Book Image

Cybersecurity – Attack and Defense Strategies - Third Edition

By : Yuri Diogenes, Dr. Erdal Ozkaya

5 (2)

Book Image

Cybersecurity – Attack and Defense Strategies - Third Edition

5 (2)

By: Yuri Diogenes, Dr. Erdal Ozkaya

Overview of this book

Cybersecurity – Attack and Defense Strategies, Third Edition will bring you up to speed with the key aspects of threat assessment and security hygiene, the current threat landscape and its challenges, and how to maintain a strong security posture. In this carefully revised new edition, you will learn about the Zero Trust approach and the initial Incident Response process. You will gradually become familiar with Red Team tactics, where you will learn basic syntax for commonly used tools to perform the necessary operations. You will also learn how to apply newer Red Team techniques with powerful tools. Simultaneously, Blue Team tactics are introduced to help you defend your system from complex cyber-attacks. This book provides a clear, in-depth understanding of attack/defense methods as well as patterns to recognize irregular behavior within your organization. Finally, you will learn how to analyze your network and address malware, while becoming familiar with mitigation and threat detection techniques. By the end of this cybersecurity book, you will have discovered the latest tools to enhance the security of your system, learned about the security controls you need, and understood how to carry out each step of the incident response process.

Preface

Who this book is for

What this book covers

To get the most out of this book

Security Posture

Security Posture

Why security hygiene should be your number one priority

The current threat landscape

Cybersecurity challenges

Enhancing your security posture

The Red and Blue Teams

Free Chapter

Incident Response Process

Incident Response Process

The incident response process

Handling an incident

Post-incident activity

Considerations for incident response in the cloud

What is a Cyber Strategy?

What is a Cyber Strategy?

How to build a cyber strategy

Why do we need to build a cyber strategy?

Best cyber attack strategies

Best cyber defense strategies

Benefits of having a proactive cybersecurity strategy

Top cybersecurity strategies for businesses

Further reading

Understanding the Cybersecurity Kill Chain

Understanding the Cybersecurity Kill Chain

Understanding the Cyber Kill Chain

Security controls used to stop the Cyber Kill Chain

Threat life cycle management

Concerns about the Cybersecurity Kill Chain

How the Cyber Kill Chain has evolved

Tools used during the Cyber Kill Chain

Comodo AEP via Dragon Platform

Further reading

Reconnaissance

External reconnaissance

Internal reconnaissance

Tools used for reconnaissance

Passive vs. active reconnaissance

How to combat reconnaissance

How to prevent reconnaissance

Compromising the System

Compromising the System

Analyzing current trends

Performing the steps to compromise a system

Mobile phone (iOS/Android) attacks

Further reading

Chasing a User’s Identity

Chasing a User’s Identity

Identity is the new perimeter

Strategies for compromising a user’s identity

Lateral Movement

Lateral Movement

Network mapping

Performing lateral movement

Further reading

Privilege Escalation

Privilege Escalation

Security Policy

Security Policy

Reviewing your security policy

Educating the end user

Policy enforcement

Monitoring for compliance

Continuously driving security posture enhancement via security policy

Network Security

Network Security

The defense-in-depth approach

Physical network segmentation

Securing remote access to the network

Virtual network segmentation

Zero trust network

Hybrid cloud network security

Active Sensors

Detection capabilities

Intrusion detection systems

Intrusion prevention system

Behavior analytics on-premises

Behavior analytics in a hybrid cloud

Threat Intelligence

Threat Intelligence

Introduction to threat intelligence

Open-source tools for threat intelligence

Microsoft threat intelligence

Investigating an Incident

Investigating an Incident

Scoping the issue

Investigating a compromised system on-premises

Investigating a compromised system in a hybrid cloud

Proactive investigation (threat hunting)

Lessons learned

Recovery Process

Recovery Process

Disaster recovery plan

Contingency planning

Business continuity plan

Best practices for disaster recovery

Further reading

Vulnerability Management

Vulnerability Management

Creating a vulnerability management strategy

Elements of a vulnerability strategy

Differences between vulnerability management and vulnerability assessment

Best practices for vulnerability management

Vulnerability management tools

Further reading

Log Analysis

Data correlation

Operating system logs

Web server logs

Amazon Web Services (AWS) logs

Azure Activity logs

Google Cloud Platform Logs

Other Books You May Enjoy

Other Books You May Enjoy

Index

Customer Reviews

5 (2)

5 star

100%

4 star

0

3 star

0

2 star

0

1 star

0

Understanding the Cybersecurity Kill Chain

In the last chapter, you learned about the incident response process and how it fits into the overall enhancement of a company’s security posture. Now it is time to start thinking like an attacker and understand the rationale, the motivation, and the steps of performing an attack. We call this the Cybersecurity Kill Chain, which is something that we briefly covered in Chapter 1, Secure Posture. Today, the most advanced cyber-attacks are reported to involve intrusions inside a target’s network that last a long time before doing damage or being discovered. This reveals a unique characteristic of today’s attackers: they have an astounding ability to remain undetected until the time is right. This means that they operate on well-structured and scheduled plans. There have been studies carried out on the precision of their attacks, which have revealed that most cyber attackers use a series of similar phases to pull off successful...