Cloud Attack Vectors: Building Effective Cyber-Defense Strategies to Protect Cloud Resources
暫譯: 雲端攻擊向量:建立有效的網路防禦策略以保護雲端資源

Haber, Morey J., Chappell, Brian, Hills, Christopher

  • 出版商: Apress
  • 出版日期: 2022-07-22
  • 售價: $2,370
  • 貴賓價: 9.5$2,252
  • 語言: 英文
  • 頁數: 280
  • 裝訂: Quality Paper - also called trade paper
  • ISBN: 1484282353
  • ISBN-13: 9781484282359
  • 海外代購書籍(需單獨結帳)

商品描述

Cyberattacks continue to increase in volume and sophistication, targeting everything owned, managed, and serviced from the cloud. Today, there is widespread consensus--it is not a matter of if, but rather when an organization will be breached. Threat actors typically target the path of least resistance. With the accelerating adoption of cloud technologies and remote work, the path of least resistance is shifting in substantive ways. In recent years, attackers have realigned their efforts, focusing on remaining undetected, monetization after exploitation, and publicly shaming organizations after a breach.

New, innovative, and useful products continue to emerge and offer some cloud protection, but they also have distinct limitations. No single, standalone solution or strategy can effectively protect against all cloud attack vectors or identify all malicious activity. The simple fact is that the cloud is based on a company's assets being offered as services. As a result, the best security any organization can achieve is to establish controls and procedures in conjunction with services that are licensed in the cloud.

Cloud Attack Vectors details the risks associated with cloud deployments, the techniques threat actors leverage, the empirically-tested defensive measures organizations should adopt, and shows how to improve detection of malicious activity.

What You'll Learn

  • Know the key definitions pertaining to cloud technologies, threats, and cybersecurity solutions
  • Understand how entitlements, permissions, rights, identities, accounts, credentials, and exploits can be leveraged to breach a cloud environment
  • Implement defensive and monitoring strategies to mitigate cloud threats, including those unique to cloud and hybrid cloud environments
  • Develop a comprehensive model for documenting risk, compliance, and reporting based on your cloud implementation

Who This Book Is For

New security professionals, entry-level cloud security engineers, managers embarking on digital transformation, and auditors looking to understand security and compliance risks associated with the cloud

商品描述(中文翻譯)

網路攻擊的數量和複雜性持續增加,目標是所有從雲端擁有、管理和服務的資產。如今,業界普遍認同——這不是「是否」會遭到攻擊的問題,而是「何時」會遭到攻擊的問題。威脅行為者通常會選擇阻力最小的路徑。隨著雲端技術和遠端工作的加速採用,阻力最小的路徑正在以實質的方式發生變化。近年來,攻擊者重新調整了他們的努力,專注於保持隱蔽性、在利用後獲利,以及在遭到攻擊後公開羞辱組織。

新的、創新的和有用的產品不斷出現,提供某種雲端保護,但它們也有明顯的限制。沒有任何單一的獨立解決方案或策略能有效地防護所有雲端攻擊向量或識別所有惡意活動。事實上,雲端是基於公司的資產作為服務提供的。因此,任何組織能夠達成的最佳安全性是建立控制措施和程序,並與雲端授權的服務相結合。

雲端攻擊向量詳細說明了與雲端部署相關的風險、威脅行為者所利用的技術、組織應採用的經驗證的防禦措施,並展示如何改善對惡意活動的檢測。

您將學到什麼


  • 了解與雲端技術、威脅和網路安全解決方案相關的關鍵定義

  • 理解如何利用權限、許可、權利、身份、帳戶、憑證和漏洞來攻破雲端環境

  • 實施防禦和監控策略以減輕雲端威脅,包括那些特有於雲端和混合雲環境的威脅

  • 根據您的雲端實施,開發一個全面的風險、合規性和報告文檔模型

本書適合誰閱讀

新進安全專業人員、初級雲端安全工程師、正在進行數位轉型的經理,以及希望了解與雲端相關的安全和合規風險的審計人員。

作者簡介

Morey J. Haber is Chief Technology Officer at BeyondTrust. He has more than 20 years of IT industry experience and is author of the book Privileged Attack Vectors and Asset Attack Vectors. Morey joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition. He currently oversees BeyondTrust technology for vulnerability, privileged, and remote access management solutions. In 2004, Morey joined eEye as the Director of Security Engineering and was responsible for strategic business discussions and vulnerability management architectures in Fortune 500 clients. Prior to eEye, he was a Development Manager for Computer Associates, Inc. (CA), responsible for new product beta cycles and named customer accounts. Morey began his career as a Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelors of Science in Electrical Engineering from the State University of New York at Stony Brook.

Brian Chappell is Chief Security Strategist for Beyond Trust, EMEA & APAC, and is a multi-skilled individual with a passion for delivering best practice solutions that help customers run their businesses more effectively and securely. His specialties include: cybersecurity solutions, IT strategy and implementation, project management, global IT operations management, sales engineering, software development, and enterprise and solutions architecture.

Christopher Hills is a Security Strategist focused on Privileged Access Management (PAM) and Identity and Access Management (IAM). He is Security Strategist for BeyondTrust's Privileged Access Management Solutions, enforcing Privileged Password Management and Privileged Session Management, Privileged Endpoint Management, and Secure Remote Access which utilizes a single pane of glass for all management aspects, including Automated Account Discovery, Privileged Management and Elevation, Audit and Compliance, and Behavior & Reporting. His responsibilities include: IAM/PAM focus, strategy, mentoring, leadership, customer and prospect liaison, thought leadership, background reference, business development, customer-facing GRC, and working closely with global sales and marketing organizations to help support GTM efforts while assisting with critical sales opportunities and key marketing events.

作者簡介(中文翻譯)

**Morey J. Haber** 是 BeyondTrust 的首席技術官。他在 IT 行業擁有超過 20 年的經驗,並且是書籍 *Privileged Attack Vectors and Asset Attack Vectors* 的作者。Morey 於 2012 年加入 BeyondTrust,成為 eEye Digital Security 收購的一部分。他目前負責 BeyondTrust 在漏洞、特權和遠端存取管理解決方案方面的技術。2004 年,Morey 加入 eEye 擔任安全工程總監,負責與《財富》500 強客戶的戰略業務討論和漏洞管理架構。在加入 eEye 之前,他是 Computer Associates, Inc. (CA) 的開發經理,負責新產品的測試周期和指定客戶帳戶。Morey 的職業生涯始於政府承包商,擔任可靠性和可維護性工程師,負責建造飛行和訓練模擬器。他在紐約州立大學石溪分校獲得電機工程學士學位。

**Brian Chappell** 是 BeyondTrust 在 EMEA 和 APAC 的首席安全策略師,他是一位多才多藝的人,熱衷於提供最佳實踐解決方案,幫助客戶更有效和安全地運營業務。他的專長包括:網絡安全解決方案、IT 策略與實施、項目管理、全球 IT 營運管理、銷售工程、軟體開發以及企業和解決方案架構。

**Christopher Hills** 是一位專注於特權存取管理 (PAM) 和身份與存取管理 (IAM) 的安全策略師。他是 BeyondTrust 特權存取管理解決方案的安全策略師,負責執行特權密碼管理、特權會話管理、特權端點管理和安全遠端存取,這些解決方案利用單一管理介面來處理所有管理方面,包括自動帳戶發現、特權管理與提升、審計與合規性,以及行為與報告。他的職責包括:IAM/PAM 專注、策略、指導、領導、客戶與潛在客戶聯絡、思想領導、背景參考、業務發展、面向客戶的 GRC,以及與全球銷售和市場組織密切合作,以支持 GTM 工作,同時協助關鍵銷售機會和重要市場活動。