / Security / General, COMPUTERS / Security / Viruses & Malware, Computer programming / software engineering, Computer viruses, Trojans & worms, COMPUTERS / System Administration / Backup & Recovery

Customer reviews

No reviews have been written for this item yet. Write the first review and be helpful to other users when they decide on a purchase.

Write a review

Thumbs up or thumbs down? Write your own review.

For messages to CeDe.ch please use the contact form.

The input fields marked * are obligatory

By submitting this form you agree to our data privacy statement.