Advanced persistent threat understanding the danger and how to protect your organization
The newest threat to security has been categorized as the Advanced Persistent Threat or APT. The APT bypasses most of an organization's current security devices, and is typically carried out by an organized group, such as a foreign nation state or rogue group with both the capability and the i...
| Autor principal: | |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Boston :
Syngress
c2013.
|
| Edición: | 1st edition |
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009628590506719 |
Tabla de Contenidos:
- Half Title; Advanced PersistentThreat; Copyright; Dedication; Contents; Author Biography; Preface; Understanding the Problem; 1 The Changing Threat; Introduction; The Current Landscape; Organizations View on Security; You will be Compromised; The Cyber ShopLifter; The New Defense in Depth; Proactive vs Reactive; Loss of Common Sense; It is All About Risk; What Was In Place?; Pain Killer Security; Reducing the Surface Space; HTML Embedded Email; Buffer Overflows; Macros in Office Documents; The Traditional Threat; Common Cold; Reactive Security; Automation; The Emerging Threat
- APT-Cyber CancerAdvanced Persistent Threat (APT); APT-Stealthy, Targeted, and Data Focused; Characteristics of the APT; Defending Against the APT; APT vs Traditional Threat; Sample APT Attacks; APT Multi-Phased Approach; Summary; 2 Why are Organizations Being Compromised?; Introduction; Doing Good Things and Doing the Right Things; Security is Not Helpless; Beyond Good or Bad; Attackers are in Your Network; Proactive, Predictive, and Adaptive; Example of How to Win; Data Centric Security; Money Does Not Equal Security; The New Approach to APT; Selling Security to Your Executives
- Top Security TrendsSummary; 3 How are Organizations Being Compromised?; Introduction; What are Attackers After?; Attacker Process; Reconnaissance; Scanning; Exploitation; Create Backdoors; Cover Their Tracks; Compromising a Server; Compromising a Client; Insider Threat; Traditional Security; Firewalls; Dropped Packets; InBound Prevention and OutBound Detection; Intrusion Detection; Summary; 4 Risk-Based Approach to Security; Introduction; Products vs. Solutions; Learning from the Past; What is Risk?; Focused Security; Formal Risk Model; Threat; External vs. Internal Threat; Vulnerability
- Known and Unknown VulnerabilitiesPutting the Pieces Back Together; Insurance Model; Calculating Risk; Summary; Emerging Trends; 5 Protecting Your Data; Introduction; Data Discovery; Protected Enclaves; Everything Starts with Your Data; CIA; Data Classification; Data Classification Mistake 1; Data Classification Rule 1; Data Classification Mistake 2; Data Classification Rule 2; Data Classification Mistake 3; Data Classification Rule 3; Encryption; Types of Encryption; Goals of Encryption; Data at Rest; Data at Motion; Encryption-More Than You Bargained For; Network Segmentation and De-Scoping
- Encryption Free ZoneSummary; 6 Prevention is Ideal but Detection is a Must; Introduction; Inbound Prevention; Outbound Detection; Network vs. Host; Making Hard Decisions; Is AV/Host Protection Dead?; Summary; 7 Incident Response: Respond and Recover; Introduction; The New Rule; Suicidal Mindset; Incident Response; Events/Audit Trails; Sample Incidents; 6-Step Process; Preparation; Identification; Containment; Eradication; Recovery; Lesson Learned; Forensic Overview; Summary; 8 Technologies for Success; Introduction; Integrated Approach to APT; How Bad is the Problem?
- Trying to Hit a Moving Target
