Practical Security - Roman Zabicki

Practical Security

Simple Practices for Defending Your Systems

(Autor)

Buch | Softcover
132 Seiten
2019
Pragmatic Bookshelf (Verlag)
978-1-68050-634-1 (ISBN)
24,10 inkl. MwSt
TrailerVideo

Most security professionals don't have the words security or hacker in their job title. Instead, as a developer or admin you often have to fit in security alongside your official responsibilities - building and maintaining computer systems. Implement the basics of good security now, and you'll have a solid foundation if you bring in a dedicated security staff later. Identify the weaknesses in your system, and defend against the attacks most likely to compromise your organization, without needing to become a trained security professional.

Computer security is a complex issue. But you don't have to be an expert in all the esoteric details to prevent many common attacks. Attackers are opportunistic and won't use a complex attack when a simple one will do. You can get a lot of benefit without too much complexity, by putting systems and processes in place that ensure you aren't making the obvious mistakes. Secure your systems better, with simple (though not always easy) practices.

Plan to patch often to improve your security posture. Identify the most common software vulnerabilities, so you can avoid them when writing software. Discover cryptography - how it works, how easy it is to get wrong, and how to get it right. Configure your Windows computers securely. Defend your organization against phishing attacks with training and technical defenses.

Make simple changes to harden your system against attackers.

What You Need: You don't need any particular software to follow along with this book. Examples in the book describe security vulnerabilities and how to look for them. These examples will be more interesting if you have access to a code base you've worked on. Similarly, some examples describe network vulnerabilities and how to detect them. These will be more interesting with access to a network you support.

Roman Zabicki has a BA in computer science from the University of Chicago. He's worked in software full-time since 1999. Today he works at Relativity, a Chicago-based software company. At Relativity, he leads the sec ops team within Calder7, Relativity's security team. He's a lifelong Chicagoan and lives in Chicago with his wife Marnie and their children.

Acknowledgments
Introduction
Who Is This Book For?
What’s in This Book
Online Resources
Patching
Upgrading Third-Party Libraries and Software
Library Inventory
Network InventoryPhishing
Patching Windows
Finding Published Vulnerabilities
Testing Your Patches
If Patching Hurts, Do It More Often
A Practical Application of Fear
What’s Next?
Vulnerabilities
SQL Injection
Cross-Site Scripting (XSS)
Cross-Site Request Forgery (XSRF)
Misconfiguration
Suggested Reading
What’s Next?
Cryptography
Don’t Roll Your Own Crypto
Don’t Use Low-Level Crypto Libraries
Evaluating Crypto Libraries Without Being a Crypto Expert
Password Storage
Storing Passwords When You’re the Client
Minimizing the Cost of Credential Loss
Keeping Passwords Hard to Predict
TLS Configuration
What’s Next?
Windows
Windows Users
Login and Mimikatz
Password Policy
Active Directory: What Else Is It Good For?
BitLocker
What’s Next?
Phishing
Types of Phishing Attacks
Social Defense
Don’t DIY
DNS-Based Defense
Authentication-Based Defense
In-Application Defense
Got Phished. Now What?
Wrapping Up

Erscheinungsdatum
Verlagsort Raleigh
Sprache englisch
Maße 192 x 238 mm
Gewicht 268 g
Einbandart kartoniert
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Schlagworte Computersicherheit • IT-Sicherheit • Netzwerksicherheit • Phishing
ISBN-10 1-68050-634-X / 168050634X
ISBN-13 978-1-68050-634-1 / 9781680506341
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich
Das Lehrbuch für Konzepte, Prinzipien, Mechanismen, Architekturen und …

von Norbert Pohlmann

Buch | Softcover (2022)
Springer Vieweg (Verlag)
34,99
Management der Informationssicherheit und Vorbereitung auf die …

von Michael Brenner; Nils gentschen Felde; Wolfgang Hommel

Buch (2024)
Carl Hanser (Verlag)
69,99

von Chaos Computer Club

Buch | Softcover (2024)
KATAPULT Verlag
28,00