Blackhatonomics: An Inside Look at the Economics of Cybercrime

eBook Details:

  • Paperback: 216 pages
  • Publisher: Syngress; 1st edition (December 19, 2012)
  • Language: English
  • ISBN-10: 1597497401
  • ISBN-13: 978-1597497404

eBook Description:

Blackhatonomics: An Inside Look at the Economics of Cybercrime

  • Historical perspectives of the development of malware as it evolved into a viable economic endeavour
  • Country specific cyber-crime analysis of the United States, China, and Russia, as well as an analysis of the impact of Globalization on cyber-crime.
  • Presents the behind the scenes methods used to successfully execute financially motivated attacks in a globalized cybercrime economy.
  • Provides unique insights, analysis, and useful tools for justifying corporate information security budgets.
  • Provides multiple points of view, from pure research, to corporate, to academic, to law enforcement.
  • Includes real world cybercrime case studies and profiles of high-profile cybercriminals.

Blackhatonomics: An Inside Look at the Economics of Cybercrime explains the basic economic truths of the underworld of hacking, and why people devote hours to develop malware around the world. The root cause analysis of the monetization of cybersecurity in the inner circle of cybercrime is analyzed from the impact of multiple. Written by an exceptional author team, they take practical academic principles back them up with use cases and extensive interviews, placing you right into the mindset of the cyber criminal. FREE DOWNLOAD »

Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management

eBook Details:

  • Paperback: 460 pages
  • Publisher: Syngress; 1st edition (December 13, 2012)
  • Language: English
  • ISBN-10: 1597496359
  • ISBN-13: 978-1597496353

eBook Description:

Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management

  • Comprehensive coverage of log management including analysis, visualization, reporting and more
  • Includes information on different uses for logs – from system operations to regulatory compliance
  • Features case Studies on syslog-ng and actual real-world situations where logs came in handy in incident response
  • Provides practical guidance in the areas of report, log analysis system selection, planning a log analysis system and log data normalization and correlation

Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management

Effectively analyzing large volumes of diverse logs can pose many different challenges. Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management helps to simplify this complex process using practical guidance and real-world examples. Packed with information you need to know for system, network and security logging. Log management and log analysis methods are covered in detail, including approaches to creating useful logs on systems and applications, log searching and log review. FREE DOWNLOAD »

FISMA and the Risk Management Framework: The New Practice of Federal Cyber Security

eBook Details:

  • Paperback: 584 pages
  • Publisher: Syngress; 1st edition (December 11, 2012)
  • Language: English
  • ISBN-10: 1597496413
  • ISBN-13: 978-1597496414

eBook Description:

FISMA and the Risk Management Framework: The New Practice of Federal Cyber Security

  • Learn how to build a robust, near real-time risk management system and comply with FISMA
  • Discover the changes to FISMA compliance and beyond
  • Gain your systems the authorization they need

If you are responsible for meeting federal information security requirements such as FISMA, this book is all you need to know to get a system authorized. Now in the first full revision of FISMA since its inception in 2002, a new wave of stronger security measures are now available through the efforts of the Department of Defense, Office of the Directory of National Intelligence, Committee for National Security Systems and the National Institute of Standards and Technology.

Based on the new FISMA requirements for 2011 and beyond, this book catalogs the processes, procedures and specific security recommendations underlying the new Risk Management Framework. Written by an experienced FISMA practitioner, this book presents an effective system of information assurance, real-time risk monitoring and secure configurations for common operating systems. FREE DOWNLOAD »

Federal Cloud Computing: The Definitive Guide for Cloud Service Providers

eBook Details:

  • Paperback: 448 pages
  • Publisher: Syngress; 1st edition (December 11, 2012)
  • Language: English
  • ISBN-10: 1597497371
  • ISBN-13: 978-1597497374

eBook Description:

Federal Cloud Computing: The Definitive Guide for Cloud Service Providers

  • Provides a common understanding of the federal requirements as they apply to cloud computing
  • Provides a targeted and cost-effective approach for applying the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF)
  • Provides both technical and non-technical perspectives of the Federal Assessment and Authorization (A&A) process that speaks across the organization

Federal Cloud Computing: The Definitive Guide for Cloud Service Providers offers an in-depth look at topics surrounding federal cloud computing within the federal government, including the Federal Cloud Computing Strategy, Cloud Computing Standards, Security and Privacy, and Security Automation.

You will learn the basics of the NIST risk management framework (RMF) with a specific focus on cloud computing environments, all aspects of the Federal Risk and Authorization Management Program (FedRAMP) process, and steps for cost-effectively implementing the Assessment and Authorization (A&A) process, as well as strategies for implementing Continuous Monitoring, enabling the Cloud Service Provider to address the FedRAMP requirement on an ongoing basis. FREE DOWNLOAD »

Data Hiding: Exposing Concealed Data in Multimedia, Operating Systems, Mobile Devices and Network Protocols

eBook Details:

  • Paperback: 350 pages
  • Publisher: Syngress; 1st edition (November 23, 2012)
  • Language: English
  • ISBN-10: 1597497436
  • ISBN-13: 978-1597497435

eBook Description:

Data Hiding: Exposing Concealed Data in Multimedia, Operating Systems, Mobile Devices and Network Protocols

  • Review of the latest data hiding techniques presented at world-renownded conferences
  • Provides many real-world examples of data concealment on the latest technologies including iOS, Android, VMware, MacOS X, Linux and Windows 7
  • Dives deep into the less known approaches to data hiding, covert communications, and advanced malware
  • Includes never before published information about next generation methods of data hiding
  • Outlines a well-defined methodology for countering threats
  • Looks ahead at future predictions for data hiding

Data Hiding: Exposing Concealed Data in Multimedia, Operating Systems, Mobile Devices and Network Protocols provides an exploration into the present day and next generation of tools and techniques used in covert communications, advanced malware methods and data concealment tactics. The hiding techniques outlined include the latest technologies including mobile devices, multimedia, virtualization and others. These concepts provide corporate, goverment and military personnel with the knowledge to investigate and defend against insider threats, spy techniques, espionage, advanced malware and secret communications. By understanding the plethora of threats, you will gain an understanding of the methods to defend oneself from these threats through detection, investigation, mitigation and prevention. FREE DOWNLOAD »

Windows Forensic Analysis Toolkit, Third Edition: Advanced Analysis Techniques for Windows 7

eBook Details:

  • Paperback: 296 pages
  • Publisher: Syngress; 3rd edition (February 10, 2012)
  • Language: English
  • ISBN-10: 1597497274
  • ISBN-13: 978-1597497275

eBook Description:

Windows Forensic Analysis Toolkit, Third Edition: Advanced Analysis Techniques for Windows 7

  • Complete coverage and examples on Windows 7 systems
  • Contains Lessons from the Field, Case Studies, and War Stories
  • Companion online material, including electronic printable checklists, cheat sheets, free custom tools, and walk-through demos

Windows Forensic Analysis Toolkit, Third Edition: Advanced Analysis Techniques for Windows 7

Now in its third edition, Harlan Carvey has updated Windows Forensic Analysis Toolkit, Third Edition: Advanced Analysis Techniques for Windows 7 to cover Windows 7 systems. The primary focus of this edition is on analyzing Windows 7 systems and on processes using free and open-source tools. The book covers live response, file analysis, malware detection, timeline, and much more. The author presents real-life experiences from the trenches, making the material realistic and showing the why behind the how. New to this edition, the companion and toolkit materials are now hosted online. This material consists of electronic printable checklists, free cheat sheets, free custom tools, and walk-through demos. This third edition complements Windows Forensic Analysis Toolkit, Third Edition: Advanced Analysis Techniques for Windows 7, which focuses primarily on XP. FREE DOWNLOAD »

Information Security Risk Assessment Toolkit: Practical Assessments through Data Collection and Data Analysis

eBook Details:

  • Paperback: 278 pages
  • Publisher: Syngress; 1st edition (November 9, 2012)
  • Language: English
  • ISBN-10: 1597497355
  • ISBN-13: 978-1597497350

eBook Description:

Information Security Risk Assessment Toolkit: Practical Assessments through Data Collection and Data Analysis

  • Based on authors’ experiences of real-world assessments, reports, and presentations
  • Focuses on implementing a process, rather than theory, that allows you to derive a quick and valuable assessment
  • Includes a companion web site with spreadsheets you can utilize to create and maintain the risk assessment

Information Security Risk Assessment Toolkit: Practical Assessments through Data Collection and Data Analysis

In order to protect company’s information assets such as sensitive customer records, health care records, etc., the security practitioner first needs to find out: what needs protected, what risks those assets are exposed to, what controls are in place to offset those risks, and where to focus attention for risk treatment. This is the true value and purpose of information security risk assessments. Effective risk assessments are meant to provide a defendable analysis of residual risk associated with your key assets so that risk treatment options can be explored. Information Security Risk Assessment Toolkit: Practical Assessments through Data Collection and Data Analysis gives you the tools and skills to get a quick, reliable, and thorough risk assessment for key stakeholders. FREE DOWNLOAD »

UTM Security with Fortinet: Mastering FortiOS

eBook Details:

  • Paperback: 452 pages
  • Publisher: Syngress; 1st edition (December 11, 2012)
  • Language: English
  • ISBN-10: 1597497479
  • ISBN-13: 978-1597497473

eBook Description:

UTM Security with Fortinet: Mastering FortiOS

  • Provides tips, tricks, and proven suggestions and guidelines to set up FortiGate implementations
  • Presents topics that are not covered (or are not covered in detail) by Fortinet’s documentation
  • Discusses hands-on troubleshooting techniques at both the project deployment level and technical implementation area

Traditionally, network security (firewalls to block unauthorized users, Intrusion Prevention Systems (IPS) to keep attackers out, Web filters to avoid misuse of Internet browsing, and antivirus software to block malicious programs) required separate boxes with increased cost and complexity. UTM makes network security less complex, cheaper, besides more effective by consolidating all these components. This book explains the advantages of using UTM and how it works, presents best practices on deployment, and is a hands-on, step-by-step guide to deploying Fortinet’s FortiGate in the enterprise.

Traditionally, network security (firewalls to block unauthorized users, Intrusion Prevention Systems (IPS) to keep attackers out, Web filters to avoid misuse of Internet browsing, and antivirus software to block malicious programs) required separate boxes with increased cost and complexity. UTM makes network security less complex, cheaper, besides more effective by consolidating all these components. This book explains the advantages of using UTM and how it works, presents best practices on deployment, and is a hands-on, step-by-step guide to deploying Fortinet’s FortiGate in the enterprise. FREE DOWNLOAD »

SQL Injection Attacks and Defense, Second Edition

eBook Details:

  • Paperback: 576 pages
  • Publisher: Syngress; 2nd edition (July 2, 2012)
  • Language: English
  • ISBN-10: 1597499633
  • ISBN-13: 978-1597499637

eBook Description:

SQL Injection Attacks and Defense, 2nd Edition

  • SQL Injection Attacks and Defense, Second Edition is the only book to provide a complete understanding of SQL injection, from the basics of vulnerability to discovery, exploitation, prevention, and mitigation measures.
  • Covers unique, publicly unavailable information, by technical experts in such areas as Oracle, Microsoft SQL Server, and MySQL including new developments for Microsoft SQL Server 2012 (Denali).
  • Written by an established expert, author, and speaker in the field, with contributions from a team of equally renowned creators of SQL injection tools, applications, and educational materials.

SQL Injection Attacks and Defense, Second Edition is the only book devoted exclusively to this long-established but recently growing threat. This is the definitive resource for understanding, finding, exploiting, and defending against this increasingly popular and particularly destructive type of Internet-based attack.

SQL Injection Attacks and Defense, Second Edition includes all the currently known information about these attacks and significant insight from its team of SQL injection experts. FREE DOWNLOAD »

Client-Side Attacks and Defense

eBook Details:

  • Paperback: 296 pages
  • Publisher: Syngress; 1st edition (October 24, 2012)
  • Language: English
  • ISBN-10: 1597495905
  • ISBN-13: 978-1597495905

eBook Description:

Client-Side Attacks and Defense

  • Design and implement your own attack, and test methodologies derived from the approach and framework presented by the authors
  • Learn how to strengthen your network’s host- and network-based defense against attackers’ number one remote exploit-the client-side attack
  • Defend your network against attacks that target your company’s most vulnerable asset-the end user

Individuals wishing to attack a company’s network have found a new path of least resistance-the end user. A client- side attack is one that uses the inexperience of the end user to create a foothold in the user’s machine and therefore the network. Client-side attacks are everywhere and hidden in plain sight. Common hiding places are malicious Web sites and spam. A simple click of a link will allow the attacker to enter. This book presents a framework for defending your network against these attacks in an environment where it might seem impossible.

The most current attacks are discussed along with their delivery methods, such as browser exploitation, use of rich Internet applications, and file format vulnerabilities. The severity of these attacks is examined along with defences against them, including antivirus and anti-spyware, intrusion detection systems, and end-user education. FREE DOWNLOAD »