AWS Penetration Testing
Cloud security has always been treated as the highest priority by AWS while designing a robust cloud infrastructure. AWS has now extended its support to allow users and security experts to perform penetration tests on its environment. This has not only revealed a number of loopholes and brought vulnerable points in their existing system to the fore, but has also opened up opportunities for organizations to build a secure cloud environment. This book teaches you how to perform penetration tests in a controlled AWS environment.
You'll begin by performing security assessments of major AWS resources such as Amazon EC2 instances, Amazon S3, Amazon API Gateway, and AWS Lambda. Throughout the course of this book, you'll also learn about specific tests such as exploiting applications, compromising Identity and Access Management (IAM) keys, testing permissions flaws, and discovering weak policies. Moving on, you'll discover how to establish private-cloud access through b ...
Advanced ASP.NET Core 3 Security
Incorporate security best practices into ASP.NET Core. This book covers security-related features available within the framework, explains where these feature may fall short, and delves into security topics rarely covered elsewhere. Get ready to dive deep into ASP.NET Core 3.1 source code, clarifying how particular features work and addressing how to fix problems.
For straightforward use cases, the ASP.NET Core framework does a good job in preventing certain types of attacks from happening. But for some types of attacks, or situations that are not straightforward, there is very little guidance available on how to safely implement solutions. And worse, there is a lot of bad advice online on how to implement functionality, be it encrypting unsafely hard-coded parameters that need to be generated at runtime, or articles which advocate for certain solutions that are vulnerable to obvious injection attacks. Even more concerning is the functions in ASP.NET Core that are not ...
Web Security for Developers
The world has changed. Today, every time you make a site live, you're opening it up to attack.
A first-time developer can easily be discouraged by the difficulties involved with properly securing a website. But have hope: an army of security researchers is out there discovering, documenting, and fixing security flaws. Thankfully, the tools you'll need to secure your site are freely available and generally easy to use.
Web Security for Developers will teach you how your websites are vulnerable to attack and how to protect them. Each chapter breaks down a major security vulnerability and explores a real-world attack, coupled with plenty of code to show you both the vulnerability and the fix.
Microservices Security in Action
Unlike traditional enterprise applications, Microservices applications are collections of independent components that function as a system. Securing the messages, queues, and API endpoints requires new approaches to security both in the infrastructure and the code. Microservices Security in Action teaches you how to address microservices-specific security challenges throughout the system. This practical guide includes plentiful hands-on exercises using industry-leading open-source tools and examples using Java and Spring Boot.
Integrating independent services into a single system presents special security challenges in a microservices deployment. With proper planning, however, you can build in security from the start. Learn to create secure services and protect application data throughout development and deployment. As microservices continue to change enterprise application systems, developers and architects must learn to integrate security ...
Rational Cybersecurity for Business
Use the guidance in this comprehensive field guide to gain the support of your top executives for aligning a rational cybersecurity plan with your business. You will learn how to improve working relationships with stakeholders in complex digital businesses, IT, and development environments. You will know how to prioritize your security program, and motivate and retain your team.
Misalignment between security and your business can start at the top at the C-suite or happen at the line of business, IT, development, or user level. It has a corrosive effect on any security project it touches. But it does not have to be like this.
Author Dan Blum presents valuable lessons learned from interviews with over 70 security and business leaders. You will discover how to successfully solve issues related to: risk management, operational security privacy protection, hybrid cloud management, security culture and user awareness, and communication ...
Pro Google Kubernetes Engine
Discover methodologies and best practices for getting started with Google Kubernetes Engine (GKE). This book helps you understand how GKE provides a fully managed environment to deploy and operate containerized applications on Google Cloud infrastructure.
You will see how Kubernetes makes it easier for users to manage clusters and the container ecosystem. And you will get detailed guidance on deploying and managing applications, handling administration of container clusters, managing policies, and monitoring cluster resources. You will learn how to operate the GKE environment through the GUI-based Google Cloud console and the "gcloud" command line interface.
The book starts with an introduction to GKE and associated services. The authors provide hands-on examples to set up Container Registry and GKE Cluster, and you will follow through an application deployment on GKE. Later chapters focus on securing your GCP GKE environment, GKE monitoring and dashboarding, and CI/CD automation ...
Cybersecurity Threats, Malware Trends, and Strategies
Cybersecurity Threats, Malware Trends, and Strategies shares numerous insights about the threats that both public and private sector organizations face and the cybersecurity strategies that can mitigate them.
The book provides an unprecedented long-term view of the global threat landscape by examining the twenty-year trend in vulnerability disclosures and exploitation, nearly a decade of regional differences in malware infections, the socio-economic factors that underpin them, and how global malware has evolved. This will give you further perspectives into malware protection for your organization. It also examines internet-based threats that CISOs should be aware of.
The book will provide you with an evaluation of the various cybersecurity strategies that have ultimately failed over the past twenty years, along with one or two that have actually worked. It will help executives and security and compliance professionals understand how cloud computing is ...
IoT and Edge Computing for Architects, 2nd Edition
Industries are embracing IoT technologies to improve operational expenses, product life, and people's well-being. An architectural guide is needed if you want to traverse the spectrum of technologies needed to build a successful IoT system, whether that's a single device or millions of IoT devices.
IoT and Edge Computing for Architects, Second Edition encompasses the entire spectrum of IoT solutions, from IoT sensors to the cloud. It examines modern sensor systems, focusing on their power and functionality. It also looks at communication theory, paying close attention to near-range PAN, including the new Bluetooth® 5.0 specification and mesh networks. Then, the book explores IP-based communication in LAN and WAN, including 802.11ah, 5G LTE cellular, Sigfox, and LoRaWAN. It also explains edge computing, routing and gateways, and their role in fog computing, as well as the messaging protocols of MQTT 5.0 and CoAP.
With the data now in internet form, you'll get an understanding of ...
Obtain all the skills you need to configure and manage a PostgreSQL database. In this book you will begin by installing and configuring PostgreSQL on a server by focusing on system-level parameter settings before installation. You will also look at key post-installation steps to avoid issues in the future. The basic configuration of PostgreSQL is tuned for compatibility rather than performance. Keeping this in mind, you will fine-tune your PostgreSQL parameters based on your environment and application behavior. You will then get tips to improve database monitoring and maintenance followed by database security for handling sensitive data in PostgreSQL.
Every system containing valuable data needs to be backed-up regularly. PostgreSQL follows a simple back-up procedure and provides fundamental approaches to back up your data. You will go through these approaches and choose the right one based on your environment. Running your application with limited resources can be tricky. T ...
Design and Analysis of Security Protocol for Communication
The purpose of designing this book is to discuss and analyze security protocols available for communication. Objective is to discuss protocols across all layers of TCP/IP stack and also to discuss protocols independent to the stack. Authors will be aiming to identify the best set of security protocols for the similar applications and will also be identifying the drawbacks of existing protocols. The authors will be also suggesting new protocols if any. ...
Gain a broad understanding of how PCI DSS is structured and obtain a high-level view of the contents and context of each of the 12 top-level requirements. The guidance provided in this book will help you effectively apply PCI DSS in your business environments, enhance your payment card defensive posture, and reduce the opportunities for criminals to compromise your network or steal sensitive data assets.
Businesses are seeing an increased volume of data breaches, where an opportunist attacker from outside the business or a disaffected employee successfully exploits poor company practices. Rather than being a regurgitation of the PCI DSS controls, this book aims to help you balance the needs of running your business with the value of implementing PCI DSS for the protection of consumer payment card data.
Applying lessons learned from history, military experiences (including multiple deployments into hostile areas), numerous PCI QSA assignments, and corporate cybersecurity an ...