Cargando…
Building an intelligence-led security program /
Adding cyber threat intelligence can help security teams uncover events not detected by traditional security platforms and correlate seemingly disparate events across the network. This book will show you how to implement an intelligence-led program in your enterprise on any budget. Topics include: a...
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Otros Autores: | |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Waltham, MA :
Syngress is an imprint of Elsevier,
[2015]
|
| Edición: | First edition. |
| Temas: | |
| Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
MARC
| LEADER | 00000cam a2200000 i 4500 | ||
|---|---|---|---|
| 001 | OR_ocn908649681 | ||
| 003 | OCoLC | ||
| 005 | 20231017213018.0 | ||
| 006 | m o d | ||
| 007 | cr mn||||||||| | ||
| 008 | 150416t20152015maua ob 001 0 eng d | ||
| 040 | |a B24X7 |b eng |e rda |e pn |c B24X7 |d OCLCO |d OCLCQ |d COO |d YDXCP |d OCLCF |d OCLCQ |d VGM |d LIV |d INT |d AU@ |d OCLCQ |d WYU |d LOA |d K6U |d COCUF |d VT2 |d OCLCO |d OCLCQ |d OCLCO | ||
| 019 | |a 899566842 | ||
| 020 | |a 9780128023709 |q (e-book) | ||
| 020 | |a 0128023708 | ||
| 020 | |z 9780128021453 | ||
| 020 | |z 0128021454 | ||
| 029 | 1 | |a GBVCP |b 856701823 | |
| 035 | |a (OCoLC)908649681 |z (OCoLC)899566842 | ||
| 050 | 4 | |a TK5105.59 |b .L575 2015eb | |
| 082 | 0 | 4 | |a 658.478 |2 23 |
| 049 | |a UAMI | ||
| 100 | 1 | |a Liska, Allan, |e author. | |
| 245 | 1 | 0 | |a Building an intelligence-led security program / |c Allan Liska ; Tim Gallo, technical editor. |
| 250 | |a First edition. | ||
| 264 | 1 | |a Waltham, MA : |b Syngress is an imprint of Elsevier, |c [2015] | |
| 264 | 4 | |c ©2015 | |
| 300 | |a 1 online resource : |b illustrations | ||
| 300 | |a 1 online resource | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 588 | |a Online resource; title from title screen (Books24x7.com, viewed April 16, 2015). | ||
| 520 | |a Adding cyber threat intelligence can help security teams uncover events not detected by traditional security platforms and correlate seemingly disparate events across the network. This book will show you how to implement an intelligence-led program in your enterprise on any budget. Topics include: a roadmap and direction on how to build an intelligence-led information security program to protect your company, understanding your network through logs and client monitoring so you can effectively evaluate threat intelligence; using popular tools such as BIND, SNORT, squid, STIX, TAXII, CyBox, and splunk to conduct network intelligence. -- |c Edited summary from book. | ||
| 504 | |a Includes bibliographical references and index. | ||
| 505 | 0 | |a Machine generated contents note: ch. 1 Understanding the Threat -- Introduction -- A Brief of History of Network Security -- Understanding the Current Threat -- The Coming Threats -- Conclusion -- References -- ch. 2 What is Intelligence? -- Introduction -- Denning Intelligence -- The Intelligence Cycle -- Types of Intelligence -- The Professional Analyst -- Denial and Deception -- Intelligence throughout the Ages -- Conclusion -- References -- ch. 3 Building a Network Security Intelligence Model -- Introduction -- Defining Cyber Threat Intelligence -- The Anatomy of an Attack -- Approaching Cyber Attacks Differently -- Incorporating the Intelligence Lifecycle into Security Workflow -- Automation -- Conclusion -- References -- ch. 4 Gathering Data -- Introduction -- The Continuous Monitoring Framework -- NIST Cybersecurity Framework -- Security + Intelligence -- The Business Side of Security -- Planning a Phased Approach -- Conclusion -- References | |
| 505 | 0 | |a Note continued: ch. 5 Internal Intelligence Sources -- Introduction -- Asset, Vulnerability, and Configuration Management -- Network Logging -- Network Monitoring -- Conclusion -- References -- ch. 6 External Intelligence Sources -- Introduction -- Brand Monitoring versus Intelligence -- Asset, Vulnerability, and Configuration Management -- Network Logging -- Network Monitoring -- Protecting against Zero-day Attacks -- Incident Response and Intelligence -- Collaborative Research into Threats -- Conclusion -- References -- ch. 7 Fusing Internal and External Intelligence -- Introduction -- Security Awareness Training -- OpenIOC, CyBOX, STIX, and TAXII -- Threat Intelligence Management Platforms -- Big Data Security Analytics -- Conclusion -- Reference -- ch. 8 CERTs, ISACs, and Intelligence-sharing Communities -- Introduction -- CERTs and CSIRTs -- ISACs -- Intelligence-sharing Communities -- Conclusion -- References -- ch. 9 Advanced Intelligence Capabilities | |
| 505 | 0 | |a Note continued: Introduction -- Malware Analysis -- Honeypots -- Intrusion Deception -- Conclusion -- Reference. | |
| 590 | |a O'Reilly |b O'Reilly Online Learning: Academic/Public Library Edition | ||
| 650 | 0 | |a Computer networks |x Security measures. | |
| 650 | 6 | |a Réseaux d'ordinateurs |x Sécurité |x Mesures. | |
| 650 | 7 | |a Computer networks |x Security measures |2 fast | |
| 700 | 1 | |a Gallo, Tim, |e editor. | |
| 776 | 0 | 8 | |i Print version: |a Liska, Allan. |t Building an intelligence-led security program. |b First edition. |d Waltham, MA : Syngress is an imprint of Elsevier, [2015] |z 0128021454 |z 9780128021453 |w (OCoLC)890757547 |
| 856 | 4 | 0 | |u https://learning.oreilly.com/library/view/~/9780128021453/?ar |z Texto completo (Requiere registro previo con correo institucional) |
| 936 | |a BATCHLOAD | ||
| 938 | |a Books 24x7 |b B247 |n bks00078134 | ||
| 938 | |a YBP Library Services |b YANK |n 12206722 | ||
| 994 | |a 92 |b IZTAP | ||