Holistic Information Security
暫譯: 整體資訊安全

Kim Carter

Holistic Information Security
  • 出版商: Packt Publishing
  • 出版日期: 2018-05-09
  • 售價: $1,690
  • 貴賓價: 9.5$1,606
  • 語言: 英文
  • 頁數: 288
  • 裝訂: Paperback
  • ISBN: 1788292162
  • ISBN-13: 9781788292160
  • 相關分類: 資訊安全

    • 海外代購書籍(需單獨結帳)

相關主題

商品描述

Key Features

  • Learn to improve your website security
  • Teaches methods for maximizing security at minimal cost, by introducing effective measures at key stages
  • Practical advive that can be immediately applied to websites and team processed to strengthen against attack
  • How to think for yourself when you're under attack

Book Description

This book begins a new Holistic Infosec series that will give you a broad and in-depth coverage of what web developers and architects need to know today to create robust, reliable, maintainable and secure software, and networks - that are delivered continuously, on time, with no nasty surprises.

Holistic Information Security begins by taking the reader to the 30,000' view, so you can start to see the entire security landscape. It then explains a very simple threat modelling approach created by Bruce Schneier, called the Sensible Security Model (SSM).

Kim Carter then takes Schneier's approach and applies it to increasingly fine details of Information Security picture. Kim details how to set-up a security focussed distribution with all the tools and configuration options required for working through the book. You'll then walk through the Process and Practices that attackers often execute, and Kim provides key techniques from that experience to show you how to train website defenders. You'll also learn how website defenders can find defects from the most expensive places through to the cheapest places within your Sprint cycles.

This book will ultimately help you answer your own questions, and you'll learn how to create systems, and arm people, to withstand the types of attacks commonly encountered today. You'll see that by simply lifting the lower hanging fruit for an attacker, they will frequently move on to an easier target. Unless they are specifically targeting you... so Kim Carter then goes into depth about how you can find many of the risks and countermeasures to increase the difficulty for your attacker, and dramatically increase your chances of defense and counter-attack in the modern security world.

What you will learn

  • How to use the Schneier threat modelling approach
  • Setting up your tool-belt
  • The process of penetration testing
  • A collection of processes and practises formulated from penetration testing
  • How to augment your Scrum Sprints to increase security
  • How to survive if you are being directly targeted and attacked
  • How to think for yourself when you're under pressure in the modern security world

商品描述(中文翻譯)

#### 主要特點

- 學習如何提升網站安全性
- 教授以最低成本最大化安全性的方式,透過在關鍵階段引入有效措施
- 實用建議,可立即應用於網站和團隊流程,以加強抵禦攻擊的能力
- 在遭受攻擊時,如何獨立思考

#### 書籍描述

本書開始了一個新的整體資訊安全系列,將為您提供廣泛且深入的內容,讓網頁開發者和架構師了解當今創建穩健、可靠、可維護和安全的軟體及網路所需的知識,這些軟體和網路能夠持續交付、準時到達,且不會有意外情況發生。

整體資訊安全首先帶領讀者從三萬英尺的高度觀察,讓您開始了解整個安全環境。接著解釋了由布魯斯·施奈爾(Bruce Schneier)創建的一種非常簡單的威脅建模方法,稱為合理安全模型(Sensible Security Model, SSM)。

金·卡特(Kim Carter)隨後將施奈爾的方法應用於資訊安全的更細節部分。金詳細說明如何設置一個以安全為重點的發行版,並提供所有必要的工具和配置選項,以便於本書的學習。然後,您將了解攻擊者經常執行的過程和實踐,金提供了從這些經驗中提煉出的關鍵技術,教您如何訓練網站防禦者。您還將學習網站防禦者如何在您的衝刺周期中,從最昂貴的地方找到缺陷到最便宜的地方。

本書最終將幫助您回答自己的問題,並學習如何創建系統,並武裝人員,以抵禦當今常見的攻擊類型。您將看到,通過簡單地解決攻擊者的低懸果實,他們通常會轉向更容易的目標。除非他們是專門針對您……因此金·卡特深入探討了如何找到許多風險和對策,以增加攻擊者的難度,並在現代安全世界中顯著提高您的防禦和反擊機會。

#### 您將學到的內容

- 如何使用施奈爾的威脅建模方法
- 如何設置您的工具帶
- 滲透測試的過程
- 從滲透測試中制定的一系列過程和實踐
- 如何增強您的Scrum衝刺以提高安全性
- 如果您被直接針對和攻擊,如何生存
- 在現代安全世界中,如何在壓力下獨立思考

類似商品