IT eBooks

IT eBooks
Download, Read, Use

Security eBooks

Hacking Exposed Industrial Control Systems Hacking Exposed Industrial Control Systems

This hands-on guide exposes the devious methods cyber threat actors use to compromise the hardware and software central to petroleum pipelines, electrical grids, and nuclear refineries. Hacking Exposed Industrial Control Systems: ICS and SCADA Security Secrets and Solutions shows, step-by-step, how to implement and maintain an ICS-focused risk mitigation framework that is targeted, efficient, and cost-effective. The book arms you with the skills necessary to defend against attacks that are debilitating? and potentially deadly. See how to assess risk, perform ICS-specific threat modeling, carry out penetration tests using "ICS safe" methods, and block malware. Throughout, the authors use case studies of notorious attacks to illustrate vulnerabilities alongside actionable, ready-to-deploy countermeasures. Assess your exposure and develop an effective risk management plan; Adopt the latest ICS-focused threat intelligence techniques; Use threat modeling to create realistic risk s ...
Mastering Kali Linux Wireless Pentesting Mastering Kali Linux Wireless Pentesting

Kali Linux is a Debian-based Linux distribution designed for digital forensics and penetration testing. It gives access to a large collection of security-related tools for professional security testing - some of the major ones being Nmap, Aircrack-ng, Wireshark, and Metasploit. This book will take you on a journey where you will learn to master advanced tools and techniques to conduct wireless penetration testing with Kali Linux. You will begin by gaining an understanding of setting up and optimizing your penetration testing environment for wireless assessments. Then, the book will take you through a typical assessment from reconnaissance, information gathering, and scanning the network through exploitation and data extraction from your target. You will get to know various ways to compromise the wireless network using browser exploits, vulnerabilities in firmware, web-based attacks, client-side exploits, and many other hacking methods. You will also discover how to crack w ...
Identity and Data Security for Web Development Identity and Data Security for Web Development

Balancing usability and security when building a website or app can be incredibly difficult. This practical book teaches you a results-driven approach for accomplishing both without compromising either. Not only will you learn what to be aware of when building your systems, but also how to build a solid identity infrastructure across devices that's both usable and secure. You'll be able to harden your data infrastructure and privileged user information, while using common techniques to prevent data breaches. You'll also take a look at future technology that will impact data and identity security. ...
Dynamic SQL Dynamic SQL

This book is an introduction and deep-dive into the many uses of dynamic SQL in Microsoft SQL Server. Dynamic SQL is key to large-scale searching based upon user-entered criteria. It's also useful in generating value-lists, in dynamic pivoting of data for business intelligence reporting, and for customizing database objects and querying their structure. Executing dynamic SQL is at the heart of applications such as business intelligence dashboards that need to be fluid and respond instantly to changing user needs as those users explore their data and view the results. Yet dynamic SQL is feared by many due to concerns over SQL injection attacks. Reading Dynamic SQL: Applications, Performance, and Security is your opportunity to learn and master an often misunderstood feature, including security and SQL injection. All aspects of security relevant to dynamic SQL are discussed in this book. You will learn many ways to save time and develop code more efficiently, a ...
Building a Comprehensive IT Security Program Building a Comprehensive IT Security Program

This book explains the ongoing war between private business and cyber criminals, state-sponsored attackers, terrorists, and hacktivist groups. Further, it explores the risks posed by trusted employees that put critical information at risk through malice, negligence, or simply making a mistake. It clarifies the historical context of the current situation as it relates to cybersecurity the challenges facing private business, and the fundamental changes organizations can make to better protect themselves. The problems we face are difficult, but they are not hopeless. Cybercrime continues to grow at an astounding rate. With constant coverage of cyber-attacks in the media, there is no shortage of awareness of increasing threats. Budgets have increased and executives are implementing stronger defenses. Nonetheless, breaches continue to increase in frequency and scope. Building a Comprehensive IT Security Program shares why organizations continue to fail to secure their cr ...
Hacking Android Hacking Android

With the mass explosion of Android mobile phones in the world, mobile devices have become an integral part of our everyday lives. Security of Android devices is a broad subject that should be part of our everyday lives to defend against ever-growing smartphone attacks. Everyone, starting with end users all the way up to developers and security professionals should care about android security. Hacking Android is a step-by-step guide that will get you started with Android security. You'll begin your journey at the absolute basics, and then will slowly gear up to the concepts of Android rooting, application security assessments, malware, infecting APK files, and fuzzing. On this journey you'll get to grips with various tools and techniques that can be used in your everyday pentests. You'll gain the skills necessary to perform Android application vulnerability assessment and penetration testing and will create an Android pentesting lab. ...
Identity and Data Security for Web Development Identity and Data Security for Web Development

Developers, designers, engineers, and creators can no longer afford to pass responsibility for identity and data security onto others. Web developers who don't understand how to obscure data in transmission, for instance, can open security flaws on a site without realizing it. With this practical guide, you'll learn how and why everyone working on a system needs to ensure that users and data are protected. Authors Jonathan LeBlanc and Tim Messerschmidt provide a deep dive into the concepts, technology, and programming methodologies necessary to build a secure interface for data and identity - without compromising usability. You'll learn how to plug holes in existing systems, protect against viable attack vectors, and work in environments that sometimes are naturally insecure.Understand the state of web and application security today;Design security password encryption, and combat password attack vectors;Create digital fingerprint ...
Dynamic SQL Dynamic SQL

This book is an introduction and deep-dive into the many uses of dynamic SQL in Microsoft SQL Server. Dynamic SQL is key to large-scale searching based upon user-entered criteria. It's also useful in generating value-lists, in dynamic pivoting of data for business intelligence reporting, and for customizing database objects and querying their structure. Executing dynamic SQL is at the heart of applications such as business intelligence dashboards that need to be fluid and respond instantly to changing user needs as those users explore their data and view the results. Yet dynamic SQL is feared by many due to concerns over SQL injection attacks. Reading Dynamic SQL: Applications, Performance, and Security is your opportunity to learn and master an often misunderstood feature, including security and SQL injection. All aspects of security relevant to dynamic SQL are discussed in this book. You will learn many ways to save time and develop code more efficiently, a ...
Building a Comprehensive IT Security Program Building a Comprehensive IT Security Program

This book explains the ongoing war between private business and cyber criminals, state-sponsored attackers, terrorists, and hacktivist groups. Further, it explores the risks posed by trusted employees that put critical information at risk through malice, negligence, or simply making a mistake. It clarifies the historical context of the current situation as it relates to cybersecurity the challenges facing private business, and the fundamental changes organizations can make to better protect themselves. The problems we face are difficult, but they are not hopeless. Cybercrime continues to grow at an astounding rate. With constant coverage of cyber-attacks in the media, there is no shortage of awareness of increasing threats. Budgets have increased and executives are implementing stronger defenses. Nonetheless, breaches continue to increase in frequency and scope. Building a Comprehensive IT Security Program shares why organizations continue to fail to secure their cr ...
Network Security Assessment, 3rd Edition Network Security Assessment, 3rd Edition

How secure is your network? The best way to find out is to attack it, using the same tactics attackers employ to identify and exploit weaknesses. With the third edition of this practical book, you'll learn how to perform network-based penetration testing in a structured manner. Security expert Chris McNab demonstrates common vulnerabilities, and the steps you can take to identify them in your environment. System complexity and attack surfaces continue to grow. This book provides a process to help you mitigate risks posed to your network. Each chapter includes a checklist summarizing attacker techniques, along with effective countermeasures you can use immediately. Learn how to effectively test system components, including: Common services such as SSH, FTP, Kerberos, SNMP, and LDAP; Microsoft services, including NetBIOS, SMB, RPC, and RDP; SMTP, POP3, and IMAP email services; IPsec and PPTP services that provide secure network access; TLS protocols and features providing tr ...
Exploring SE for Android Exploring SE for Android

You will start by exploring the nature of the security mechanisms behind Linux and SELinux, and as you complete the chapters, you will integrate and enable SE for Android into a System on Chip (SoC), a process that, prior to this book, has never before been documented in its entirety! Discover Android's unique user space, from its use of the common UID and GID model to promote its security goals to its custom binder IPC mechanism. Explore the interface between the kernel and user space with respect to SELinux and investigate contexts and labels and their application to system objects. This book will help you develop the necessary skills to evaluate and engineer secured products with the Android platform, whether you are new to world of Security Enhanced Linux (SELinux) or experienced in secure system deployment. ...
Reproduction of site books is authorized only for informative purposes and strictly for personal, private use.
Only Direct Download
IT eBooks Group © 2011-2018