Firewalls Don't Stop Dragons, 5th Edition
Rely on this practical, comprehensive guide to significantly improve your cyber safety and data privacy. This book was written expressly for regular, everyday people - though even technically savvy readers will find many useful tips here. This book contains everything you need to protect yourself-step by step, without judgment, and with as little jargon as possible.
Protecting your digital domain is much like defending a medieval castle. Wide moats, towering walls and trained guards provide defense in depth, safeguarding the people and property within against the most common threats. But attempting to dragon-proof your castle would be counterproductive and costly. The goal of this book is to keep your devices and data safe from the most likely and impactful hazards - not a targeted attack by the NSA. Like wearing seat belts and sunscreen in the real world, there are dozens of simple, effective precautions we need to take in the virtual world.
Author Carey Parker has structured th ...
Mastering Linux Security and Hardening, 3rd Edition
The third edition of Mastering Linux Security and Hardening is an updated, comprehensive introduction to implementing the latest Linux security measures, using the latest versions of Ubuntu and AlmaLinux. In this new edition, you will learn how to set up a practice lab, create user accounts with appropriate privilege levels, protect sensitive data with permissions settings and encryption, and configure a firewall with the newest firewall technologies. You'll also explore how to use sudo to set up administrative accounts with only the privileges required to do a specific job, and you'll get a peek at the new sudo features that have been added over the past couple of years. You'll also see updated information on how to set up a local certificate authority for both Ubuntu and AlmaLinux, as well as how to automate system auditing. Other important skills that you'll learn include how to automatically harden systems with OpenSCAP, audit systems with auditd, harden the Linux ker ...
Practical Data Privacy
Between major privacy regulations like the GDPR and CCPA and expensive and notorious data breaches, there has never been so much pressure to ensure data privacy. Unfortunately, integrating privacy into data systems is still complicated. This essential guide will give you a fundamental understanding of modern privacy building blocks, like differential privacy, federated learning, and encrypted computation. Based on hard-won lessons, this book provides solid advice and best practices for integrating breakthrough privacy-enhancing technologies into production systems.
Practical Data Privacy answers important questions such as: What do privacy regulations like GDPR and CCPA mean for my data workflows and data science use cases? What does "anonymized data" really mean? How do I actually anonymize data? How does federated learning and analysis work? Homomorphic encryption sounds great, but is it ready for use? How do I compare and choose the best privacy-preserving technologies and method ...
Making Sense of Cybersecurity
Go behind the headlines of famous attacks and learn lessons from real-world breaches that author Tom Kranz has personally helped to clean up. Making Sense of Cybersecurity is full of clear-headed advice and examples that will help you identify risks in your organization and choose the right path to apply the important security concepts. You'll learn the three pillars of a successful security strategy and how to create and apply threat models that will iteratively improve your organization's readiness.
Someone is attacking your business right now. Understanding the threats, weaknesses, and attacks gives you the power to make better decisions about how to secure your systems. This book guides you through the concepts and basic skills you need to make sense of cybersecurity.
Making Sense of Cybersecurity is a crystal-clear overview of common cyber threats written for business and technical readers with no background in security. You'll explore the core id ...
Written by security engineer Dylan Shields, AWS Security provides comprehensive coverage on the key tools and concepts you can use to defend AWS-based systems. You'll learn how to honestly assess your existing security protocols, protect against the most common attacks on cloud applications, and apply best practices to configuring identity and access management and virtual private clouds.
AWS provides a suite of strong security services, but it's up to you to configure them correctly for your applications and data. Cloud platforms require you to learn new techniques for identity management, authentication, monitoring, and other key security practices. This book gives you everything you'll need to defend your AWS-based applications from the most common threats facing your business.
AWS Security is the guide to AWS security services you'll want on hand when you're facing any cloud security problem. Because it's organized aroun ...
Practical Cloud Native Security with Falco
As more and more organizations migrate their applications to the cloud, cloud native computing has become the dominant way to approach software development and execution. Protecting modern, cloud native applications from threats requires the ability to defend them at runtime, when they're most vulnerable to attacks.
This practical guide introduces you to Falco, the open source standard for continuous risk and threat detection across Kubernetes, containers, and the cloud. Falco creator Loris Degioanni and core maintainer Leonardo Grasso bring you up to speed on threat detection and show you how to get Falco up and running, plus advanced topics such as deploying Falco in production and writing your own security rules.
You'll learn how to: Leverage runtime security in cloud native environments; Detect configuration changes and unexpected behavior in the cloud; Protect containers, Kubernetes, and cloud applications using Falco; Run, deploy, and customize Falco; Deploy, ...
Microsoft Defender for Cloud Cookbook
Microsoft Defender for Cloud is a multi-cloud and hybrid cloud security posture management solution that enables security administrators to build cyber defense for their Azure and non-Azure resources by providing both recommendations and security protection capabilities.
This book will start with a foundational overview of Microsoft Defender for Cloud and its core capabilities. Then, the reader is taken on a journey from enabling the service, selecting the correct tier, and configuring the data collection, to working on remediation. Next, we will continue with hands-on guidance on how to implement several security features of Microsoft Defender for Cloud, finishing with monitoring and maintenance-related topics, gaining visibility in advanced threat protection in distributed infrastructure and preventing security failures through automation.
By the end of this book, you will know how to get a view of your security posture and where to opt ...
There is a distinct lack of theoretical innovation in the cybersecurity industry. This is not to say that innovation is lacking, as new technologies, services, and solutions (as well as buzzwords) are emerging every day. This book will be the first cybersecurity text aimed at encouraging abstract and intellectual exploration of cybersecurity from the philosophical and speculative perspective. Technological innovation is certainly necessary, as it furthers the purveying of goods and services for cybersecurity producers in addition to securing the attack surface of cybersecurity consumers where able.
The issue is that the industry, sector, and even academia are largely technologically focused. There is not enough work done to further the trade - the craft of cybersecurity. This book frames the cause of this and other issues, and what can be done about them. Potential methods and directions are outlined regarding how the industry can evolve to embrace t ...
Cloud Native Security Cookbook
With the rise of the cloud, every aspect of IT has been shaken to its core. The fundamentals for building systems are changing, and although many of the principles that underpin security still ring true, their implementation has become unrecognizable. This practical book provides recipes for AWS, Azure, and GCP to help you enhance the security of your own cloud native systems.
Based on his hard-earned experience working with some of the world's biggest enterprises and rapidly iterating startups, consultant Josh Armitage covers the trade-offs that security professionals, developers, and infrastructure gurus need to make when working with different cloud providers. Each recipe discusses these inherent compromises, as well as where clouds have similarities and where they're fundamentally different.
Learn how the cloud provides security superior to what was achievable in an on-premises world; Understand the principles and mental models that enable you to m ...
The Definitive Guide to Security in Jakarta EE
Refer to this definitive and authoritative book to understand the Jakarta EE Security Spec, with Jakarta Authentication & Authorization as its underlying official foundation. Jakarta EE Security implementations are discussed, such as Soteria and Open Liberty, along with the build-in modules and Jakarta EE Security third-party modules, such as Payara Yubikey & OIDC, and OmniFaces JWT-Auth.
The book discusses Jakarta EE Security in relation to SE underpinnings and provides a detailed explanation of how client-cert authentication over HTTPS takes place, how certifications work, and how LDAP-like names are mapped to caller/user names. General (web) security best practices are presented, such as not storing passwords in plaintext, using HTTPS, sanitizing inputs to DB queries, encoding output, and explanations of various (web) attacks and common vulnerabilities are included.
Practical examples of securing applications discuss common needs such as lett ...
ASP.NET Core Security
ASP.NET Core Security teaches you the skills and countermeasures you need to keep your ASP.NET Core apps secure from the most common web application attacks. With this collection of practical techniques, you will be able to anticipate risks and introduce practices like testing as regular security checkups. You'll be fascinated as the author explores real-world security breaches, including rogue Firefox extensions and Adobe password thefts. The examples present universal security best practices with a sharp focus on the unique needs of ASP.NET Core applications.
Your ASP.NET Core applications are under attack now. Are you ready? Th ere are specific countermeasures you can apply to keep your company out of the headlines. This book demonstrates exactly how to secure ASP.NET Core web applications, including safe browser interactions, recognizing common threats, and deploying the framework's unique security APIs.
ASP.NET Core Security is a rea ...