Skip to main content

Syngress

How to Attack and Defend Your Website
1st Edition
Henry Dalziel
Alejandro Caceres
English
How to Attack and Defend Your Website is a concise introduction to web security that includes hands-on web hacking tutorials. The book has three primary objectives: to help readers develop a deep understanding of what is happening behind the scenes in a web application, with a focus on the HTTP protocol and other underlying web technologies; to teach readers how to use the industry standard in free web application vulnerability discovery and exploitation tools – most notably Burp Suite, a fully featured web application testing tool; and finally, to gain knowledge of finding and exploiting the most common web security vulnerabilities. This book is for information security professionals and those looking to learn general penetration testing methodology and how to use the various phases of penetration testing to identify and exploit common web protocols. How to Attack and Defend Your Website is be the first book to combine the methodology behind using penetration testing tools such as Burp Suite and Damn Vulnerable Web Application (DVWA), with practical exercises that show readers how to (and therefore, how to prevent) pwning with SQLMap and using stored XSS to deface web pages.
Information Security Analytics
Finding Security Insights, Patterns, and Anomalies in Big Data
1st Edition
Mark Talabis + 3 more
English
Information Security Analytics gives you insights into the practice of analytics and, more importantly, how you can utilize analytic techniques to identify trends and outliers that may not be possible to identify using traditional security analysis techniques. Information Security Analytics dispels the myth that analytics within the information security domain is limited to just security incident and event management systems and basic network analysis. Analytic techniques can help you mine data and identify patterns and relationships in any form of security data. Using the techniques covered in this book, you will be able to gain security insights into unstructured big data of any type. The authors of Information Security Analytics bring a wealth of analytics experience to demonstrate practical, hands-on techniques through case studies and using freely-available tools that will allow you to find anomalies and outliers by combining disparate data sets. They also teach you everything you need to know about threat simulation techniques and how to use analytics as a powerful decision-making tool to assess security control and process requirements within your organization. Ultimately, you will learn how to use these simulation techniques to help predict and profile potential risks to your organization.
Securing VoIP
Keeping Your VoIP Network Safe
1st Edition
Regis J. Jr (Bud) Bates
English
Securing VoIP: Keeping Your VoIP Network Safe will show you how to take the initiative to prevent hackers from recording and exploiting your company’s secrets. Drawing upon years of practical experience and using numerous examples and case studies, technology guru Bud Bates discusses the business realities that necessitate VoIP system security and the threats to VoIP over both wire and wireless networks. He also provides essential guidance on how to conduct system security audits and how to integrate your existing IT security plan with your VoIP system and security plans, helping you prevent security breaches and eavesdropping.
Designing and Building Security Operations Center
1st Edition
David Nathans
English
Do you know what weapons are used to protect against cyber warfare and what tools to use to minimize their impact? How can you gather intelligence that will allow you to configure your system to ward off attacks? Online security and privacy issues are becoming more and more significant every day, with many instances of companies and governments mishandling (or deliberately misusing) personal and financial data. Organizations need to be committed to defending their own assets and their customers’ information. Designing and Building a Security Operations Center will show you how to develop the organization, infrastructure, and capabilities to protect your company and your customers effectively, efficiently, and discreetly. Written by a subject expert who has consulted on SOC implementation in both the public and private sector, Designing and Building a Security Operations Center is the go-to blueprint for cyber-defense.
Techno Forensics 2008
1st Edition
Syngress
English
* 14 Books Valued at over $800 for less than $300!* Titles you can't get anywhere else!* Search pages on an easy-to-read PDF format!Just released from the Techno Forensics 2008 Show in Maryland, this compilation of books includes some of the hottest titles surrounding the forensics field today. In this easy-to-use CD, you'll be able to search through and use thousands of pages in PDF format. From some of our most recent titles to two first edition titles you can't find anywhere else, this CD has it all! This offer is available for a limited time only, so be sure to order your copy today!Malware Forensics by James Aquilina & Cameron MalinPenetration Tester's Open Source Toolkit, Vol 2 by Aaron BaylesWindows Forensic Analysis DVD Toolkit by Harlan CarveyAlternate Data Storage Forensics by Tyler Cohen & Amber SchroaderGoogle Hacking for Penetration Testers by Johnny Long (only available on this cd)Google Hacking for Penetrations Testers, Vol 2 by Johnny LongNo Tech Hacking by Johnny LongPenetration Tester's Open Source Toolkit, Vol 2 by Chris Hurley Unix and Linux Forensic Analysis DVD Toolkit by Chris PogueCyber Crime Investigations by Anthony ReyesScene of the Cybercrime by Debra Littlejohn Shinder (only available on thiscd)Techno Security's Guide to E-Discovery by Jack WilesTechno Security's Guide to Managing Risks by Jack WilesTechno Security's Guide to Securing SCADA by Jack Wiles
PCI Compliance
Understand and Implement Effective PCI Data Security Standard Compliance
4th Edition
Branden R. Williams + 1 more
English
Identity theft and other confidential information theft have now topped the charts as the leading cybercrime. In particular, credit card data is preferred by cybercriminals. Is your payment processing secure and compliant? The new Fourth Edition of PCI Compliance has been revised to follow the new PCI DSS standard version 3.0, which is the official version beginning in January 2014. Also new to the Fourth Edition: additional case studies and clear guidelines and instructions for maintaining PCI compliance globally, including coverage of technologies such as NFC, P2PE, CNP/Mobile, and EMV. This is the first book to address the recent updates to PCI DSS. The real-world scenarios and hands-on guidance are also new approaches to this topic. All-new case studies and fraud studies have been added to the Fourth Edition. Each chapter has how-to guidance to walk you through implementing concepts, and real-world scenarios to help you relate to the information and better grasp how it impacts your data. This book provides the information that you need in order to understand the current PCI Data Security standards and how to effectively implement security on network infrastructure in order to be compliant with the credit card industry guidelines, and help you protect sensitive and personally-identifia... information.
Cyber Reconnaissance, Surveillance and Defense
1st Edition
Robert Shimonski
English
At a time when online surveillance and cybercrime techniques are widespread, and are being used by governments, corporations, and individuals, Cyber Reconnaissance, Surveillance and Defense gives you a practical resource that explains how these activities are being carried out and shows how to defend against them. Expert author Rob Shimonski shows you how to carry out advanced IT surveillance and reconnaissance, describes when and how these techniques are used, and provides a full legal background for each threat. To help you understand how to defend against these attacks, this book describes many new and leading-edge surveillance, information-gatherin... and personal exploitation threats taking place today, including Web cam breaches, home privacy systems, physical and logical tracking, phone tracking, picture metadata, physical device tracking and geo-location, social media security, identity theft, social engineering, sniffing, and more.
Detecting and Combating Malicious Email
1st Edition
Julie JCH Ryan + 1 more
English
Malicious email is, simply put, email with a malicious purpose. The malicious purpose could be fraud, theft, espionage, or malware injection. The processes by which email execute the malicious activity vary widely, from fully manual (e.g. human-directed) to fully automated. One example of a malicious email is one that contains an attachment which the recipient is directed to open. When the attachment is opened, malicious software is installed on the recipient’s computer. Because malicious email can vary so broadly in form and function, automated detection is only marginally helpful. The education of all users to detect potential malicious email is important to containing the threat and limiting the damage. It is increasingly necessary for all email users to understand how to recognize and combat malicious email. Detecting and Combating Malicious Email describes the different types of malicious email, shows how to differentiate malicious email from benign email, and suggest protective strategies for both personal and enterprise email environments.
CSA Guide to Cloud Computing
Implementing Cloud Privacy and Security
1st Edition
Raj Samani + 2 more
English
CSA Guide to Cloud Computing brings you the most current and comprehensive understanding of cloud security issues and deployment techniques from industry thought leaders at the Cloud Security Alliance (CSA). For many years the CSA has been at the forefront of research and analysis into the most pressing security and privacy related issues associated with cloud computing. CSA Guide to Cloud Computing provides you with a one-stop source for industry-leading content, as well as a roadmap into the future considerations that the cloud presents. The authors of CSA Guide to Cloud Computing provide a wealth of industry expertise you won't find anywhere else. Author Raj Samani is the Chief Technical Officer for McAfee EMEA; author Jim Reavis is the Executive Director of CSA; and author Brian Honan is recognized as an industry leader in the ISO27001 standard. They will walk you through everything you need to understand to implement a secure cloud computing structure for your enterprise or organization.
Hacking and Penetration Testing with Low Power Devices
1st Edition
Philip Polstra
English
Hacking and Penetration Testing with Low Power Devices shows you how to perform penetration tests using small, low-powered devices that are easily hidden and may be battery-powered. It shows how to use an army of devices, costing less than you might spend on a laptop, from distances of a mile or more. Hacking and Penetration Testing with Low Power Devices shows how to use devices running a version of The Deck, a full-featured penetration testing and forensics Linux distribution, and can run for days or weeks on batteries due to their low power consumption. Author Philip Polstra shows how to use various configurations, including a device the size of a deck of cards that can easily be attached to the back of a computer. While each device running The Deck is a full-featured pen-testing platform, connecting systems together via 802.15.3 networking gives you even more power and flexibility. This reference teaches you how to construct and power these devices, install operating systems, and fill out your toolbox of small low-power devices with hundreds of tools and scripts from the book's companion website. Hacking and Pen Testing with Low Power Devices puts all these tools into your hands and will help keep you at the top of your game performing cutting-edge pen tests from anywhere in the world!

Browse by Publisher