Skip to main content

Syngress

Smart Grid Security
Innovative Solutions for a Modernized Grid
1st Edition
Florian Skopik + 1 more
English
The Smart Grid security ecosystem is complex and multi-disciplinary, and relatively under-researched compared to the traditional information and network security disciplines. While the Smart Grid has provided increased efficiencies in monitoring power usage, directing power supplies to serve peak power needs and improving efficiency of power delivery, the Smart Grid has also opened the way for information security breaches and other types of security breaches. Potential threats range from meter manipulation to directed, high-impact attacks on critical infrastructure that could bring down regional or national power grids. It is essential that security measures are put in place to ensure that the Smart Grid does not succumb to these threats and to safeguard this critical infrastructure at all times. Dr. Florian Skopik is one of the leading researchers in Smart Grid security, having organized and led research consortia and panel discussions in this field. Smart Grid Security will provide the first truly holistic view of leading edge Smart Grid security research. This book does not focus on vendor-specific solutions, instead providing a complete presentation of forward-looking research in all areas of Smart Grid security. The book will enable practitioners to learn about upcoming trends, scientists to share new directions in research, and government and industry decision-makers to prepare for major strategic decisions regarding implementation of Smart Grid technology.
Infosec Management Fundamentals
1st Edition
Henry Dalziel
English
Infosec Management Fundamentals is a concise overview of the Information Security management concepts and techniques, providing a foundational template for both experienced professionals and those new to the industry. This brief volume will also appeal to business executives and managers outside of infosec who want to understand the fundamental concepts of Information Security and how it impacts their business decisions and daily activities.
Next Generation Red Teaming
1st Edition
Henry Dalziel
English
Red Teaming is can be described as a type of wargaming.In private business, penetration testers audit and test organization security, often in a secretive setting. The entire point of the Red Team is to see how weak or otherwise the organization’s security posture is. This course is particularly suited to CISO’s and CTO’s that need to learn how to build a successful Red Team, as well as budding cyber security professionals who would like to learn more about the world of information security.
Dissecting the Hack
The V3rb0t3n Network
1st Edition
Jayson E Street
English
Dissecting the Hack: The V3rb0t3n Network ventures further into cutting-edge techniques and methods than its predecessor, Dissecting the Hack: The F0rb1dd3n Network. It forgoes the basics and delves straight into the action, as our heroes are chased around the world in a global race against the clock. The danger they face will forever reshape their lives and the price they pay for their actions will not only affect themselves, but could possibly shake the foundations of an entire nation. The book is divided into two parts. The first part, entitled "The V3rb0t3n Network," continues the fictional story of Bob and Leon, two hackers caught up in an adventure in which they learn the deadly consequence of digital actions. The second part, "Security Threats Are Real" (STAR), focuses on these real-world lessons and advanced techniques, as used by characters in the story. This gives the reader not only textbook knowledge, but real-world context around how cyber-attacks may manifest. "The V3rb0t3n Network" can be read as a stand-alone story or as an illustration of the issues described in STAR. Scattered throughout "The V3rb0t3n Network" are "Easter eggs"—references, hints, phrases, and more that will lead readers to insights into hacker culture. Drawing on "The V3rb0t3n Network," STAR explains the various aspects of reconnaissance; the scanning phase of an attack; the attacker’s search for network weaknesses and vulnerabilities to exploit; the various angles of attack used by the characters in the story; basic methods of erasing information and obscuring an attacker’s presence on a computer system; and the underlying hacking culture.
Python Passive Network Mapping
P2NMAP
1st Edition
Chet Hosmer
English
Python Passive Network Mapping: P2NMAP is the first book to reveal a revolutionary and open source method for exposing nefarious network activity. The "Heartbleed" vulnerability has revealed significant weaknesses within enterprise environments related to the lack of a definitive mapping of network assets. In Python Passive Network Mapping, Chet Hosmer shows you how to effectively and definitively passively map networks. Active or probing methods to network mapping have traditionally been used, but they have many drawbacks - they can disrupt operations, crash systems, and - most importantly - miss critical nefarious activity. You require an accurate picture of the environments you protect and operate in order to rapidly investigate, mitigate, and then recover from these new attack vectors. This book gives you a deep understanding of new innovations to passive network mapping, while delivering open source Python-based tools that can be put into practice immediately. Python Passive Network Mapping is for practitioners, forensic investigators, IT teams, and individuals who work together when performing incident response and investigating potential damage, or are examining the impacts of new malware threats. Those defending critical infrastructures will have a special interest in this book, as active or probing methods of network mapping are rarely used within these environments as any resulting impacts can be disastrous. Python Passive Network Mapping is ideally suited for use as a text in a variety of academic programs to expose and engage students in the art of passively mapping enterprise networks, with the added benefit of providing exposure to open source Python solutions.
The Cloud Security Ecosystem
Technical, Legal, Business and Management Issues
1st Edition
Raymond Choo + 1 more
English
Drawing upon the expertise of world-renowned researchers and experts, The Cloud Security Ecosystem comprehensively discusses a range of cloud security topics from multi-disciplinary and international perspectives, aligning technical security implementations with the most recent developments in business, legal, and international environments. The book holistically discusses key research and policy advances in cloud security – putting technical and management issues together with an in-depth treaties on a multi-disciplinary and international subject. The book features contributions from key thought leaders and top researchers in the technical, legal, and business and management aspects of cloud security. The authors present the leading edge of cloud security research, covering the relationships between differing disciplines and discussing implementation and legal challenges in planning, executing, and using cloud security.
Securing SQL Server
Protecting Your Database from Attackers
3rd Edition
Denny Cherry
English
SQL server is the most widely-used database platform in the world, and a large percentage of these databases are not properly secured, exposing sensitive customer and business data to attack. In Securing SQL Server, Third Edition, you will learn about the potential attack vectors that can be used to break into SQL server databases as well as how to protect databases from these attacks. In this book, Denny Cherry - a Microsoft SQL MVP and one of the biggest names in SQL server - will teach you how to properly secure an SQL server database from internal and external threats using best practices as well as specific tricks that the author employs in his role as a consultant for some of the largest SQL server deployments in the world. Fully updated to cover the latest technology in SQL Server 2014, this new edition walks you through how to secure new features of the 2014 release. New topics in the book include vLANs, setting up RRAS, anti-virus installs, key management, moving from plaintext to encrypted values in an existing application, securing Analysis Services Objects, Managed Service Accounts, OS rights needed by the DBA, SQL Agent Security, Table Permissions, Views, Stored Procedures, Functions, Service Broker Objects, and much more.
Hacking Web Intelligence
Open Source Intelligence and Web Reconnaissance Concepts and Techniques
1st Edition
Sudhanshu Chauhan + 1 more
English
Open source intelligence (OSINT) and web reconnaissance are rich topics for infosec professionals looking for the best ways to sift through the abundance of information widely available online. In many cases, the first stage of any security assessment—that is, reconnaissance—is not given enough attention by security professionals, hackers, and penetration testers. Often, the information openly present is as critical as the confidential data. Hacking Web Intelligence shows you how to dig into the Web and uncover the information many don't even know exists. The book takes a holistic approach that is not only about using tools to find information online but also how to link all the information and transform it into presentable and actionable intelligence. You will also learn how to secure your information online to prevent it being discovered by these reconnaissance methods. Hacking Web Intelligence is an in-depth technical reference covering the methods and techniques you need to unearth open source information from the Internet and utilize it for the purpose of targeted attack during a security assessment. This book will introduce you to many new and leading-edge reconnaissance, information gathering, and open source intelligence methods and techniques, including metadata extraction tools, advanced search engines, advanced browsers, power searching methods, online anonymity tools such as TOR and i2p, OSINT tools such as Maltego, Shodan, Creepy, SearchDiggity, Recon-ng, Social Network Analysis (SNA), Darkweb/Deepweb, data visualization, and much more.
Introduction to Social Media Investigation
A Hands-on Approach
1st Edition
Jennifer Golbeck
English
If you’re interested in using social media as an investigative tool, Introduction to Social Media Investigation will show you how! Social networks and social media, like Facebook, Twitter, and Foursquare, are some of the most popular services on the Web, with hundreds of millions of users. The public information that people share on these sites can be valuable for anyone interested in investigating people of interest through open, public sources. Social media as an investigative device is in its infancy and not well understood. This book presents an overview of social media and discusses special skills and techniques to use when conducting investigations. The book features hands-on tutorials and case studies and offers additional data-gathering techniques.
HCISPP Study Guide
1st Edition
Timothy Virtue + 1 more
English
The HCISPP certification is a globally-recognized, vendor-neutral exam for healthcare information security and privacy professionals, created and administered by ISC². The new HCISPP certification, focused on health care information security and privacy, is similar to the CISSP, but has only six domains and is narrowly targeted to the special demands of health care information security. Tim Virtue and Justin Rainey have created the HCISPP Study Guide to walk you through all the material covered in the exam's Common Body of Knowledge. The six domains are covered completely and as concisely as possible with an eye to acing the exam. Each of the six domains has its own chapter that includes material to aid the test-taker in passing the exam, as well as a chapter devoted entirely to test-taking skills, sample exam questions, and everything you need to schedule a test and get certified. Put yourself on the forefront of health care information privacy and security with the HCISPP Study Guide and this valuable certification.

Browse by Publisher