Cargando…
Security intelligence : a practitioner's guide to solving enterprise security challenges /
Identify, deploy, and secure your enterprise Security Intelligence, A Practitioner's Guide to Solving Enterprise Security Challenges is a handbook for security in modern times, against modern adversaries. As leaders in the design and creation of security products that are deployed globally acro...
| Clasificación: | Libro Electrónico |
|---|---|
| Autores principales: | , |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Indianapolis, IN :
Wiley,
2015.
|
| Temas: | |
| Acceso en línea: | Texto completo |
Tabla de Contenidos:
- Security Intelligence: A Practitioner's Guide to Solving Enterprise Security Challenges; Contents; Foreword; Preface; Chapter 1 Fundamentals of Secure Proxies; Security Must Protect and Empower Users; The Birth of Shadow IT; Internet of Things and Connected Consumer Appliances; Conventional Security Solutions; Traditional Firewalls: What Are Their Main Deficiencies?; Firewall with DPI: A Better Solution?; IDS/IPS and Firewall; Unified Threat Management and Next-Generation Firewall; Security Proxy-A Necessary Extension of the End Point; Transaction-Based Processing; The Proxy Architecture.
- SSL Proxy and InterceptionInterception Strategies; Certificates and Keys; Certificate Pinning and OCSP Stapling; SSL Interception and Privacy; Summary; Chapter 2 Proxy Deployment Strategies and Challenges; Definitions of Proxy Types: Transparent Proxy and Explicit Proxy; Inline Deployment of Transparent Proxy: Physical Inline and Virtual Inline; Physical Inline Deployment; Virtual Inline Deployment; Traffic Redirection Methods: WCCP and PBR; LAN Port and WAN Port; Forward Proxy and Reverse Proxy; Challenges of Transparent Interception; Directionality of Connections; Maintaining Traffic Paths.
- Avoiding InterceptionAsymmetric Traffic Flow Detection and Clustering; Proxy Chaining; Summary; Chapter 3 Proxy Policy Engine and Policy Enforcements; Policy System Overview; Conditions and Properties; Policy Transaction; Policy Ticket; Policy Updates and Versioning System; Security Implications; Policy System in the Cloud Security Operation; Policy Evaluation; Policy Checkpoint; Policy Execution Timing; Revisiting the Proxy Interception Steps; Enforcing External Policy Decisions; Summary; Chapter 4 Malware and Malware Delivery Networks; Cyber Warfare and Targeted Attacks.
- Espionage and Sabotage in CyberspaceIndustrial Espionage; Operation Aurora; Watering Hole Attack; Breaching the Trusted Third Party; Casting the Lures; Spear Phishing; Pharming; Cross-Site Scripting; Search Engine Poisoning; Drive-by Downloads and the Invisible iframe; Tangled Malvertising Networks; Malware Delivery Networks; Fast-Flux Networks; Explosion of Domain Names; Abandoned Sites and Domain Names; Antivirus Software and End-Point Solutions
- The Losing Battle; Summary; Chapter 5 Malnet Detection Techniques; Automated URL Reputation System; Creating URL Training Sets.
- Extracting URL Feature SetsClassifier Training; Dynamic Webpage Content Rating; Keyword Extraction for Category Construction; Keyword Categorization; Detecting Malicious Web Infrastructure; Detecting Exploit Servers through Content Analysis; Topology-Based Detection of Dedicated Malicious Hosts; Detecting C2 Servers; Detection Based on Download Similarities; Crawlers; Detecting Malicious Servers with a Honeyclient; High Interaction versus Low Interaction; Capture-HPC: A High-Interaction Honeyclient; Thug: A Low-Interaction Honeyclient; Evading Honeyclients; Summary; Chapter 6 Writing Policies.