Privileged Attack Vectors: Building Effective Cyber-Defense Strategies to Protect Organizations (特權攻擊向量:建立有效的網路防禦策略以保護組織)
Morey J. Haber, Brad Hibbert
相關主題
商品描述
See how privileges, passwords, vulnerabilities, and exploits can be combined as an attack vector and breach any organization. Cyber attacks continue to increase in volume and sophistication. It is not a matter of if, but when, your organization will be breached. Attackers target the perimeter network, but, in recent years, have refocused their efforts on the path of least resistance: users and their privileges.
In decades past, an entire enterprise might be sufficiently managed through just a handful of credentials. Today’s environmental complexity means privileged credentials are needed for a multitude of different account types (from domain admin and sysadmin to workstations with admin rights), operating systems (Windows, Unix, Linux, etc.), directory services, databases, applications, cloud instances, networking hardware, Internet of Things (IoT), social media, and more. When unmanaged, these privileged credentials pose a significant threat from external hackers and insider threats.
There is no one silver bullet to provide the protection you need against all vectors and stages of an attack. And while some new and innovative solutions will help protect against or detect the initial infection, they are not guaranteed to stop 100% of malicious activity. The volume and frequency of privilege-based attacks continues to increase and test the limits of existing security controls and solution implementations.
Privileged Attack Vectors details the risks associated with poor privilege management, the techniques that hackers and insiders leverage, and the defensive measures that organizations must adopt to protect against a breach, protect against lateral movement, and improve the ability to detect hacker activity or insider threats in order to mitigate the impact.
What You’ll Learn
- Know how identities, credentials, passwords, and exploits can be leveraged to escalate privileges during an attack
- Implement defensive and auditing strategies to mitigate the threats and risk
- Understand a 12-step privileged access management Implementation plan
- Consider deployment and scope, including risk, auditing, regulations, and oversight solutions
Security management professionals, new security professionals, and auditors looking to understand and solve privileged escalation threats
商品描述(中文翻譯)
了解特權、密碼、漏洞和攻擊如何結合成攻擊向量,並入侵任何組織。網絡攻擊的數量和複雜性不斷增加。你的組織被入侵不是問題是否,而是問題何時。攻擊者以外圍網絡為目標,但近年來,他們將注意力轉向最容易攻擊的途徑:用戶和他們的特權。
過去幾十年,一個企業可能只需要少數幾個憑證就能有效管理。如今,環境的複雜性意味著需要特權憑證來管理多種不同類型的帳戶(從域管理員和系統管理員到具有管理權限的工作站),操作系統(Windows、Unix、Linux等),目錄服務,數據庫,應用程序,雲實例,網絡硬件,物聯網(IoT),社交媒體等等。如果未加管理,這些特權憑證對外部黑客和內部威脅構成重大威脅。
沒有一個解決方案可以提供對所有攻擊向量和攻擊階段的完全保護。儘管一些新的創新解決方案可以幫助防止或檢測初始感染,但它們不能保證100%阻止惡意活動。基於特權的攻擊的數量和頻率不斷增加,並測試現有安全控制和解決方案實施的極限。
《特權攻擊向量》詳細介紹了與不良特權管理相關的風險,黑客和內部人員利用的技術,以及組織必須採取的防禦措施,以保護免受入侵,防止橫向移動,提高檢測黑客活動或內部威脅的能力,以減輕影響。
你將學到什麼:
- 了解在攻擊期間如何利用身份、憑證、密碼和漏洞來升級特權
- 實施防禦和審計策略以減輕威脅和風險
- 瞭解12步特權訪問管理實施計劃
- 考慮部署和範圍,包括風險、審計、法規和監督解決方案
這本書適合對特權升級威脅有興趣的安全管理專業人士、新的安全專業人士和審計師。