Identity Attack Vectors: Strategically Designing and Implementing Identity Security, Second Edition
Haber, Morey J., Rolls, Darran
相關主題
商品描述
Today, it's easier for threat actors to simply log in versus hack in. As cyberattacks continue to increase in volume and sophistication, it's not a matter of if, but when, your organization will have an incident. Threat actors target accounts, users, and their associated identities--whether human or machine, to initiate or progress their attack. Detecting and defending against these malicious activities should be the basis of all modern cybersecurity initiatives.
This book details the risks associated with poor identity security hygiene, the techniques that external and internal threat actors leverage, and the operational best practices that organizations should adopt to protect against identity theft, account compromises, and to develop an effective identity and access security strategy. As a solution to these challenges, Identity Security has emerged as a cornerstone of modern Identity and Access Management (IAM) initiatives. Managing accounts, credentials, roles, entitlements, certifications, and attestation reporting for all identities is now a security and regulatory compliance requirement.
In this book, you will discover how inadequate identity and privileged access controls can be exploited to compromise accounts and credentials within an organization. You will understand the modern identity threat landscape and learn how role-based identity assignments, entitlements, and auditing strategies can be used to mitigate the threats across an organization's entire Identity Fabric.
What You Will Learn
- Understand the concepts behind an identity and how its associated credentials and accounts can be leveraged as an attack vector
- Implement an effective identity security strategy to manage identities and accounts based on roles and entitlements, including the most sensitive privileged accounts
- Know the role that identity security controls play in the cyber kill chain and how privileges should be managed as a potential weak link
- Build upon industry standards and strategies such as Zero Trust to integrate key identity security technologies into a corporate ecosystem
- Plan for a successful identity and access security deployment; create an implementation scope and measurable risk reduction; design auditing, discovery, and regulatory reporting; and develop oversight based on real-world strategies to prevent identity attack vectors
Who This Book Is For
Management and implementers in IT operations, security, and auditing looking to understand and implement an Identity and Access Management (IAM) program and manage privileges in these environments
商品描述(中文翻譯)
如今,對於威脅行為者來說,直接登錄比入侵更容易。隨著網絡攻擊在規模和複雜性上不斷增加,你的組織遭遇安全事件只是時間問題,而不是是否問題。威脅行為者會針對帳戶、使用者及其相關身份(無論是人還是機器)來發起或推進攻擊。檢測和防禦這些惡意活動應該成為現代所有網絡安全計劃的基礎。
本書詳細介紹了糟糕的身份安全衛生習慣所帶來的風險,外部和內部威脅行為者所利用的技術,以及組織應該採取的操作最佳實踐,以保護免受身份盗竊、帳戶被入侵的威脅,並制定有效的身份和訪問安全策略。作為應對這些挑戰的解決方案,身份安全已成為現代身份和訪問管理(IAM)計劃的基石。管理所有身份的帳戶、憑證、角色、權限、認證和審計報告現在已成為安全和合規性要求。
在本書中,您將了解不足的身份和特權訪問控制如何被利用來破壞組織內的帳戶和憑證。您將了解現代身份威脅風險,並學習如何使用基於角色的身份分配、權限和審計策略來減輕組織整個身份架構的威脅。
您將學到以下內容:
- 了解身份的概念,以及如何將其相關的憑證和帳戶作為攻擊向量
- 實施有效的身份安全策略,根據角色和權限管理身份和帳戶,包括最敏感的特權帳戶
- 了解身份安全控制在網絡攻擊中的作用,以及如何管理特權作為潛在的弱點
- 基於零信任等行業標準和策略,將關鍵身份安全技術整合到企業生態系統中
- 規劃成功的身份和訪問安全部署;創建實施範圍和可測量的風險減少;設計審計、發現和合規性報告;並基於實際策略開展監督,以防止身份攻擊向量
本書適合IT運營、安全和審計的管理者和實施者,他們希望了解和實施身份和訪問管理(IAM)計劃,並在這些環境中管理特權。
作者簡介
Morey J. Haber is the Chief Security Officer at BeyondTrust. He has more than 25 years of IT industry experience and has authored four books: Privileged Attack Vectors, Asset Attack Vectors, Identity Attack Vectors, and Cloud Attack Vectors. He is a founding member of the industry group Transparency in Cyber, and in 2020 was elected to the Identity Defined Security Alliance (IDSA) Executive Advisory Board. Morey currently oversees BeyondTrust security and governance for corporate and cloud-based solutions and regularly consults for global periodicals and media. He originally joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition where he served as a Product Owner and Solutions Engineer since 2004. Prior to eEye, he was Beta Development Manager for Computer Associates, Inc. He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelor of Science degree in Electrical Engineering from the State University of New York at Stony Brook.
Darran Rolls is CISO and Chief Technology Officer at SailPoint, where he is responsible for directing the company's technology strategies and security operations, and is co-author of Asset Attack Vectors. He joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition. He currently oversees BeyondTrust technology management solutions for vulnerability, and privileged and remote access. In 2004, he joined eEye as Director of Security Engineering and was responsible for strategic business discussions and vulnerability management architectures for Fortune 500 clients. Prior to eEye, he was Development Manager for Computer Associates, Inc. (CA), responsible for new product beta cycles and named customer accounts. He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelor of Science degree in Electrical Engineering from the State University of New York at Stony Brook. He has a long history in identity management and security at companies such as Tivoli Systems, IBM, Waveset Technologies, and Sun Microsystems. He has helped design, build, and deliver innovative, ground-breaking technology solutions that have defined and shaped the Identity and Access Management (IAM) industry. He frequently speaks at industry events and to customers about IAM and next-generation enterprise security solutions.
作者簡介(中文翻譯)
Morey J. Haber是BeyondTrust的首席安全官。他在IT行業擁有超過25年的經驗,並撰寫了四本書籍: Privileged Attack Vectors、Asset Attack Vectors、Identity Attack Vectors和Cloud Attack Vectors。他是行業組織Transparency in Cyber的創始成員,並於2020年當選為Identity Defined Security Alliance (IDSA)執行顧問委員會的成員。Morey目前負責BeyondTrust的企業和基於雲的解決方案的安全和治理工作,並經常為全球期刊和媒體提供諮詢服務。他最初於2012年加入BeyondTrust,當時是eEye Digital Security收購的一部分,自2004年以來一直擔任產品負責人和解決方案工程師。在加入eEye之前,他曾擔任Computer Associates, Inc.的Beta開發經理。他的職業生涯始於一家政府承包商,負責建造飛行和訓練模擬器的可靠性和可維護性工程師。他在紐約州立大學石溪分校獲得電機工程學士學位。
Darran Rolls是SailPoint的CISO和首席技術官,負責指導公司的技術策略和安全運營,並且是Asset Attack Vectors的合著者。他於2012年加入BeyondTrust,當時是eEye Digital Security收購的一部分。他目前負責BeyondTrust的漏洞、特權和遠程訪問的技術管理解決方案。2004年,他加入eEye擔任安全工程總監,負責與財富500強客戶進行戰略業務討論和漏洞管理架構。在加入eEye之前,他曾擔任Computer Associates, Inc. (CA)的開發經理,負責新產品測試和特定客戶帳戶。他的職業生涯始於一家政府承包商,負責建造飛行和訓練模擬器的可靠性和可維護性工程師。他在紐約州立大學石溪分校獲得電機工程學士學位。他在Tivoli Systems、IBM、Waveset Technologies和Sun Microsystems等公司擁有豐富的身份管理和安全經驗。他幫助設計、構建和交付了具有創新性和開創性的技術解決方案,這些解決方案定義和塑造了身份和訪問管理(IAM)行業。他經常在行業活動和對客戶的演講中討論IAM和下一代企業安全解決方案。
