Book Image

Cybersecurity – Attack and Defense Strategies - Second Edition

By : Yuri Diogenes, Dr. Erdal Ozkaya
Book Image

Cybersecurity – Attack and Defense Strategies - Second Edition

By: Yuri Diogenes, Dr. Erdal Ozkaya

Overview of this book

Cybersecurity – Attack and Defense Strategies, Second Edition is a completely revised new edition of the bestselling book, covering the very latest security threats and defense mechanisms including a detailed overview of Cloud Security Posture Management (CSPM) and an assessment of the current threat landscape, with additional focus on new IoT threats and cryptomining. Cybersecurity starts with the basics that organizations need to know to maintain a secure posture against outside threat and design a robust cybersecurity program. It takes you into the mindset of a Threat Actor to help you better understand the motivation and the steps of performing an actual attack – the Cybersecurity kill chain. You will gain hands-on experience in implementing cybersecurity using new techniques in reconnaissance and chasing a user’s identity that will enable you to discover how a system is compromised, and identify and then exploit the vulnerabilities in your own system. This book also focuses on defense strategies to enhance the security of a system. You will also discover in-depth tools, including Azure Sentinel, to ensure there are security controls in each network layer, and how to carry out the recovery process of a compromised system.
Table of Contents (20 chapters)
18
Other Books You May Enjoy
19
Index

Best practices for vulnerability management

Even with the best tools, you will achieve nothing without the correct execution when it comes to vulnerability management. Therefore, all the actions that have been identified in the implementation section must be carried out flawlessly. There is a set of best practices for each step of the implementation of the vulnerability management strategy.

Starting off with the asset inventory, the organization should establish a single point of authority. There should be one person that can be held responsible if the inventory is not up to date or has inconsistencies. Another best practice is to encourage the use of consistent abbreviations and terminology during data entry. It may become confusing to another person trying to go through the inventory if the abbreviations and terms keep on changing. The inventory should also be validated at least once a year. Lastly, it is advisable to treat changes of inventory management systems with the same...