Take a look at our Security books. Shulph carries a great selection of Security books, and we are always adding more.
Learn the intricacies of managing Azure AD, Azure AD Connect as well as Active Directory for administration on cloud and Windows Server 2019 Key Features Expert solutions for the federation, certificates, security, and monitoring with Active Directory Explore Azure AD and AD Connect for effective administration on cloud Automate security tasks using Active Directory and PowerShell Book Description Active Directory is an administration system for Windows administrators to automate network, security and access management tasks in the Windows infrastructure. This book starts off with a detailed focus on forests, domains, trusts, schemas and partitions. Next, you learn how to manage domain controllers, organizational units and the default containers. Going forward, you deep dive into managing Active Directory sites as well as identifying and solving replication problems. The next set of chapters covers the different components of Active Directory and discusses the management of users, groups and computers. You also go through recipes that help you manage your Active Directory domains, manage user and groups objects and computer accounts, expiring group memberships and group Managed Service Accounts with PowerShell. You learn how to work with Group Policy and how to get the most out of it. The last set of chapters covers federation, security and monitoring. You will also learn about Azure Active Directory and how to integrate on-premises Active Directory with Azure AD. You learn how Azure AD Connect synchronization works, which will help you manage Azure AD. By the end of the book, you have learned in detail about Active Directory and Azure AD, too. What you will learn Manage new Active Directory features, such as the Recycle Bin, group Managed Service Accounts, and fine-grained password policies Work with Active Directory from the command line and use Windows PowerShell to automate tasks Create and remove forests, domains, and trusts Create groups, modify group scope and type, and manage memberships Delegate control, view and modify permissions Optimize Active Directory and Azure AD in terms of security Who this book is for This book will cater to administrators of existing Active Directory Domain Services environments and/or Azure AD tenants, looking for guidance to optimize their day-to-day effectiveness. Basic networking and Windows Server Operating System knowledge would come in handy.
Explore open-source Linux tools and advanced binary analysis techniques to analyze malware, identify vulnerabilities in code, and mitigate information security risks Key Features Adopt a methodological approach to binary ELF analysis on Linux Learn how to disassemble binaries and understand disassembled code Discover how and when to patch a malicious binary during analysis Book Description Binary analysis is the process of examining a binary program to determine information security actions. It is a complex, constantly evolving, and challenging topic that crosses over into several domains of information technology and security. This binary analysis book is designed to help you get started with the basics, before gradually advancing to challenging topics. Using a recipe-based approach, this book guides you through building a lab of virtual machines and installing tools to analyze binaries effectively. You'll begin by learning about the IA32 and ELF32 as well as IA64 and ELF64 specifications. The book will then guide you in developing a methodology and exploring a variety of tools for Linux binary analysis. As you advance, you'll learn how to analyze malicious 32-bit and 64-bit binaries and identify vulnerabilities. You'll even examine obfuscation and anti-analysis techniques, analyze polymorphed malicious binaries, and get a high-level overview of dynamic taint analysis and binary instrumentation concepts. By the end of the book, you'll have gained comprehensive insights into binary analysis concepts and have developed the foundational skills to confidently delve into the realm of binary analysis. What you will learn Traverse the IA32, IA64, and ELF specifications Explore Linux tools to disassemble ELF binaries Identify vulnerabilities in 32-bit and 64-bit binaries Discover actionable solutions to overcome the limitations in analyzing ELF binaries Interpret the output of Linux tools to identify security risks in binaries Understand how dynamic taint analysis works Who this book is for This book is for anyone looking to learn how to dissect ELF binaries using open-source tools available in Linux. If you're a Linux system administrator or information security professional, you'll find this guide useful. Basic knowledge of Linux, familiarity with virtualization technologies and the working of network sockets, and experience in basic Python or Bash scripting will assist you with understanding the concepts in this book
Learn what the Blockchain is, what the differences between available blockchain platforms are, how to work with Oracle's Blockchain Cloud Service, and how Blockchain can change the direction of your Oracle work and the focus of your customers. Key Features A professional orientation of the Blockchain for Oracle developers and customers Learn what the Blockchain is and how it will affect for you and your customers Learn how blockchain will disrupt traditional cross-organizational applications Implement your own Blockchain on Oracle and develop your first smart contract Industry directions of the Blockchain to help you decide where to develop your skills Book Description Blockchain across Oracle gives you the professional orientation to Blockchain that you need as an Oracle developer in today's changing world. Written and prepared for you by Oracle Developer Champion Robert van Molken, this book gets you up to speed with the details of the Blockchain - core concepts, how to implement Oracle's Blockchain Cloud Service, industry implications for the Blockchain, and how the Blockchain will affect your Oracle customers. Robert van Molken introduces you to the history and concepts of the Blockchain. You'll really get to understand the Blockchain inside and out, as an Oracle developer or solution architect. You'll understand the Blockchain flow, and how the hashes and chains create a new decentralised paradigm for you as an Oracle developer. You'll gain insights into how the Blockchain affects Oracle developers and customers in this modern and disruptive era. You'll see how the Blockchain concepts work in this new world where Assets, Transactions, Security, and Privacy, can all be sustained across a decentralized system for your customers. Then you'll find a detailed look at the cutting-edge Oracle middleware solutions. You'll learn about Hyperledger Fabric, the opensource Blockchain framework used by Oracle as its core, and how to set up your own Oracle Blockchain Network. You'll design and develop a smart contract, and learn how to run it on the Oracle Blockchain Cloud Service. The final part of the book looks at how the Blockchain will affect your customers across various industry sectors. By studying industry trends in the financial services sector, healthcare industry, and the transport industry, you'll discover how the options and possibilities for you and your clients are being transformed by the Blockchain across Oracle. You'll complete this professional orientation by looking at Blockchain trends and future directions. What you will learn A full introduction to the Blockchain How the Blockchain affects Oracle developers and customers Core concepts including blocks, hashes, and chains, assets, transactions, and consensus How to work with Oracle Cloud to implement a Blockchain Network Design, develop, and run smart contracts on the Oracle Blockchain Cloud Service Blockchain security and privacy for Oracle developers and clients Public and private Blockchain decisions for Oracle architects and developers Industry analysis across finance, governance, and healthcare sectors Industry trends and the future of the Blockchain technology Who this book is for This book is a professional orientation for all Oracle developers, solution architects, and decisions makers involved in Oracle system and future development.
Get hands-on experience on concepts of Bug Bounty Hunting Key Features Get well-versed with the fundamentals of Bug Bounty Hunting Hands-on experience on using different tools for bug hunting Learn to write a bug bounty report according to the different vulnerabilities and its analysis Book Description Bug bounty programs are the deals offered by prominent companies where-in any white-hat hacker can find bugs in the applications and they will have a recognition for the same. The number of prominent organizations having this program has increased gradually leading to a lot of opportunity for Ethical Hackers. This book will initially start with introducing you to the concept of Bug Bounty hunting. Then we will dig deeper into concepts of vulnerabilities and analysis such as HTML injection, CRLF injection and so on. Towards the end of the book, we will get hands-on experience working with different tools used for bug hunting and various blogs and communities to be followed. This book will get you started with bug bounty hunting and its fundamentals. What you will learn Learn the basics of bug bounty hunting Hunt bugs in web applications Hunt bugs in Android applications Analyze the top 300 bug reports Discover bug bounty hunting research methodologies Explore different tools used for Bug Hunting Who this book is for This book is targeted towards white-hat hackers, or anyone who wants to understand the concept behind bug bounty hunting and understand this brilliant way of penetration testing. This book does not require any knowledge on bug bounty hunting.
Get hands-on experience in using Burp Suite to execute attacks and perform web assessments Key Features Explore the tools in Burp Suite to meet your web infrastructure security demands Configure Burp to fine-tune the suite of tools specific to the target Use Burp extensions to assist with different technologies commonly found in application stacks Book Description Burp Suite is a Java-based platform for testing the security of your web applications, and has been adopted widely by professional enterprise testers. The Burp Suite Cookbook contains recipes to tackle challenges in determining and exploring vulnerabilities in web applications. You will learn how to uncover security flaws with various test cases for complex environments. After you have configured Burp for your environment, you will use Burp tools such as Spider, Scanner, Intruder, Repeater, and Decoder, among others, to resolve specific problems faced by pentesters. You will also explore working with various modes of Burp and then perform operations on the web. Toward the end, you will cover recipes that target specific test scenarios and resolve them using best practices. By the end of the book, you will be up and running with deploying Burp for securing web applications. What you will learn Configure Burp Suite for your web applications Perform authentication, authorization, business logic, and data validation testing Explore session management and client-side testing Understand unrestricted file uploads and server-side request forgery Execute XML external entity attacks with Burp Perform remote code execution with Burp Who this book is for If you are a security professional, web pentester, or software developer who wants to adopt Burp Suite for applications security, this book is for you.
Develop your cybersecurity knowledge to obtain CCNA Cyber Ops certification and gain professional skills to identify and remove potential threats Key Features Explore different security analysis tools and develop your knowledge to confidently pass the 210-255 SECOPS exam Grasp real-world cybersecurity skills such as threat analysis, event correlation, and identifying malicious activity Learn through mock tests, useful tips, and up-to-date exam questions Book Description Cybersecurity roles have grown exponentially in the IT industry and an increasing number of organizations have set up security operations centers (SOCs) to monitor and respond to security threats. The 210-255 SECOPS exam is the second of two exams required for the Cisco CCNA Cyber Ops certification. By providing you with fundamental knowledge of SOC events, this certification validates your skills in managing cybersecurity processes such as analyzing threats and malicious activities, conducting security investigations, and using incident playbooks. You'll start by understanding threat analysis and computer forensics, which will help you build the foundation for learning intrusion analysis and incident response principles. The book will then guide you through vocabulary and techniques for analyzing data from the network and previous events. In later chapters, you'll discover how to identify, analyze, correlate, and respond to incidents, including how to communicate technical and inaccessible (non-technical) examples. You'll be able to build on your knowledge as you learn through examples and practice questions, and finally test your knowledge with two mock exams that allow you to put what you've learned to the test. By the end of this book, you'll have the skills to confidently pass the SECOPS 210-255 exam and achieve CCNA Cyber Ops certification. What you will learn Get up to speed with the principles of threat analysis, in a network and on a host device Understand the impact of computer forensics Examine typical and atypical network data to identify intrusions Identify the role of the SOC, and explore other individual roles in incident response Analyze data and events using common frameworks Learn the phases of an incident, and how incident response priorities change for each phase Who this book is for This book is for anyone who wants to prepare for the Cisco 210-255 SECOPS exam (CCNA Cyber Ops). If you're interested in cybersecurity, have already completed cybersecurity training as part of your formal education, or you work in Cyber Ops and just need a new certification, this book is for you. The certification guide looks at cyber operations from the ground up, consolidating concepts you may or may not have heard about before, to help you become a better cybersecurity operator.
This is a practical certification guide covering all the exam topics in an easy-to-follow manner backed with mock tests and self-assesment scenarios for better preparation. Key Features Learn cryptography and various cryptography algorithms for real-world implementations Discover security policies, plans, and procedures to protect your security infrastructure Written by Ian Neil, one of the world's top CompTIA Security+ (SY0-501) trainer Book Description CompTIA Security+ is a worldwide certification that establishes the fundamental knowledge required to perform core security functions and pursue an IT security career. CompTIA Security+ Certification Guide is a best-in-class exam study guide that covers all of CompTIA Security+ 501 exam objectives. It is authored by Ian Neil, who is a world-class trainer of CompTIA Security+ 501. Packed with self-assessment scenarios and realistic exam questions, this guide will help you master the core concepts to succeed in the exam the first time you take it. Using relevant examples, you will learn all the important security fundamentals from Certificates and Encryption to Identity and Access Management concepts. You will then dive into the important domains of the exam; namely, threats, attacks and vulnerabilities, technologies and tools, architecture and design, risk management, and cryptography and Public Key Infrastructure (PKI). This book comes with over 600 practice questions with detailed explanation that is at the exam level and also includes two mock exams to help you with your study plan. This guide will ensure that encryption and certificates are made easy for you. What you will learn Get to grips with security fundamentals from Certificates and Encryption to Identity and Access Management Secure devices and applications that are used by your company Identify the different types of malware and virus and take appropriate actions to protect against them Protect your environment against social engineering and advanced attacks Implement PKI concepts Learn about secure coding techniques, quality control, and testing Troubleshoot common security issues Who this book is for This book is designed for anyone who is seeking to pass the CompTIA Security+ SY0-501 exam. It is a stepping stone for anyone who wants to become a security professional or move into cyber security. This certification guide assumes no prior knowledge of the product.
Learn from Ian Neil, one of the world's top CompTIA Security+ trainers in the world, and enhance your analytical skills to pass the CompTIA Security+ SY0-501 exam Key Features Become a pro at answering questions from all six of the domains of the SY0-501 exam Learn about cryptography algorithms, security policies, and their real-world implementations Solve practice tests that complement the official CompTIA Security+ certification exam Book Description CompTIA Security+ is a core security certification that will validate your baseline skills for a career in cybersecurity. Passing this exam will not only help you identify security incidents but will also equip you to resolve them efficiently. This book builds on the popular CompTIA Security+ Certification Guide, which mirrors the SY0-501 exam pattern. This practice test-based guide covers all six domains of the Security+ SY0-501 exam: threats, attacks, and vulnerabilities; technologies and tools; architecture and design; identity and access management; cryptography and PKI; and risk management. You'll take six mock tests designed as per the official Security+ certification exam pattern, each covering significant aspects from an examination point of view. For each domain, the book provides a dedicated cheat sheet that includes important concepts covered in the test. You can even time your tests to simulate the actual exam. These tests will help you identify gaps in your knowledge and discover answers to tricky exam questions. By the end of this book, you'll have developed and enhanced the skills necessary to pass the official CompTIA Security+ exam. What you will learn Understand how prepared you are for the CompTIA Security+ certification Identify different types of security threats, attacks, and vulnerabilities Explore identity and access management in an enterprise environment Protect your business tools and platforms from cyberattacks Create and maintain a secure network Understand how you can protect your data Discover encryption techniques required to protect against various cyber threat scenarios Who this book is for If you are a security administrator, a system or network administrator, or anyone who wants to pass the CompTIA Security+ exam, this book is for you. This book is an ideal resource for students who want a career or degree in cybersecurity or are studying for the CISSP certification exam.
Most organizations are undergoing a digital transformation of some sort and are looking to embrace innovative technology, but new ways of doing business inevitably lead to new threats which can cause irreparable financial, operational and reputational damage. In an increasingly punitive regulatory climate, organizations are also under pressure to be more accountable and compliant. Cyber Risk Management clearly explains the importance of implementing a cyber security strategy and provides practical guidance for those responsible for managing threat events, vulnerabilities and controls, including malware, data leakage, insider threat and Denial-of-Service. Examples and use cases including Yahoo, Facebook and TalkTalk, add context throughout and emphasize the importance of communicating security and risk effectively, while implementation review checklists bring together key points at the end of each chapter. Cyber Risk Management analyzes the innate human factors around risk and how they affect cyber awareness and employee training, along with the need to assess the risks posed by third parties. Including an introduction to threat modelling, this book presents a data-centric approach to cyber risk management based on business impact assessments, data classification, data flow modelling and assessing return on investment. It covers pressing developments in artificial intelligence, machine learning, big data and cloud mobility, and includes advice on responding to risks which are applicable for the environment and not just based on media sensationalism.