Master the tactics and tools of the advanced persistent threat hackerIn this book, IT security expert Tyler Wrightson reveals the mindset, skills, and effective attack vectors needed to compromise any target of choice. Advanced Persistent Threat Hacking discusses the strategic issues that make all organizations vulnerable and provides noteworthy empirical evidence. You'll learn a proven APT Hacker Methodology for systematically targeting and infiltrating an organization ...

Security Smarts for the Self-Guided IT ProfessionalProtect wireless networks against all real-world hacks by learning how hackers operate. Wireless Network Security: A Beginner's Guide discusses the many attack vectors that target wireless networks and clients--and explains how to identify and prevent them. Actual cases of attacks against WEP, WPA, and wireless clients and their defenses are included.This practical resource reveals how intruders exploit vulnerabi...

Just as a professional athlete doesn’t show up without a solid game plan, ethical hackers, IT professionals, and security researchers should not be unprepared, either. The Hacker Playbook provides them their own game plans. Written by a longtime security professional and CEO of Secure Planet, LLC, this step-by-step guide to the “game” of penetration hacking features hands-on examples and helpful advice from the top of the field.Through a series of football-style “plays,” this strai...

The latest tactics for thwarting digital attacks“Our new reality is zero-day, APT, and state-sponsored attacks. Today, more than ever, security professionals need to get into the hacker’s mind, methods, and toolbox to successfully deter such relentless assaults. This edition brings readers abreast with the latest attack vectors and arms them for these continually evolving threats.” --Brett Wahlin, CSO, Sony Network Entertainment“Stop taking punches--let’s c...

The subject of security never strays far from the minds of IT workers, for good reason. If there is a network with even just one connection to another network, it needs to be secured. RADIUS, or Remote Authentication Dial-In User Service, is a widely deployed protocol that enables companies to authenticate, authorize and account for remote users who want access to a system or service from a central network server. Originally developed for dial-up remote access, RADIUS is now used ...

This fully updated bestseller covers the latest web application exploitation techniques and their proven countermeasures Hacking Exposed: Web Applications, Third Edition shows you how to meet the challenges of online security with the two-pronged "attack-countermeasure" approach. The Third Edition provides leading-edge updates to exploitation techniques, as well as new chapters covering industry-wide threats and countermeasures, such as web application hacking, phishing, and preventative w...

Implement an Effective Security Metrics Project or Program IT Security Metrics provides a comprehensive approach to measuring risks, threats, operational activities, and the effectiveness of data protection in your organization. The book explains how to choose and design effective measurement strategies and addresses the data requirements of those strategies. The Security Process Management Framework is introduced and analytical strategies for security metrics data are discussed. You'll le...

Author Michal Zalewski has long been known and respected in the hacking and security communities for his intelligence, curiosity and creativity, and this book is truly unlike anything else out there. In Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks, Zalewski shares his expertise and experience to explain how computers and networks work, how information is processed and delivered, and what security threats lurk in the shadows. No humdrum technica...

If you are a network administrator, you're under a lot of pressure to ensure that mission-critical systems are completely safe from malicious code, buffer overflows, stealth port scans, SMB probes, OS fingerprinting attempts, CGI attacks, and other network intruders. Designing a reliable way to detect intruders before they get in is an essential--but often overwhelming--challenge. Snort, the defacto open source standard of intrusion detection tools, is capable of performing real-time traff...

This book is a marvellous thing: an important intervention in the policy debate about information security and a practical text for people trying to improve the situation.— Cory Doctorowauthor, co-editor of Boing BoingA future with billions of connected "things" includes monumental security concerns. This practical book explores how malicious attackers can abuse popular IoT-based devices, including wireless LED lightbulbs, electronic door locks, baby monito...

Security Smarts for the Self-Guided IT ProfessionalFind out how to excel in the field of computer forensics investigations. Learn what it takes to transition from an IT professional to a computer forensic examiner in the private sector. Written by a Certified Information Systems Security Professional, Computer Forensics: InfoSec Pro Guide is filled with real-world case studies that demonstrate the concepts covered in the book.You’ll learn how to set up a forensic...

Explains how to implement secure Web services and includes coverage of trust, confidentiality, cryptography, authentication, authorization, and Kerberos. You’ll also find details on Security Assertion Markup Language (SAML), XML Key Management Specification (XKMS), XML Encryption, Hypertext Transfer Protocol-Reliability (HTTP-R) and more.