Skip to main content
View Cart

Syngress

  • Federal Cloud Computing

    The Definitive Guide for Cloud Service Providers
    • 1st Edition
    • November 27, 2012
    • Matthew Metheny
    • English
    Federal Cloud Computing: The Definitive Guide for Cloud Service Providers offers an in-depth look at topics surrounding federal cloud computing within the federal government, including the Federal Cloud Computing Strategy, Cloud Computing Standards, Security and Privacy, and Security Automation. You will learn the basics of the NIST risk management framework (RMF) with a specific focus on cloud computing environments, all aspects of the Federal Risk and Authorization Management Program (FedRAMP) process, and steps for cost-effectively implementing the Assessment and Authorization (A&A) process, as well as strategies for implementing Continuous Monitoring, enabling the Cloud Service Provider to address the FedRAMP requirement on an ongoing basis.

  • FISMA and the Risk Management Framework

    The New Practice of Federal Cyber Security
    • 1st Edition
    • November 27, 2012
    • Daniel R. Philpott + 1 more
    • English
    FISMA and the Risk Management Framework: The New Practice of Federal Cyber Security deals with the Federal Information Security Management Act (FISMA), a law that provides the framework for securing information systems and managing risk associated with information resources in federal government agencies. Comprised of 17 chapters, the book explains the FISMA legislation and its provisions, strengths and limitations, as well as the expectations and obligations of federal agencies subject to FISMA. It also discusses the processes and activities necessary to implement effective information security management following the passage of FISMA, and it describes the National Institute of Standards and Technology's Risk Management Framework. The book looks at how information assurance, risk management, and information systems security is practiced in federal government agencies; the three primary documents that make up the security authorization package: system security plan, security assessment report, and plan of action and milestones; and federal information security-management requirements and initiatives not explicitly covered by FISMA. This book will be helpful to security officers, risk managers, system owners, IT managers, contractors, consultants, service providers, and others involved in securing, managing, or overseeing federal information systems, as well as the mission functions and business processes supported by those systems.

  • Augmented Reality

    An Emerging Technologies Guide to AR
    • 1st Edition
    • November 19, 2012
    • Joseph Rampolla + 1 more
    • English
    With the explosive growth in mobile phone usage and rapid rise in search engine technologies over the last decade, augmented reality (AR) is poised to be one of this decade's most disruptive technologies, as the information that is constantly flowing around us is brought into view, in real-time, through augmented reality. In this cutting-edge book, the authors outline and discuss never-before-publish... information about augmented reality and its capabilities. With coverage of mobile, desktop, developers, security, challenges, and gaming, this book gives you a comprehensive understanding of what augmented reality is, what it can do, what is in store for the future and most importantly: how to benefit from using AR in our lives and careers.

  • The Basics of Cyber Warfare

    Understanding the Fundamentals of Cyber Warfare in Theory and Practice
    • 1st Edition
    • November 16, 2012
    • Jason Andress + 1 more
    • English
    The Basics of Cyber Warfare provides readers with fundamental knowledge of cyber war in both theoretical and practical aspects. This book explores the principles of cyber warfare, including military and cyber doctrine, social engineering, and offensive and defensive tools, tactics and procedures, including computer network exploitation (CNE), attack (CNA) and defense (CND). Readers learn the basics of how to defend against espionage, hacking, insider threats, state-sponsored attacks, and non-state actors (such as organized criminals and terrorists). Finally, the book looks ahead to emerging aspects of cyber security technology and trends, including cloud computing, mobile devices, biometrics and nanotechnology. The Basics of Cyber Warfare gives readers a concise overview of these threats and outlines the ethics, laws and consequences of cyber warfare. It is a valuable resource for policy makers, CEOs and CIOs, penetration testers, security administrators, and students and instructors in information security.

  • Advanced Persistent Threat

    Understanding the Danger and How to Protect Your Organization
    • 1st Edition
    • November 13, 2012
    • Eric Cole
    • English
    The newest threat to security has been categorized as the Advanced Persistent Threat or APT. The APT bypasses most of an organization’s current security devices, and is typically carried out by an organized group, such as a foreign nation state or rogue group with both the capability and the intent to persistently and effectively target a specific entity and wreak havoc. Most organizations do not understand how to deal with it and what is needed to protect their network from compromise. In Advanced Persistent Threat: Understanding the Danger and How to Protect your Organization Eric Cole discusses the critical information that readers need to know about APT and how to avoid being a victim. Advanced Persistent Threat is the first comprehensive manual that discusses how attackers are breaking into systems and what to do to protect and defend against these intrusions.

  • Violent Python

    A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers
    • 1st Edition
    • November 8, 2012
    • TJ O'Connor
    • English
    Violent Python shows you how to move from a theoretical understanding of offensive computing concepts to a practical implementation. Instead of relying on another attacker’s tools, this book will teach you to forge your own weapons using the Python programming language. This book demonstrates how to write Python scripts to automate large-scale network attacks, extract metadata, and investigate forensic artifacts. It also shows how to write code to intercept and analyze network traffic using Python, craft and spoof wireless frames to attack wireless and Bluetooth devices, and how to data-mine popular social media websites and evade modern anti-virus.

  • Wireless Reconnaissance in Penetration Testing

    • 1st Edition
    • October 29, 2012
    • Matthew Neely + 2 more
    • English
    In many penetration tests, there is a lot of useful information to be gathered from the radios used by organizations. These radios can include two-way radios used by guards, wireless headsets, cordless phones and wireless cameras. Wireless Reconnaissance in Penetration Testing describes the many ways that a penetration tester can gather and apply the information available from radio traffic. Stopping attacks means thinking like an attacker, and understanding all the ways that attackers gather information, or in industry terms profile, specific targets. With information from what equipment to use and how to find frequency information, to tips for reducing radio information leakage, to actual case studies describing how this information can be used to attack computer systems, this book is the go-to resource for penetration testing and radio profiling.

  • Information Security Risk Assessment Toolkit

    Practical Assessments through Data Collection and Data Analysis
    • 1st Edition
    • October 17, 2012
    • Mark Talabis + 1 more
    • English
    In order to protect company’s information assets such as sensitive customer records, health care records, etc., the security practitioner first needs to find out: what needs protected, what risks those assets are exposed to, what controls are in place to offset those risks, and where to focus attention for risk treatment. This is the true value and purpose of information security risk assessments. Effective risk assessments are meant to provide a defendable analysis of residual risk associated with your key assets so that risk treatment options can be explored. Information Security Risk Assessment Toolkit gives you the tools and skills to get a quick, reliable, and thorough risk assessment for key stakeholders.

  • Client-Side Attacks and Defense

    • 1st Edition
    • September 28, 2012
    • Sean-Philip Oriyano + 1 more
    • English
    Client-Side Attacks and Defense offers background networks against its attackers. The book examines the forms of client-side attacks and discusses different kinds of attacks along with delivery methods including, but not limited to, browser exploitation, use of rich internet applications, and file format vulnerabilities. It also covers defenses, such as antivirus and anti-spyware, intrusion detection systems, and end-user education. The book explains how to secure Web browsers, such as Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Apple Safari, and Opera. It discusses advanced Web attacks and advanced defenses against them. Moreover, it explores attacks on messaging, Web applications, and mobiles. The book concludes with a discussion on security measures against client-side attacks, starting from the planning of security. This book will be of great value to penetration testers, security consultants, system and network administrators, and IT auditors.

  • Keys to the Kingdom

    Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks
    • 1st Edition
    • September 24, 2012
    • Deviant Ollam
    • English
    Lockpicking has become a popular topic with many in the security community. While many have chosen to learn the fine art of opening locks without keys, few people explore the fascinating methods of attack that are possible WITH keys. Keys to the Kingdom addresses the topics of impressioning, master key escalation, skeleton keys, and bumping attacks that go well beyond any treatment of these topics in the author’s previous book, Practical Lock Picking. This material is all new and focuses on locks currently in use as well as ones that have recently emerged on the market. Hackers and pen testers or persons tasked with defending their infrastructure and property from invasion will find these techniques uniquely valuable. As with Deviant Ollam’s previous book, Practical Lock Picking, Keys to the Kingdom includes full-color versions of all diagrams and photographs. Check out the companion website which includes instructional videos that provide readers with a full-on training seminar from the author.

Browse by Publisher