Privileged Attack Vectors: Building Effective Cyber-Defense Strategies to Protect Organizations

Haber, Morey J.

  • 出版商: Apress
  • 出版日期: 2020-06-14
  • 售價: $2,430
  • 貴賓價: 9.5$2,309
  • 語言: 英文
  • 頁數: 362
  • 裝訂: Quality Paper - also called trade paper
  • ISBN: 1484259130
  • ISBN-13: 9781484259139
  • 相關分類: Wireless-networks物聯網 IoT資訊安全
  • 海外代購書籍(需單獨結帳)

買這商品的人也買了...

商品描述

See how privileges, insecure passwords, administrative rights, and remote access can be combined as an attack vector to breach any organization. Cyber attacks continue to increase in volume and sophistication. It is not a matter of if, but when, your organization will be breached. Threat actors target the path of least resistance: users and their privileges.

 

In decades past, an entire enterprise might be sufficiently managed through just a handful of credentials. Today's environmental complexity has seen an explosion of privileged credentials for many different account types such as domain and local administrators, operating systems (Windows, Unix, Linux, macOS, etc.), directory services, databases, applications, cloud instances, networking hardware, Internet of Things (IoT), social media, and so many more. When unmanaged, these privileged credentials pose a significant threat from external hackers and insider threats. We are experiencing an expanding universe of privileged accounts almost everywhere.
There is no one solution or strategy to provide the protection you need against all vectors and stages of an attack. And while some new and innovative products will help protect against or detect against a privilege attack, they are not guaranteed to stop 100% of malicious activity. The volume and frequency of privilege-based attacks continues to increase and test the limits of existing security controls and solution implementations.

 

Privileged Attack Vectors details the risks associated with poor privilege management, the techniques that threat actors leverage, and the defensive measures that organizations should adopt to protect against an incident, protect against lateral movement, and improve the ability to detect malicious activity due to the inappropriate usage of privileged credentials.

This revised and expanded second edition covers new attack vectors, has updated definitions for privileged access management (PAM), new strategies for defense, tested empirical steps for a successful implementation, and includes new disciplines for least privilege endpoint management and privileged remote access.

 

What You Will Learn

  • Know how identities, accounts, credentials, passwords, and exploits can be leveraged to escalate privileges during an attack
  • Implement defensive and monitoring strategies to mitigate privilege threats and risk
  • Understand a 10-step universal privilege management implementation plan to guide you through a successful privilege access management journey
  • Develop a comprehensive model for documenting risk, compliance, and reporting based on privilege session activity

 

 

 

 

 

 


Who This Book Is For

 

 

 

Security management professionals, new security professionals, and auditors looking to understand and solve privilege access management problems

商品描述(中文翻譯)

了解特權、不安全密碼、管理權限和遠程訪問如何結合成攻擊向量,以侵犯任何組織。網絡攻擊的數量和複雜性不斷增加。你的組織被入侵不是問題是否,而是問題何時。威脅行為者瞄準最脆弱的環節:用戶及其特權。

在過去的幾十年中,一個企業可能只需要少數幾個憑證就能夠適當地管理。如今,環境的複雜性導致特權憑證激增,包括域和本地管理員、操作系統(Windows、Unix、Linux、macOS等)、目錄服務、數據庫、應用程序、雲實例、網絡硬件、物聯網(IoT)、社交媒體等等。如果這些特權憑證未受管理,它們將對外部黑客和內部威脅構成重大威脅。我們正處於幾乎無處不在的特權帳戶的不斷擴大的宇宙中。

沒有一個解決方案或策略能夠提供對所有攻擊向量和攻擊階段的保護所需。雖然一些新的創新產品可以幫助防止或檢測特權攻擊,但它們不能保證100%阻止惡意活動。基於特權的攻擊的數量和頻率不斷增加,並測試現有安全控制和解決方案實施的極限。

《特權攻擊向量》詳細介紹了不良特權管理所帶來的風險、威脅行為者利用的技術,以及組織應采取的防禦措施,以保護免受事件侵害、防止橫向移動,並提高檢測因不當使用特權憑證而引起的惡意活動的能力。

這本修訂和擴展的第二版涵蓋了新的攻擊向量,更新了特權訪問管理(PAM)的定義,提供了新的防禦策略,經過驗證的成功實施步驟,並包括了最低特權端點管理和特權遠程訪問的新學科。

你將學到什麼:

- 了解在攻擊中如何利用身份、帳戶、憑證、密碼和漏洞來升級特權
- 實施防禦和監控策略以減輕特權威脅和風險
- 理解一個10步通用特權管理實施計劃,引導你成功實施特權訪問管理
- 建立一個全面的模型,根據特權會話活動來記錄風險、合規性和報告

這本修訂和擴展的第二版針對安全管理專業人士、新的安全專業人士和審計師,旨在理解和解決特權訪問管理問題。

作者簡介

Morey J. Haber is Chief Technology Officer at BeyondTrust. He has more than 20 years of IT industry experience, and has authored three Apress books: Asset Attack Vectors and Identity Attack Vectors, as well as the first edition of Privileged Attack Vectors. He joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition. He currently oversees BeyondTrust technology management solutions for vulnerability, and privileged and remote access. In 2004, he joined eEye as Director of Security Engineering and was responsible for strategic business discussions and vulnerability management architectures in Fortune 500 clients. Prior to eEye, he was Development Manager for Computer Associates, Inc. (CA), responsible for new product beta cycles and named customer accounts. He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelor of Science degree in Electrical Engineering from the State University of New York at Stony Brook.

 

作者簡介(中文翻譯)

Morey J. Haber是BeyondTrust的首席技術官。他在IT行業擁有超過20年的經驗,並撰寫了三本Apress書籍: Asset Attack Vectors和Identity Attack Vectors,以及第一版的Privileged Attack Vectors。他於2012年加入BeyondTrust,成為eEye Digital Security收購的一部分。他目前負責BeyondTrust的漏洞、特權和遠程訪問的技術管理解決方案。2004年,他加入eEye擔任安全工程總監,負責與財富500強客戶進行戰略業務討論和漏洞管理架構。在加入eEye之前,他是Computer Associates, Inc.(CA)的開發經理,負責新產品測試週期和特定客戶帳戶。他的職業生涯始於一家政府承包商,擔任可靠性和可維護性工程師,負責建造飛行和訓練模擬器。他在紐約州立大學石溪分校獲得電機工程學士學位。