Asset Attack Vectors: Building Effective Vulnerability Management Strategies to Protect Organizations

Morey J. Haber

相關主題

商品描述

 

Build an effective vulnerability management strategy to protect your organization’s assets, applications, and data.

Today’s network environments are dynamic, requiring multiple defenses to mitigate vulnerabilities and stop data breaches. In the modern enterprise, everything connected to the network is a target. Attack surfaces are rapidly expanding to include not only traditional servers and desktops, but also routers, printers, cameras, and other IOT devices. It doesn’t matter whether an organization uses LAN, WAN, wireless, or even a modern PAN―savvy criminals have more potential entry points than ever before. To stay ahead of these threats, IT and security leaders must be aware of exposures and understand their potential impact.

 

Asset Attack Vectors will help you build a vulnerability management program designed to work in the modern threat environment. Drawing on years of combined experience, the authors detail the latest techniques for threat analysis, risk measurement, and regulatory reporting. They also outline practical service level agreements (SLAs) for vulnerability management and patch management.

Vulnerability management needs to be more than a compliance check box; it should be the foundation of your organization’s cybersecurity strategy. Read Asset Attack Vectors to get ahead of threats and protect your organization with an effective asset protection strategy.

What You’ll Learn

  • Create comprehensive assessment and risk identification policies and procedures
  • Implement a complete vulnerability management workflow in nine easy steps
  • Understand the implications of active, dormant, and carrier vulnerability states
  • Develop, deploy, and maintain custom and commercial vulnerability management programs
  • Discover the best strategies for vulnerability remediation, mitigation, and removal
  • Automate credentialed scans that leverage least-privilege access principles
  • Read real-world case studies that share successful strategies and reveal potential pitfalls

 

Who This Book Is For

New and intermediate security management professionals, auditors, and information technology staff looking to build an effective vulnerability management program and defend against asset based cyberattacks

商品描述(中文翻譯)

建立一個有效的漏洞管理策略,以保護您的組織的資產、應用程式和數據。

現今的網絡環境是動態的,需要多重防禦措施來減輕漏洞並阻止數據洩露。在現代企業中,與網絡相連的一切都是目標。攻擊面迅速擴大,不僅包括傳統的伺服器和桌面電腦,還包括路由器、打印機、攝像頭和其他物聯網設備。無論組織使用局域網、廣域網、無線網絡,甚至是現代個人區域網絡(PAN),犯罪分子都比以往更有潛在的入口點。為了應對這些威脅,IT和安全領導者必須意識到風險並了解其潛在影響。

《資產攻擊向量》將幫助您建立一個針對現代威脅環境的漏洞管理計劃。作者們借鑒多年的經驗,詳細介紹了最新的威脅分析、風險評估和法規報告技術。他們還概述了漏洞管理和補丁管理的實用服務水平協議(SLAs)。

漏洞管理應該不僅僅是一個合規性的核對框,它應該是您組織的網絡安全策略的基礎。閱讀《資產攻擊向量》,以提前應對威脅,並通過有效的資產保護策略保護您的組織。

您將學到什麼:

- 建立全面的評估和風險識別政策和程序
- 在九個簡單步驟中實施完整的漏洞管理工作流程
- 了解主動、休眠和載體漏洞狀態的影響
- 開發、部署和維護自定義和商業漏洞管理計劃
- 發現漏洞修復、減輕和刪除的最佳策略
- 自動化憑證掃描,利用最低特權訪問原則
- 閱讀真實案例研究,分享成功策略並揭示潛在陷阱

適合閱讀對象:

新手和中級安全管理專業人員、審計師和資訊技術人員,希望建立一個有效的漏洞管理計劃並防禦基於資產的網絡攻擊。