Advertisement
| defender external attack surface management: Windows Ransomware Detection and Protection Marius Sandbu, 2023-03-17 Protect your end users and IT infrastructure against common ransomware attack vectors and efficiently monitor future threats Purchase of the print or Kindle book includes a free PDF eBook Key FeaturesLearn to build security monitoring solutions based on Microsoft 365 and SentinelUnderstand how Zero-Trust access and SASE services can help in mitigating risksBuild a secure foundation for Windows endpoints, email, infrastructure, and cloud servicesBook Description If you're looking for an effective way to secure your environment against ransomware attacks, this is the book for you. From teaching you how to monitor security threats to establishing countermeasures to protect against ransomware attacks, Windows Ransomware Detection and Protection has it all covered. The book begins by helping you understand how ransomware attacks work, identifying different attack vectors, and showing you how to build a secure network foundation and Windows environment. You'll then explore ransomware countermeasures in different segments, such as Identity and Access Management, networking, Endpoint Manager, cloud, and infrastructure, and learn how to protect against attacks. As you move forward, you'll get to grips with the forensics involved in making important considerations when your system is attacked or compromised with ransomware, the steps you should follow, and how you can monitor the threat landscape for future threats by exploring different online data sources and building processes. By the end of this ransomware book, you'll have learned how configuration settings and scripts can be used to protect Windows from ransomware attacks with 50 tips on security settings to secure your Windows workload. What you will learnUnderstand how ransomware has evolved into a larger threatSecure identity-based access using services like multifactor authenticationEnrich data with threat intelligence and other external data sourcesProtect devices with Microsoft Defender and Network ProtectionFind out how to secure users in Active Directory and Azure Active DirectorySecure your Windows endpoints using Endpoint ManagerDesign network architecture in Azure to reduce the risk of lateral movementWho this book is for This book is for Windows administrators, cloud administrators, CISOs, and blue team members looking to understand the ransomware problem, how attackers execute intrusions, and how you can use the techniques to counteract attacks. Security administrators who want more insights into how they can secure their environment will also find this book useful. Basic Windows and cloud experience is needed to understand the concepts in this book. |
| defender external attack surface management: Enhancing Your Cloud Security with a CNAPP Solution Yuri Diogenes, 2024-10-31 Implement the entire CNAPP lifecycle from designing, planning, adopting, deploying, and operationalizing to enhance your organization's overall cloud security posture. Key Features Master the CNAPP lifecycle from planning to operationalization using real-world practical scenarios. Dive deep into the features of Microsoft's Defender for Cloud to elevate your organization’s security posture. Explore hands-on examples and implementation techniques from a leading expert in the cybersecurity industry Book DescriptionCloud security is a pivotal aspect of modern IT infrastructure, essential for safeguarding critical data and services. This comprehensive book explores Cloud Native Application Protection Platform (CNAPP), guiding you through adopting, deploying, and managing these solutions effectively. Written by Yuri Diogenes, Principal PM at Microsoft, who has been with Defender for Cloud (formerly Azure Security Center) since its inception, this book distills complex concepts into actionable knowledge making it an indispensable resource for Cloud Security professionals. The book begins with a solid foundation detailing the why and how of CNAPP, preparing you for deeper engagement with the subject. As you progress, it delves into practical applications, including using Microsoft Defender for Cloud to enhance your organization's security posture, handle multicloud environments, and integrate governance and continuous improvement practices into your operations. Further, you'll learn how to operationalize your CNAPP framework, emphasizing risk management & attack disruption, leveraging AI to enhance security measures, and integrating Defender for Cloud with Microsoft Security Exposure Management. By the end, you'll be ready to implement and optimize a CNAPP solution in your workplace, ensuring a robust defense against evolving threats.What you will learn Implement Microsoft Defender for Cloud across diverse IT environments Harness DevOps security capabilities to tighten cloud operations Leverage AI tools such as Microsoft Copilot for Security to help remediate security recommendations at scale Integrate Microsoft Defender for Cloud with other XDR, SIEM (Microsoft Sentinel) and Microsoft Security Exposure Management Optimize your cloud security posture with continuous improvement practices Develop effective incident response plans and proactive threat hunting techniques Who this book is for This book is aimed at Cloud Security Professionals that work with Cloud Security, Posture Management, or Workload Protection. DevOps Engineers that need to have a better understanding of Cloud Security Tools and SOC Analysts that need to understand how CNAPP can enhance their threat hunting capabilities can also benefit from this book. Basic knowledge of Cloud Computing, including Cloud Providers such as Azure, AWS, and GCP is assumed. |
| defender external attack surface management: Mastering Microsoft Defender for Office 365 Samuel Soto, 2024-09-13 Unlock the full potential of Microsoft Defender for Office 365 with this comprehensive guide, covering its advanced capabilities and effective implementation strategies Key Features Integrate Microsoft Defender for Office 365 fits into your organization’s security strategy Implement, operationalize, and troubleshoot Microsoft Defender for Office 365 to align with your organization’s requirements Implement advanced hunting, automation, and integration for effective security operations Purchase of the print or Kindle book includes a free PDF eBook Book DescriptionNavigate the security Wild West with Microsoft Defender for Office 365, your shield against the complex and rapidly evolving cyber threats. Written by a cybersecurity veteran with 25 years of experience, including combating nation-state adversaries and organized cybercrime gangs, this book offers unparalleled insights into modern digital security challenges by helping you secure your organization's email and communication systems and promoting a safer digital environment by staying ahead of evolving threats and fostering user awareness. This book introduces you to a myriad of security threats and challenges organizations encounter and delves into the day-to-day use of Defender for Office 365, offering insights for proactively managing security threats, investigating alerts, and effective remediation. You’ll explore advanced strategies such as leveraging threat intelligence to reduce false alerts, customizing reports, conducting attack simulation, and automating investigation and remediation. To ensure complete protection, you’ll learn to integrate Defender for Office 365 with other security tools and APIs. By the end of this book, you’ll have gained a comprehensive understanding of Defender for Office 365 and its crucial role in fortifying your organization's cybersecurity posture.What you will learn Plan a rollout and configure a Defender for Office 365 deployment strategy Continuously optimize your security configuration to strengthen your organization's security posture Leverage advanced hunting and automation for proactive security Implement email authentication and anti-phishing measures Conduct attack simulations and security awareness training to educate users in threat recognition and response Customize and automate reports to enhance decision-making Troubleshoot common issues to minimize impact Who this book is for This book is a must-read for IT consultants, business decision-makers, system administrators, system and security engineers, and anyone looking to establish robust and intricate security measures for office productivity tools to preemptively tackle prevalent threats such as phishing, business email compromise, and malware attacks. Basic knowledge of cybersecurity fundamentals and familiarity with Microsoft Office 365 environments will assist with understanding the concepts covered. |
| defender external attack surface management: Microsoft Cybersecurity Architect Exam Ref SC-100 Dwayne Natwick, Graham Gold, Abu Zobayer, 2024-10-31 Unlock your potential to pass the SC-100 exam by mastering advanced cloud security strategies, designing zero-trust architectures, and evaluating cybersecurity frameworks with this latest exam guide Purchase of this book unlocks access to web-based exam prep resources such as mock exams, flashcards, exam tips, the eBook PDF Key Features Gain a deep understanding of all topics covered in the latest SC-100 exam Advance your knowledge of architecting and evaluating cybersecurity services to tackle day-to-day challenges Get certified with ease through mock tests with exam-level difficulty Benefit from practical examples that will help you put your new knowledge to work Book DescriptionThis Second Edition of Microsoft Cybersecurity Architect Exam Ref SC-100 is a comprehensive guide that will help cybersecurity professionals design and evaluate the cybersecurity architecture of Microsoft cloud services. Packed with practice questions, mock exams, interactive flashcards, and invaluable exam tips, this comprehensive resource gives you everything you need to conquer the SC-100 exam with confidence. This book will take you through designing a strategy for a cybersecurity architecture and evaluating the governance, risk, and compliance (GRC) of the architecture of both cloud-only and hybrid infrastructures. You'll discover how to implement zero trust principles, enhance security operations, and elevate your organization's security posture. By the end of this book, you'll be fully equipped to plan, design, and assess cybersecurity frameworks for Microsoft cloud environments—and pass the SC-100 exam with flying colors. Ready to take your cybersecurity expertise to the next level? This guide is your key to success.What you will learn Design a zero-trust strategy and architecture Evaluate GRC technical and security operation strategies Apply encryption standards for data protection Utilize Microsoft Defender tools to assess and enhance security posture Translate business goals into actionable security requirements Assess and mitigate security risks using industry benchmarks and threat intelligence Optimize security operations using SIEM and SOAR technologies Securely manage secrets, keys, and certificates in cloud environments Who this book is for This book targets is for IT professionals pursuing the Microsoft Cybersecurity Architect Expert SC-100 certification. Familiarity with the principles of administering core features and services within Microsoft Azure, Microsoft 365 and on-premises related technologies (server, active directory, networks) are needed. Prior knowledge of integration of these technologies with each other will also be beneficial. |
| defender external attack surface management: The Definitive Guide to KQL Mark Morowczynski, Rod Trent, Matthew Zorich, 2024-05-16 Turn the avalanche of raw data from Azure Data Explorer, Azure Monitor, Microsoft Sentinel, and other Microsoft data platforms into actionable intelligence with KQL (Kusto Query Language). Experts in information security and analysis guide you through what it takes to automate your approach to risk assessment and remediation, speeding up detection time while reducing manual work using KQL. This accessible and practical guide—designed for a broad range of people with varying experience in KQL—will quickly make KQL second nature for information security. Solve real problems with Kusto Query Language— and build your competitive advantage: Learn the fundamentals of KQL—what it is and where it is used Examine the anatomy of a KQL query Understand why data summation and aggregation is important See examples of data summation, including count, countif, and dcount Learn the benefits of moving from raw data ingestion to a more automated approach for security operations Unlock how to write efficient and effective queries Work with advanced KQL operators, advanced data strings, and multivalued strings Explore KQL for day-to-day admin tasks, performance, and troubleshooting Use KQL across Azure, including app services and function apps Delve into defending and threat hunting using KQL Recognize indicators of compromise and anomaly detection Learn to access and contribute to hunting queries via GitHub and workbooks via Microsoft Entra ID |
| defender external attack surface management: Cloud Penetration Testing Kim Crawley, 2023-11-24 Get to grips with cloud exploits, learn the fundamentals of cloud security, and secure your organization's network by pentesting AWS, Azure, and GCP effectively Key Features Discover how enterprises use AWS, Azure, and GCP as well as the applications and services unique to each platform Understand the key principles of successful pentesting and its application to cloud networks, DevOps, and containerized networks (Docker and Kubernetes) Get acquainted with the penetration testing tools and security measures specific to each platform Purchase of the print or Kindle book includes a free PDF eBook Book DescriptionWith AWS, Azure, and GCP gaining prominence, understanding their unique features, ecosystems, and penetration testing protocols has become an indispensable skill, which is precisely what this pentesting guide for cloud platforms will help you achieve. As you navigate through the chapters, you’ll explore the intricacies of cloud security testing and gain valuable insights into how pentesters evaluate cloud environments effectively. In addition to its coverage of these cloud platforms, the book also guides you through modern methodologies for testing containerization technologies such as Docker and Kubernetes, which are fast becoming staples in the cloud ecosystem. Additionally, it places extended focus on penetration testing AWS, Azure, and GCP through serverless applications and specialized tools. These sections will equip you with the tactics and tools necessary to exploit vulnerabilities specific to serverless architecture, thus providing a more rounded skill set. By the end of this cloud security book, you’ll not only have a comprehensive understanding of the standard approaches to cloud penetration testing but will also be proficient in identifying and mitigating vulnerabilities that are unique to cloud environments.What you will learn Familiarize yourself with the evolution of cloud networks Navigate and secure complex environments that use more than one cloud service Conduct vulnerability assessments to identify weak points in cloud configurations Secure your cloud infrastructure by learning about common cyber attack techniques Explore various strategies to successfully counter complex cloud attacks Delve into the most common AWS, Azure, and GCP services and their applications for businesses Understand the collaboration between red teamers, cloud administrators, and other stakeholders for cloud pentesting Who this book is for This book is for aspiring Penetration Testers, and the Penetration Testers seeking specialized skills for leading cloud platforms—AWS, Azure, and GCP. Those working in defensive security roles will also find this book useful to extend their cloud security skills. |
| defender external attack surface management: SQL Server 2022 Administration Inside Out Randolph West, William Assaf, Elizabeth Noble, Meagan Longoria, Joseph D'Antoni, Louis Davidson, 2023-04-27 Conquer SQL Server 2022 and Azure SQL administration from the inside out! Dive into SQL Server 2022 administration and grow your Microsoft SQL Server data platform skillset. This well-organized reference packs in timesaving solutions, tips, and workarounds, all you need to plan, implement, deploy, provision, manage, and secure SQL Server 2022 in any environment: on-premises, cloud, or hybrid, including detailed, dedicated chapters on Azure SQL Database and Azure SQL Managed Instance. Nine experts thoroughly tour DBA capabilities available in the SQL Server 2022 Database Engine, SQL Server Data Tools, SQL Server Management Studio, PowerShell, and much more. You'll find extensive new coverage of Azure SQL Database and Azure SQL Managed Instance, both as a cloud platform of SQL Server and in their new integrations with SQL Server 2022, information available in no other book. Discover how experts tackle today's essential tasks and challenge yourself to new levels of mastery. Identify low-hanging fruit and practical, easy wins for improving SQL Server administration Get started with modern SQL Server tools, including SQL Server Management Studio, and Azure Data Studio Upgrade your SQL Server administration skillset to new features of SQL Server 2022, Azure SQL Database, Azure SQL Managed Instance, and SQL Server on Linux Design and implement modern on-premises database infrastructure, including Kubernetes Leverage data virtualization of third-party or non-relational data sources Monitor SQL instances for corruption, index activity, fragmentation, and extended events Automate maintenance plans, database mail, jobs, alerts, proxies, and event forwarding Protect data through encryption, privacy, and auditing Provision, manage, scale and secure, and bidirectionally synchronize Microsoft's powerful Azure SQL Managed Instance Understand and enable new Intelligent Query Processing features to increase query concurrency Prepare a best-practice runbook for disaster recovery Use SQL Server 2022 features to span infrastructure across hybrid environments |
| defender external attack surface management: Exam Ref AZ-500 Microsoft Azure Security Technologies Yuri Diogenes, Orin Thomas, 2024-10-30 Prepare for Microsoft Exam AZ-500 and demonstrate your real-world knowledge of Microsoft Azure security, including the skills needed to implement security controls, maintain an organization’s security posture, and identify and remediate security vulnerabilities. Designed for professionals with Azure security experience, this Exam Ref focuses on the critical thinking and decision-making acumen needed for success at the Microsoft Certified: Azure Security Engineer Associate level. Focus on the expertise measured by these objectives: Manage identity and access Secure networking Secure compute, storage, and databases Manage security operations This Microsoft Exam Ref: Organizes its coverage by exam objectives Features strategic, what-if scenarios to challenge you Assumes you have experience in administration of Microsoft Azure and hybrid environments, and familiarity with compute, network, and storage in Azure and Microsoft Entra ID About the Exam Exam AZ-500 focuses on knowledge needed to manage Microsoft Entra identities, authentication, authorization, and application access; plan and implement security for virtual networks, as well as for private and public access to Azure resources; plan and implement advanced security for compute, storage, Azure SQL Database, and Azure SQL managed instance; plan, implement, and manage governance for security, manage security posture and configure and manage threat protection using Microsoft Defender for Cloud, and configure and manage security monitoring and automation solutions. About Microsoft Certification Passing this exam fulfills your requirements for the Microsoft Certified: Azure Security Engineer Associate credential, demonstrating your expertise as an Azure Security Engineer capable of managing an organization’s security posture, identifying, and remediating vulnerabilities, performing threat modeling, implementing threat protection, responding to security incident escalations, and participating in the planning and implementation of cloud-based management and security. See full details at: microsoft.com/learn |
| defender external attack surface management: Microsoft Unified XDR and SIEM Solution Handbook Raghu Boddu, Sami Lamppu, 2024-02-29 A practical guide to deploying, managing, and leveraging the power of Microsoft's unified security solution Key Features Learn how to leverage Microsoft's XDR and SIEM for long-term resilience Explore ways to elevate your security posture using Microsoft Defender tools such as MDI, MDE, MDO, MDA, and MDC Discover strategies for proactive threat hunting and rapid incident response Purchase of the print or Kindle book includes a free PDF eBook Book DescriptionTired of dealing with fragmented security tools and navigating endless threat escalations? Take charge of your cyber defenses with the power of Microsoft's unified XDR and SIEM solution. This comprehensive guide offers an actionable roadmap to implementing, managing, and leveraging the full potential of the powerful unified XDR + SIEM solution, starting with an overview of Zero Trust principles and the necessity of XDR + SIEM solutions in modern cybersecurity. From understanding concepts like EDR, MDR, and NDR and the benefits of the unified XDR + SIEM solution for SOC modernization to threat scenarios and response, you’ll gain real-world insights and strategies for addressing security vulnerabilities. Additionally, the book will show you how to enhance Secure Score, outline implementation strategies and best practices, and emphasize the value of managed XDR and SIEM solutions. That’s not all; you’ll also find resources for staying updated in the dynamic cybersecurity landscape. By the end of this insightful guide, you'll have a comprehensive understanding of XDR, SIEM, and Microsoft's unified solution to elevate your overall security posture and protect your organization more effectively.What you will learn Optimize your security posture by mastering Microsoft's robust and unified solution Understand the synergy between Microsoft Defender's integrated tools and Sentinel SIEM and SOAR Explore practical use cases and case studies to improve your security posture See how Microsoft's XDR and SIEM proactively disrupt attacks, with examples Implement XDR and SIEM, incorporating assessments and best practices Discover the benefits of managed XDR and SOC services for enhanced protection Who this book is for This comprehensive guide is your key to unlocking the power of Microsoft's unified XDR and SIEM offering. Whether you're a cybersecurity pro, incident responder, SOC analyst, or simply curious about these technologies, this book has you covered. CISOs, IT leaders, and security professionals will gain actionable insights to evaluate and optimize their security architecture with Microsoft's integrated solution. This book will also assist modernization-minded organizations to maximize existing licenses for a more robust security posture. |
| defender external attack surface management: The Defender’s Dilemma Martin C. Libicki, Lillian Ablon, Tim Webb, 2015-06-10 Cybersecurity is a constant, and, by all accounts growing, challenge. This report, the second in a multiphase study on the future of cybersecurity, reveals perspectives and perceptions from chief information security officers; examines the development of network defense measures—and the countermeasures that attackers create to subvert those measures; and explores the role of software vulnerabilities and inherent weaknesses. |
| defender external attack surface management: Proceedings of the Future Technologies Conference (FTC) 2024, Volume 2 Kohei Arai, |
| defender external attack surface management: Design and Deploy Microsoft Defender for IoT Puthiyavan Udayakumar, |
| defender external attack surface management: Ultimate Microsoft Cybersecurity Architect SC-100 Exam Guide Dr. K.V.N. Rajesh, 2024-05-24 TAGLINE Master Cybersecurity with SC-100: Your Path to Becoming a Certified Architect! KEY FEATURES ● Comprehensive coverage of SC-100 exam objectives and topics ● Real-world case studies for hands-on cybersecurity application ● Practical insights to master and crack the SC-100 certification to advance your career DESCRIPTION Ultimate Microsoft Cybersecurity Architect SC-100 Exam Guide is your definitive resource for mastering the SC-100 exam and advancing your career in cybersecurity. This comprehensive resource covers all exam objectives in detail, equipping you with the knowledge and skills needed to design and implement effective security solutions. Clear explanations and practical examples ensure you grasp key concepts such as threat modeling, security operations, and identity management. In addition to theoretical knowledge, the book includes real-world case studies and hands-on exercises to help you apply what you’ve learned in practical scenarios. Whether you are an experienced security professional seeking to validate your skills with the SC-100 certification or a newcomer aiming to enter the field, this resource is an invaluable tool. By equipping you with essential knowledge and practical expertise, it aids in your job role by enhancing your ability to protect and secure your organization’s critical assets. With this guide, you will be well on your way to becoming a certified cybersecurity architect. WHAT WILL YOU LEARN ● Design and implement comprehensive cybersecurity architectures and solutions. ● Conduct thorough threat modeling and detailed risk assessments. ● Develop and manage effective security operations and incident response plans. ● Implement and maintain advanced identity and access control systems. ● Apply industry best practices for securing networks, data, and applications. ● Prepare confidently and thoroughly for the SC-100 certification exam. ● Integrate Microsoft security technologies into your cybersecurity strategies. ● Analyze and mitigate cybersecurity threats using real-world scenarios. WHO IS THIS BOOK FOR? This book is tailored for IT professionals, security analysts, administrators, and network professionals seeking to enhance their cybersecurity expertise and advance their careers through SC-100 certification. Individuals with foundational knowledge in cybersecurity principles, including experience in security operations, identity management, and network security, will find this book invaluable for learning industry best practices and practical applications on their path to mastering the field. TABLE OF CONTENTS 1. Zero Trust Frameworks and Best Practices Simplified 2. Cloud Blueprint-Conforming Solutions 3. Microsoft Security Framework-Compliant Solutions 4. Cybersecurity Threat Resilience Design 5. Compliance-Driven Solution Architecture 6. Identity and Access Control Design 7. Designing Access Security for High-Privilege Users 8. Security Operations Design 9. Microsoft 365 Security Design 10. Application Security Design 11. Data Protection Strategy Development 12. Security Specifications for Cloud Services 13. Hybrid and Multi-Cloud Security Framework 14. Secure Endpoint Solution Design 15. Secure Network Design Index |
| defender external attack surface management: Exam Ref SC-900 Microsoft Security, Compliance, and Identity Fundamentals Yuri Diogenes, Nicholas DiCola, Mark Morowczynski, Kevin McKinnerney, 2024-04-22 Prepare for Microsoft Exam SC-900 and demonstrate your real-world knowledge of the fundamentals of security, compliance, and identity (SCI) across cloud-based and related Microsoft services. Designed for business stakeholders, new and existing IT professionals, functional consultants, and students, this Exam Ref focuses on the critical thinking and decision-making acumen needed for success at the Microsoft Certified: Security, Compliance, and Identity Fundamentals level. Focus on the expertise measured by these objectives: Describe the concepts of security, compliance, and identity Describe the capabilities of Microsoft identity and access management solutions Describe the capabilities of Microsoft security solutions Describe the capabilities of Microsoft compliance solutions This Microsoft Exam Ref: Organizes its coverage by exam objectives Features strategic, what-if scenarios to challenge you Assumes you are a business user, stakeholder, consultant, professional, or student who wants to create holistic, end-to-end solutions with Microsoft security, compliance, and identity technologies |
| defender external attack surface management: NetAdmin 網管人 09月號/2022 第200期 網管人編輯部, 2022-09-02 封面故事 資料驅動營運 自助AI成形 Data Fabric建構抽象整合層 混合多雲孤島資料重現價值 文◎洪羿漣 隨著營運產生的結構與非結構化資料快速增長,企業一方面運用傳統資料倉儲(Data Warehouse)彙整各式業務應用系統的關聯式資料庫,同時擴展整合大數據(Big Data)平台甚至是資料湖(Data Lake),以提供資料科學家、機器學習工程師等協同第一線業務部門進行商業智慧分析,藉由科學數據輔助洞察市場變化、提高產品品質等關鍵要素來提升營運競爭力。 然而當前混合雲/多雲的應用場景讓資料架構變得更加分散,使得資料孤島(Silo)問題再次浮上檯面,驅使IT領域興起運用Data Fabric架構,亦即基於檔案之間的Metadata建立虛擬連結、知識圖譜(Knowledge Graph)、自助服務機制,甚至制定資料治理策略,讓資料無須搬移即可提供資料科學家調用發揮商業價值。 專題報導 落實數位永續 雲優勢浮現 延伸資料框架實現雙軸轉型 上雲轉嫁淨零風險與負擔 文◎余采霏 在數位潮流、新冠疫情以及氣候變遷等多重影響下,數位轉型與淨零排放已成為企業不得不面對的課題,不僅必須打造更好的競爭優勢與使用體驗,同時兼顧減碳與提升能源使用效率,才能應對全球日益激烈競爭以及環境永續要求。如何將ESG(環境、社會、治理)納入數位轉型考量,讓這兩者平衡發展,已成為企業亟需面對的一大挑戰。 在新興的數位科技應用中,雲端技術與服務運用儼然已成為企業的重要策略之一,業界專家甚至認為,雲端運算將是協助企業更進一步走向淨零的絕對路徑。根據埃森哲(Accenture)調查,將地端IT基礎架構遷移到雲運算的企業,平均可減少84%的碳足跡。針對所謂全雲(Whole Cloud)市場,包含雲端服務、支撐雲端供應鏈基礎的硬體與軟體元件以及雲端相關的專業/代管服務等,調研機構IDC也預估全球的總支出將在2025年上看1.3兆美元,年複合成長率達16.9%。 數位與淨零的雙軸轉型已漸成趨勢,本期專題將邀請業界專家探討如何善用雲端邁向低碳永續時代,同時也將討論到產業現況以及資料在雙軸轉型中扮演的核心角色。 產業趨勢 身分存取安全持續演進 無密碼零信任成顯學 IAM技術發展兵分二路 特權帳號及身分治理正當紅 文◎曾瀞瑩 IAM為一套完整的身分存取安全策略、流程及工具,協助企業掌握用戶存取狀況,並依人員角色配置適當的權限,確保資源的存取是在合理的時間授權給具備資格的用戶,保護內部機敏資料,避免遭未經授權的攻擊者入侵;同時確認用戶角色與存取資源的關係是否匹配,以進行即時的存取權限調整。主要又可分成存取安全(Access Management,AM)與身分安全(Identity Management,IM)兩個子類別,隨著攻擊事件的演變,隱藏於身分安全更細部的問題逐漸浮出水面,為了解決造成攻擊發生的根源,因而發展出特權帳號管理(Privileged Access Management,PAM)和身分治理(Identity Governance and Administration,IGA)等解決方案。 深度觀點 惡意郵件再掀加密新伎倆 HTML附檔詐用瀏覽器 ASRC 2022上半年電子郵件安全觀察報告出爐 文◎高銘鍾 2022年第一季,所有企業都能明顯感覺到的威脅郵件,即是Emotet的濫發。Emotet的濫發,使用了各種藏匿及混淆的手段,用以躲避防毒及資安防護軟體的檢測,而其中最重要的一個手段就是「壓縮加密」。過去,在傳輸檔案前先經過「壓縮加密」,多半是為了保護機敏文件在傳輸過程中,不被傳遞管道的中間人取得或窺探的防護手段;而現在,卻經常成為惡意程式用以躲避資安檢測的保護傘。 第二季的電子郵件攻擊,以釣魚郵件占多數,其次是帶有加密病毒附件檔的郵件,其數量較第一季約成長四倍。透過大量連線攻擊的次數則約為第一季的兩倍。上半年觀察到「加密」手段及Follina漏洞的利用,至截稿前都沒有明顯趨緩的態勢。前者多半用於無針對性的廣泛攻擊,後者則多為國家級APT愛用的手法,值得大家留意後續的利用與發展。 技術論壇 開源入侵偵測系統AIDE 監控主機狀態警示攻擊 持續檢查檔案完整性 即時偵測系統異常變動 文◎吳惠麟 對於系統管理者而言,除了網路或服務中斷的災難外,另外一個最大的惡夢來源是系統被入侵而不自知。也因此,一般系統除了會部署防火牆(Firewall)設備外,通常也會部署入侵偵測系統(Intrusion Detection System,IDS)來偵測是否有惡意的行為正在攻擊系統。 以部署的類型來區分。入侵偵測系統大致可分為網路型入侵偵測系統(Network-based Intrusion Detection System,NIDS)及主機型入侵偵測系統(Host-based Intrusion Detection System,HIDS)。 NIDS通常部署在網段的閘道(Gateway)位置,以規則樣式(Rule Base)的方式監控整個網段內的通訊封包,並比對是否具有惡意的攻擊樣式,一旦發現具有惡意的攻擊行為正在進行,就會即時記錄該行為,甚至直接阻擋該來源的連線。此類設備部署較為簡單,僅須部署在網路的匝道上解析網段內的封包即可。 而HIDS是直接安裝在個別主機上,藉由監控主機上的系統資源如檔案紀錄檔或程序(Process)的變化來判別是否有惡意的行為,並採取適當的行動來防止相關的危害。 技術論壇 做好事前準備功課 無痛升級vSphere 7 虛擬化產品進入世代交替 舊版技術支援逐步終止 文◎王偉任 在企業和組織當中主流的vSphere 6.x虛擬化版本,無論是ESXi 6.x虛擬化平台、vCenter Server 6.x管理平台或vSAN 6.x超融合平台等等,即將在2022年10月15日達到「一般支援結束」(End Of General Support,EOGS)階段,改為進入下一個「技術指導結束」(End Of Technical Guidance,EOTG)階段。 所謂產品到達EOGS階段時,並不表示該版本的產品完全停止支援,在有限制的條件之下,VMware官方還是會提供一定程度的支援,但是大部分情況下給予的建議和解決方式都會是升級至新版本。 簡單來說,當產品到達EOGS一般支援結束階段時,便進入下一個生命週期EOTG技術指導階段,在這段期間以自助式入口網站方式提供技術支援,但是不提供電話線上支援,使用者可以透過線上提交SR的方式獲得支援,一旦到達EOTG技術指導階段結束後進入End of Support階段,該產品便完全停止支援。 |
| defender external attack surface management: Microsoft 365 Security Administration: MS-500 Exam Guide Peter Rising, 2020-06-19 Get up to speed with expert tips and techniques to help you prepare effectively for the MS-500 Exam Key FeaturesGet the right guidance and discover techniques to improve the effectiveness of your studying and prepare for the examExplore a wide variety of strategies for security and complianceGain knowledge that can be applied in real-world situationsBook Description The Microsoft 365 Security Administration (MS-500) exam is designed to measure your ability to perform technical tasks such as managing, implementing, and monitoring security and compliance solutions for Microsoft 365 environments. This book starts by showing you how to configure and administer identity and access within Microsoft 365. You will learn about hybrid identity, authentication methods, and conditional access policies with Microsoft Intune. Next, the book shows you how RBAC and Azure AD Identity Protection can be used to help you detect risks and secure information in your organization. You will also explore concepts, such as Advanced Threat Protection, Windows Defender ATP, and Threat Intelligence. As you progress, you will learn about additional tools and techniques to configure and manage Microsoft 365, including Azure Information Protection, Data Loss Prevention, and Cloud App Discovery and Security. The book also ensures you are well prepared to take the exam by giving you the opportunity to work through a mock paper, topic summaries, illustrations that briefly review key points, and real-world scenarios. By the end of this Microsoft 365 book, you will be able to apply your skills in the real world, while also being well prepared to achieve Microsoft certification. What you will learnGet up to speed with implementing and managing identity and accessUnderstand how to employ and manage threat protectionGet to grips with managing governance and compliance features in Microsoft 365Explore best practices for effective configuration and deploymentImplement and manage information protectionPrepare to pass the Microsoft exam and achieve certification with the help of self-assessment questions and a mock examWho this book is for This Microsoft certification book is designed to help IT professionals, administrators, or anyone looking to pursue a career in security administration by becoming certified with Microsoft's role-based qualification. Those trying to validate their skills and improve their competitive advantage with Microsoft 365 Security Administration will also find this book to be a useful resource. |
| defender external attack surface management: Microsoft Azure Security Center Yuri Diogenes, Tom Shinder, 2018-06-04 Discover high-value Azure security insights, tips, and operational optimizations This book presents comprehensive Azure Security Center techniques for safeguarding cloud and hybrid environments. Leading Microsoft security and cloud experts Yuri Diogenes and Dr. Thomas Shinder show how to apply Azure Security Center’s full spectrum of features and capabilities to address protection, detection, and response in key operational scenarios. You’ll learn how to secure any Azure workload, and optimize virtually all facets of modern security, from policies and identity to incident response and risk management. Whatever your role in Azure security, you’ll learn how to save hours, days, or even weeks by solving problems in most efficient, reliable ways possible. Two of Microsoft’s leading cloud security experts show how to: • Assess the impact of cloud and hybrid environments on security, compliance, operations, data protection, and risk management • Master a new security paradigm for a world without traditional perimeters • Gain visibility and control to secure compute, network, storage, and application workloads • Incorporate Azure Security Center into your security operations center • Integrate Azure Security Center with Azure AD Identity Protection Center and third-party solutions • Adapt Azure Security Center’s built-in policies and definitions for your organization • Perform security assessments and implement Azure Security Center recommendations • Use incident response features to detect, investigate, and address threats • Create high-fidelity fusion alerts to focus attention on your most urgent security issues • Implement application whitelisting and just-in-time VM access • Monitor user behavior and access, and investigate compromised or misused credentials • Customize and perform operating system security baseline assessments • Leverage integrated threat intelligence to identify known bad actors |
| defender external attack surface management: Microsoft Certified: Microsoft 365 Security Administrator Associate (MS-500) Cybellium, Welcome to the forefront of knowledge with Cybellium, your trusted partner in mastering the cutting-edge fields of IT, Artificial Intelligence, Cyber Security, Business, Economics and Science. Designed for professionals, students, and enthusiasts alike, our comprehensive books empower you to stay ahead in a rapidly evolving digital world. * Expert Insights: Our books provide deep, actionable insights that bridge the gap between theory and practical application. * Up-to-Date Content: Stay current with the latest advancements, trends, and best practices in IT, Al, Cybersecurity, Business, Economics and Science. Each guide is regularly updated to reflect the newest developments and challenges. * Comprehensive Coverage: Whether you're a beginner or an advanced learner, Cybellium books cover a wide range of topics, from foundational principles to specialized knowledge, tailored to your level of expertise. Become part of a global network of learners and professionals who trust Cybellium to guide their educational journey. www.cybellium.com |
| defender external attack surface management: FCC Record United States. Federal Communications Commission, 2016 |
| defender external attack surface management: Mathematics in Cyber Research Paul L. Goethals, Natalie M. Scala, Daniel T. Bennett, 2022-02-07 In the last decade, both scholars and practitioners have sought novel ways to address the problem of cybersecurity. Innovative outcomes have included applications such as blockchain as well as creative methods for cyber forensics, software development, and intrusion prevention. Accompanying these technological advancements, discussion on cyber matters at national and international levels has focused primarily on the topics of law, policy, and strategy. The objective of these efforts is typically to promote security by establishing agreements among stakeholders on regulatory activities. Varying levels of investment in cyberspace, however, comes with varying levels of risk; in some ways, this can translate directly to the degree of emphasis for pushing substantial change. At the very foundation or root of cyberspace systems and processes are tenets and rules governed by principles in mathematics. Topics such as encrypting or decrypting file transmissions, modeling networks, performing data analysis, quantifying uncertainty, measuring risk, and weighing decisions or adversarial courses of action represent a very small subset of activities highlighted by mathematics. To facilitate education and a greater awareness of the role of mathematics in cyber systems and processes, a description of research in this area is needed. Mathematics in Cyber Research aims to familiarize educators and young researchers with the breadth of mathematics in cyber-related research. Each chapter introduces a mathematical sub-field, describes relevant work in this field associated with the cyber domain, provides methods and tools, as well as details cyber research examples or case studies. Features One of the only books to bring together such a diverse and comprehensive range of topics within mathematics and apply them to cyber research. Suitable for college undergraduate students or educators that are either interested in learning about cyber-related mathematics or intend to perform research within the cyber domain. The book may also appeal to practitioners within the commercial or government industry sectors. Most national and international venues for collaboration and discussion on cyber matters have focused primarily on the topics of law, policy, strategy, and technology. This book is among the first to address the underpinning mathematics. |
| defender external attack surface management: Effective Model-Based Systems Engineering John M. Borky, Thomas H. Bradley, 2018-09-08 This textbook presents a proven, mature Model-Based Systems Engineering (MBSE) methodology that has delivered success in a wide range of system and enterprise programs. The authors introduce MBSE as the state of the practice in the vital Systems Engineering discipline that manages complexity and integrates technologies and design approaches to achieve effective, affordable, and balanced system solutions to the needs of a customer organization and its personnel. The book begins with a summary of the background and nature of MBSE. It summarizes the theory behind Object-Oriented Design applied to complex system architectures. It then walks through the phases of the MBSE methodology, using system examples to illustrate key points. Subsequent chapters broaden the application of MBSE in Service-Oriented Architectures (SOA), real-time systems, cybersecurity, networked enterprises, system simulations, and prototyping. The vital subject of system and architecture governance completes the discussion. The book features exercises at the end of each chapter intended to help readers/students focus on key points, as well as extensive appendices that furnish additional detail in particular areas. The self-contained text is ideal for students in a range of courses in systems architecture and MBSE as well as for practitioners seeking a highly practical presentation of MBSE principles and techniques. |
| defender external attack surface management: Network Security Assessment Chris R. McNab, Chris McNab, 2004 Covers offensive technologies by grouping and analyzing them at a higher level--from both an offensive and defensive standpoint--helping you design and deploy networks that are immune to offensive exploits, tools, and scripts. Chapters focus on the components of your network, the different services yourun, and how they can be attacked. Each chapter concludes with advice to network defenders on how to beat the attacks. |
| defender external attack surface management: The Animal's Defender and Zoophilist , 1888 |
| defender external attack surface management: Israel and the Cyber Threat Charles D. Freilich, Matthew S. Cohen, Gabi Siboni, 2023 This book offers the first comprehensive examination of Israeli policies and practice in both the civil and military cyber realms and insights into what other countries can learn from its experience. The book is designed for cyber theorists and practitioners, people interested in the Middle East, and general audiences. It explores how and why Israel has become a global cyber power, despite its small size, arguing that a combination of strategic and economic necessity, along with an innovative culture, has driven Israel's success. The Israeli cyber experience is studied in the lens of realist and constructivist international relations theories and analyzes many of the major quandaries facing cyber theorists and practitioners alike. The book focuses both on Israel's civil and military cyber strategies, including the organizational structures and policies it has put in place, national capacity building, including the unique contribution of the IDF and defense establishment to Israel's cyber ecosystem, and international cyber cooperation. It presents a comprehensive picture all significant cyber attacks conducted against Israel, including a comprehensive picture of Iran's cyber policies, institutions and capabilities. Particular attention is devoted to Israel's military cyber response, including the cyber attacks it has known to have conducted. Each chapter takes an in depth look at the major actions Israel has taken in a different dimension of the cyber realm, placing them in a broader context to help readers understand state behavior in the cyber realm generally. The book concludes with the first proposal for a comprehensive Israeli national cyber strategy-- |
| defender external attack surface management: Managing the Insider Threat Nick Catrantzos, 2022-11-30 Managing the Insider Threat: No Dark Corners and the Rising Tide Menace, Second Edition follows up on the success of – and insight provided by – the first edition, reframing the insider threat by distinguishing between sudden impact and slow onset (aka “rising tide”) insider attacks. This edition is fully updated with coverage from the previous edition having undergone extensive review and revision, including updating citations and publications that have been published in the last decade. Three new chapters drill down into the advanced exploration of rising tide threats, examining the nuanced complexities and presenting new tools such as the loyalty ledger (Chapter 10) and intensity scale (Chapter 11). New explorations of ambiguous situations and options for thwarting hostile insiders touch on examples that call for tolerance, friction, or radical turnaround (Chapter 11). Additionally, a more oblique discussion (Chapter 12) explores alternatives for bolstering organizational resilience in circumstances where internal threats show signs of gaining ascendancy over external ones, hence a need for defenders to promote clearer thinking as a means of enhancing resilience against hostile insiders. Coverage goes on to identify counters to such pitfalls, called lifelines, providing examples of questions rephrased to encourage clear thinking and reasoned debate without inviting emotional speech that derails both. The goal is to redirect hostile insiders, thereby offering alternatives to bolstering organizational resilience – particularly in circumstances where internal threats show signs of gaining ascendancy over external ones, hence a need for defenders to promote clearer thinking as a means of enhancing resilience against hostile insiders. Defenders of institutions and observers of human rascality will find, in Managing the Insider Threat, Second Edition, new tools and applications for the No Dark Corners approach to countering a vexing predicament that seems to be increasing in frequency, scope, and menace. |
| defender external attack surface management: The Digital Supply Chain Bart L. MacCarthy, Dmitry Ivanov, 2022-06-09 The Digital Supply Chain is a thorough investigation of the underpinning technologies, systems, platforms and models that enable the design, management, and control of digitally connected supply chains. The book examines the origin, emergence and building blocks of the Digital Supply Chain, showing how and where the virtual and physical supply chain worlds interact. It reviews the enabling technologies that underpin digitally controlled supply chains and examines how the discipline of supply chain management is affected by enhanced digital connectivity, discussing purchasing and procurement, supply chain traceability, performance management, and supply chain cyber security. The book provides a rich set of cases on current digital practices and challenges across a range of industrial and business sectors including the retail, textiles and clothing, the automotive industry, food, shipping and international logistics, and SMEs. It concludes with research frontiers, discussing network science for supply chain analysis, challenges in Blockchain applications and in digital supply chain surveillance, as well as the need to re-conceptualize supply chain strategies for digitally transformed supply chains. |
| defender external attack surface management: Penetration Testing Azure for Ethical Hackers David Okeyode, Karl Fosaaen, Charles Horton, 2021-11-25 Simulate real-world attacks using tactics, techniques, and procedures that adversaries use during cloud breaches Key FeaturesUnderstand the different Azure attack techniques and methodologies used by hackersFind out how you can ensure end-to-end cybersecurity in the Azure ecosystemDiscover various tools and techniques to perform successful penetration tests on your Azure infrastructureBook Description “If you're looking for this book, you need it.” — 5* Amazon Review Curious about how safe Azure really is? Put your knowledge to work with this practical guide to penetration testing. This book offers a no-faff, hands-on approach to exploring Azure penetration testing methodologies, which will get up and running in no time with the help of real-world examples, scripts, and ready-to-use source code. As you learn about the Microsoft Azure platform and understand how hackers can attack resources hosted in the Azure cloud, you'll find out how to protect your environment by identifying vulnerabilities, along with extending your pentesting tools and capabilities. First, you'll be taken through the prerequisites for pentesting Azure and shown how to set up a pentesting lab. You'll then simulate attacks on Azure assets such as web applications and virtual machines from anonymous and authenticated perspectives. In the later chapters, you'll learn about the opportunities for privilege escalation in Azure tenants and ways in which an attacker can create persistent access to an environment. By the end of this book, you'll be able to leverage your ethical hacking skills to identify and implement different tools and techniques to perform successful penetration tests on your own Azure infrastructure. What you will learnIdentify how administrators misconfigure Azure services, leaving them open to exploitationUnderstand how to detect cloud infrastructure, service, and application misconfigurationsExplore processes and techniques for exploiting common Azure security issuesUse on-premises networks to pivot and escalate access within AzureDiagnose gaps and weaknesses in Azure security implementationsUnderstand how attackers can escalate privileges in Azure ADWho this book is for This book is for new and experienced infosec enthusiasts who want to learn how to simulate real-world Azure attacks using tactics, techniques, and procedures (TTPs) that adversaries use in cloud breaches. Any technology professional working with the Azure platform (including Azure administrators, developers, and DevOps engineers) interested in learning how attackers exploit vulnerabilities in Azure hosted infrastructure, applications, and services will find this book useful. |
| defender external attack surface management: MCE Microsoft Certified Expert Cybersecurity Architect Study Guide Kathiravan Udayakumar, Puthiyavan Udayakumar, 2023-04-12 Prep for the SC-100 exam like a pro with Sybex’ latest Study Guide In the MCE Microsoft Certified Expert Cybersecurity Architect Study Guide: Exam SC-100, a team of dedicated software architects delivers an authoritative and easy-to-follow guide to preparing for the SC-100 Cybersecurity Architect certification exam offered by Microsoft. In the book, you’ll find comprehensive coverage of the objectives tested by the exam, covering the evaluation of Governance Risk Compliance technical and security operations strategies, the design of Zero Trust strategies and architectures, and data and application strategy design. With the information provided by the authors, you’ll be prepared for your first day in a new role as a cybersecurity architect, gaining practical, hands-on skills with modern Azure deployments. You’ll also find: In-depth discussions of every single objective covered by the SC-100 exam and, by extension, the skills necessary to succeed as a Microsoft cybersecurity architect Critical information to help you obtain a widely sought-after credential that is increasingly popular across the industry (especially in government roles) Valuable online study tools, including hundreds of bonus practice exam questions, electronic flashcards, and a searchable glossary of crucial technical terms An essential roadmap to the SC-100 exam and a new career in cybersecurity architecture on the Microsoft Azure cloud platform, MCE Microsoft Certified Expert Cybersecurity Architect Study Guide: Exam SC-100 is also ideal for anyone seeking to improve their knowledge and understanding of cloud-based management and security. |
| defender external attack surface management: The Perfect Weapon David E. Sanger, 2018-06-19 NOW AN HBO® DOCUMENTARY FROM AWARD-WINNING DIRECTOR JOHN MAGGIO • “An important—and deeply sobering—new book about cyberwarfare” (Nicholas Kristof, New York Times), now updated with a new chapter. The Perfect Weapon is the startling inside story of how the rise of cyberweapons transformed geopolitics like nothing since the invention of the atomic bomb. Cheap to acquire, easy to deny, and usable for a variety of malicious purposes, cyber is now the weapon of choice for democracies, dictators, and terrorists. Two presidents—Bush and Obama—drew first blood with Operation Olympic Games, which used malicious code to blow up Iran’s nuclear centrifuges, and yet America proved remarkably unprepared when its own weapons were stolen from its arsenal and, during President Trump’s first year, turned back on the United States and its allies. And if Obama would begin his presidency by helping to launch the new era of cyberwar, he would end it struggling unsuccessfully to defend the 2016 U.S. election from interference by Russia, with Vladimir Putin drawing on the same playbook he used to destabilize Ukraine. Moving from the White House Situation Room to the dens of Chinese government hackers to the boardrooms of Silicon Valley, New York Times national security correspondent David Sanger reveals a world coming face-to-face with the perils of technological revolution, where everyone is a target. “Timely and bracing . . . With the deep knowledge and bright clarity that have long characterized his work, Sanger recounts the cunning and dangerous development of cyberspace into the global battlefield of the twenty-first century.”—Washington Post |
| defender external attack surface management: Command Of The Air General Giulio Douhet, 2014-08-15 In the pantheon of air power spokesmen, Giulio Douhet holds center stage. His writings, more often cited than perhaps actually read, appear as excerpts and aphorisms in the writings of numerous other air power spokesmen, advocates-and critics. Though a highly controversial figure, the very controversy that surrounds him offers to us a testimonial of the value and depth of his work, and the need for airmen today to become familiar with his thought. The progressive development of air power to the point where, today, it is more correct to refer to aerospace power has not outdated the notions of Douhet in the slightest In fact, in many ways, the kinds of technological capabilities that we enjoy as a global air power provider attest to the breadth of his vision. Douhet, together with Hugh “Boom” Trenchard of Great Britain and William “Billy” Mitchell of the United States, is justly recognized as one of the three great spokesmen of the early air power era. This reprint is offered in the spirit of continuing the dialogue that Douhet himself so perceptively began with the first edition of this book, published in 1921. Readers may well find much that they disagree with in this book, but also much that is of enduring value. The vital necessity of Douhet’s central vision-that command of the air is all important in modern warfare-has been proven throughout the history of wars in this century, from the fighting over the Somme to the air war over Kuwait and Iraq. |
| defender external attack surface management: Moving Target Defense Sushil Jajodia, Anup K. Ghosh, Vipin Swarup, Cliff Wang, X. Sean Wang, 2011-08-26 Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats was developed by a group of leading researchers. It describes the fundamental challenges facing the research community and identifies new promising solution paths. Moving Target Defense which is motivated by the asymmetric costs borne by cyber defenders takes an advantage afforded to attackers and reverses it to advantage defenders. Moving Target Defense is enabled by technical trends in recent years, including virtualization and workload migration on commodity systems, widespread and redundant network connectivity, instruction set and address space layout randomization, just-in-time compilers, among other techniques. However, many challenging research problems remain to be solved, such as the security of virtualization infrastructures, secure and resilient techniques to move systems within a virtualized environment, automatic diversification techniques, automated ways to dynamically change and manage the configurations of systems and networks, quantification of security improvement, potential degradation and more. Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats is designed for advanced -level students and researchers focused on computer science, and as a secondary text book or reference. Professionals working in this field will also find this book valuable. |
| defender external attack surface management: NETWORKING 2011 Jordi Domingo-Pascual, Pietro Manzoni, Sergio Palazzo, Ana Pont, Caterina Scoglio, 2011-04-28 The two-volume set LNCS 6640 and 6641 constitutes the refereed proceedings of the 10th International IFIP TC 6 Networking Conference held in Valencia, Spain, in May 2011. The 64 revised full papers presented were carefully reviewed and selected from a total of 294 submissions. The papers feature innovative research in the areas of applications and services, next generation Internet, wireless and sensor networks, and network science. The first volume includes 36 papers and is organized in topical sections on anomaly detection, content management, DTN and sensor networks, energy efficiency, mobility modeling, network science, network topology configuration, next generation Internet, and path diversity. |
| defender external attack surface management: Microsoft Azure Security Infrastructure Yuri Diogenes, Tom Shinder, Debra Shinder, 2016-08-19 This is the eBook of the printed book and may not include any media, website access codes, or print supplements that may come packaged with the bound book. Implement maximum control, security, and compliance processes in Azure cloud environments In Microsoft Azure Security Infrastructure,1/e three leading experts show how to plan, deploy, and operate Microsoft Azure with outstanding levels of control, security, and compliance. You’ll learn how to prepare infrastructure with Microsoft’s integrated tools, prebuilt templates, and managed services–and use these to help safely build and manage any enterprise, mobile, web, or Internet of Things (IoT) system. The authors guide you through enforcing, managing, and verifying robust security at physical, network, host, application, and data layers. You’ll learn best practices for security-aware deployment, operational management, threat mitigation, and continuous improvement–so you can help protect all your data, make services resilient to attack, and stay in control no matter how your cloud systems evolve. Three Microsoft Azure experts show you how to: • Understand cloud security boundaries and responsibilities • Plan for compliance, risk management, identity/access management, operational security, and endpoint and data protection • Explore Azure’s defense-in-depth security architecture • Use Azure network security patterns and best practices • Help safeguard data via encryption, storage redundancy, rights management, database security, and storage security • Help protect virtual machines with Microsoft Antimalware for Azure Cloud Services and Virtual Machines • Use the Microsoft Azure Key Vault service to help secure cryptographic keys and other confidential information • Monitor and help protect Azure and on-premises resources with Azure Security Center and Operations Management Suite • Effectively model threats and plan protection for IoT systems • Use Azure security tools for operations, incident response, and forensic investigation |
| defender external attack surface management: Industrial Cybersecurity Pascal Ackerman, 2021-10-07 A second edition filled with new and improved content, taking your ICS cybersecurity journey to the next level Key Features Architect, design, and build ICS networks with security in mind Perform a variety of security assessments, checks, and verifications Ensure that your security processes are effective, complete, and relevant Book DescriptionWith Industrial Control Systems (ICS) expanding into traditional IT space and even into the cloud, the attack surface of ICS environments has increased significantly, making it crucial to recognize your ICS vulnerabilities and implement advanced techniques for monitoring and defending against rapidly evolving cyber threats to critical infrastructure. This second edition covers the updated Industrial Demilitarized Zone (IDMZ) architecture and shows you how to implement, verify, and monitor a holistic security program for your ICS environment. You'll begin by learning how to design security-oriented architecture that allows you to implement the tools, techniques, and activities covered in this book effectively and easily. You'll get to grips with the monitoring, tracking, and trending (visualizing) and procedures of ICS cybersecurity risks as well as understand the overall security program and posture/hygiene of the ICS environment. The book then introduces you to threat hunting principles, tools, and techniques to help you identify malicious activity successfully. Finally, you'll work with incident response and incident recovery tools and techniques in an ICS environment. By the end of this book, you'll have gained a solid understanding of industrial cybersecurity monitoring, assessments, incident response activities, as well as threat hunting.What you will learn Monitor the ICS security posture actively as well as passively Respond to incidents in a controlled and standard way Understand what incident response activities are required in your ICS environment Perform threat-hunting exercises using the Elasticsearch, Logstash, and Kibana (ELK) stack Assess the overall effectiveness of your ICS cybersecurity program Discover tools, techniques, methodologies, and activities to perform risk assessments for your ICS environment Who this book is for If you are an ICS security professional or anyone curious about ICS cybersecurity for extending, improving, monitoring, and validating your ICS cybersecurity posture, then this book is for you. IT/OT professionals interested in entering the ICS cybersecurity monitoring domain or searching for additional learning material for different industry-leading cybersecurity certifications will also find this book useful. |
| defender external attack surface management: Introducing Windows 10 for IT Professionals Ed Bott, 2016-02-18 Get a head start evaluating Windows 10--with technical insights from award-winning journalist and Windows expert Ed Bott. This guide introduces new features and capabilities, providing a practical, high-level overview for IT professionals ready to begin deployment planning now. This edition was written after the release of Windows 10 version 1511 in November 2015 and includes all of its enterprise-focused features. The goal of this book is to help you sort out what’s new in Windows 10, with a special emphasis on features that are different from the Windows versions you and your organization are using today, starting with an overview of the operating system, describing the many changes to the user experience, and diving deep into deployment and management tools where it’s necessary. |
| defender external attack surface management: The Basics of Hacking and Penetration Testing Patrick Engebretson, 2013-06-24 The Basics of Hacking and Penetration Testing, Second Edition, serves as an introduction to the steps required to complete a penetration test or perform an ethical hack from beginning to end. The book teaches students how to properly utilize and interpret the results of the modern-day hacking tools required to complete a penetration test. It provides a simple and clean explanation of how to effectively utilize these tools, along with a four-step methodology for conducting a penetration test or hack, thus equipping students with the know-how required to jump start their careers and gain a better understanding of offensive security.Each chapter contains hands-on examples and exercises that are designed to teach learners how to interpret results and utilize those results in later phases. Tool coverage includes: Backtrack Linux, Google reconnaissance, MetaGooFil, dig, Nmap, Nessus, Metasploit, Fast Track Autopwn, Netcat, and Hacker Defender rootkit. This is complemented by PowerPoint slides for use in class.This book is an ideal resource for security consultants, beginning InfoSec professionals, and students. - Each chapter contains hands-on examples and exercises that are designed to teach you how to interpret the results and utilize those results in later phases - Written by an author who works in the field as a Penetration Tester and who teaches Offensive Security, Penetration Testing, and Ethical Hacking, and Exploitation classes at Dakota State University - Utilizes the Kali Linux distribution and focuses on the seminal tools required to complete a penetration test |
| defender external attack surface management: Microsoft Defender for Endpoint in Depth Paul Huijbregts, Joe Anich, Justen Graves, 2023-03-03 Gain an in-depth understanding of Microsoft Defender 365, explore its features, and learn successful implementation strategies with this expert-led practitioner's guide. Key Features Understand the history of MDE, its capabilities, and how you can keep your organization secure Learn to implement, operationalize, and troubleshoot MDE from both IT and SecOps perspectives Leverage useful commands, tips, tricks, and real-world insights shared by industry experts Purchase of the print or Kindle book includes a free PDF eBook Book DescriptionWith all organizational data and trade secrets being digitized, the threat of data compromise, unauthorized access, and cyberattacks has increased exponentially. Microsoft Defender for Endpoint (MDE) is a market-leading cross-platform endpoint security solution that enables you to prevent, detect, investigate, and respond to threats. MDE helps strengthen the security posture of your organization. This book starts with a history of the product and a primer on its various features. From prevention to attack surface reduction, detection, and response, you’ll learn about the features, their applicability, common misconceptions, and caveats. After planning, preparation, deployment, and configuration toward successful implementation, you’ll be taken through a day in the life of a security analyst working with the product. You’ll uncover common issues, techniques, and tools used for troubleshooting along with answers to some of the most common challenges cybersecurity professionals face. Finally, the book will wrap up with a reference guide with tips and tricks to maintain a strong cybersecurity posture. By the end of the book, you’ll have a deep understanding of Microsoft Defender for Endpoint and be well equipped to keep your organization safe from different forms of cyber threats.What you will learn Understand the backstory of Microsoft Defender for Endpoint Discover different features, their applicability, and caveats Prepare and plan a rollout within an organization Explore tools and methods to successfully operationalize the product Implement continuous operations and improvement to your security posture Get to grips with the day-to-day of SecOps teams operating the product Deal with common issues using various techniques and tools Uncover commonly used commands, tips, and tricks Who this book is for This book is for cybersecurity professionals and incident responders looking to increase their knowledge of MDE and its underlying components while learning to prepare, deploy, and operationalize the product. A basic understanding of general systems management, administration, endpoint security, security baselines, and basic networking is required. |
| defender external attack surface management: Glossary of Key Information Security Terms Richard Kissel, 2011-05 This glossary provides a central resource of definitions most commonly used in Nat. Institute of Standards and Technology (NIST) information security publications and in the Committee for National Security Systems (CNSS) information assurance publications. Each entry in the glossary points to one or more source NIST publications, and/or CNSSI-4009, and/or supplemental sources where appropriate. This is a print on demand edition of an important, hard-to-find publication. |
| defender external attack surface management: Learning Microsoft Endpoint Manager Scott Duffey, 2021-03-08 The first-ever book on Microsoft Endpoint Manager (MEM), written by Microsoft Program Manager Scott Duffey! Did you just land an IT job only to learn your new employer is using Microsoft Endpoint Manager (MEM) for device management? Perhaps you stretched the truth on your resume and suggested you knew it already? Maybe you are an old-hat, know-your-stuff device management pro for another MDM or PC management product but your company is now migrating? Whatever the case, this book will be your zero-to-hero ramp-up guide. Microsoft Endpoint Manager has rapidly become the tool of choice for IT professionals around the world for managing corporate and personal devices but the learning curve can be steep. This book can be used to fast-track your understanding of MEM by laying out the concepts, including examples and tips for the real world, along with guided lab exercises. Topics include: • Microsoft Endpoint Manager – What it is and how to use it. • How to set up a MEM learning environment. • Mobile Device Management (MDM) for iOS, macOS, Android, and Windows 10 devices with Microsoft Intune. • Device enrollment concepts for Personal and Corporate. devices including Windows Autopilot, Apple Automated Device Enrollment (ADE), and Google ZeroTouch • Endpoint Security configuration in MEM including device Compliance and Azure AD Conditional Access across Microsoft Intune, Configuration Manager, Azure AD, Microsoft Defender for Endpoint, and Office 365. • Deploying, protecting, and configuring mobile and desktop applications with Microsoft Intune. |
| defender external attack surface management: Microsoft Sentinel in Action Richard Diver, Gary Bushey, John Perkins, 2022-02-10 Learn how to set up, configure, and use Microsoft Sentinel to provide security incident and event management services for your multi-cloud environment Key FeaturesCollect, normalize, and analyze security information from multiple data sourcesIntegrate AI, machine learning, built-in and custom threat analyses, and automation to build optimal security solutionsDetect and investigate possible security breaches to tackle complex and advanced cyber threatsBook Description Microsoft Sentinel is a security information and event management (SIEM) tool developed by Microsoft that helps you integrate cloud security and artificial intelligence (AI). This book will teach you how to implement Microsoft Sentinel and understand how it can help detect security incidents in your environment with integrated AI, threat analysis, and built-in and community-driven logic. The first part of this book will introduce you to Microsoft Sentinel and Log Analytics, then move on to understanding data collection and management, as well as how to create effective Microsoft Sentinel queries to detect anomalous behaviors and activity patterns. The next part will focus on useful features, such as entity behavior analytics and Microsoft Sentinel playbooks, along with exploring the new bi-directional connector for ServiceNow. In the next part, you'll be learning how to develop solutions that automate responses needed to handle security incidents and find out more about the latest developments in security, techniques to enhance your cloud security architecture, and explore how you can contribute to the security community. By the end of this book, you'll have learned how to implement Microsoft Sentinel to fit your needs and protect your environment from cyber threats and other security issues. What you will learnImplement Log Analytics and enable Microsoft Sentinel and data ingestion from multiple sourcesTackle Kusto Query Language (KQL) codingDiscover how to carry out threat hunting activities in Microsoft SentinelConnect Microsoft Sentinel to ServiceNow for automated ticketingFind out how to detect threats and create automated responses for immediate resolutionUse triggers and actions with Microsoft Sentinel playbooks to perform automationsWho this book is for You'll get the most out of this book if you have a good grasp on other Microsoft security products and Azure, and are now looking to expand your knowledge to incorporate Microsoft Sentinel. Security experts who use an alternative SIEM tool and want to adopt Microsoft Sentinel as an additional or a replacement service will also find this book useful. |
Boats & Motors | Defender Marine
Shop boats, motors, outboards and more from Defender Marine, the largest independent marine retailer in the …
Marine and Boat Supplies - Marine Outfitters Of Choice
Defender Marine offers boat supplies, inflatable boats and outboard motors from top manufacturers. All your …
Ventilation - Cabin & Galley | Defender Marine
Defender Marine offers boat supplies, inflatable boats and outboard motors from top manufacturers. All your …
Defender Warehouse Outlet Store | Defender Marine
Our Warehouse Outlet Store is located at 42 Great Neck Road in Waterford, Connecticut, conveniently located …
Halyard & D Shackles - Sailing Hardware - Sailing | Defende…
Defender Marine offers boat supplies, inflatable boats and outboard motors from top manufacturers. All your …
Boats & Motors | Defender Marine
Shop boats, motors, outboards and more from Defender Marine, the largest independent marine retailer in the US. As …
Marine and Boat Supplies - Marine Outfitters Of Choice - Defender
Defender Marine offers boat supplies, inflatable boats and outboard motors from top manufacturers. All your boat supplies …
Ventilation - Cabin & Galley | Defender Marine
Defender Marine offers boat supplies, inflatable boats and outboard motors from top manufacturers. All your boat supplies …
Defender Warehouse Outlet Store | Defender Marine
Our Warehouse Outlet Store is located at 42 Great Neck Road in Waterford, Connecticut, conveniently located minutes from I-95, …
Halyard & D Shackles - Sailing Hardware - Sailing | Defender Mar…
Defender Marine offers boat supplies, inflatable boats and outboard motors from top manufacturers. All your boat supplies …
