Cybersecurity Attacks - Red Team Strategies

Rehberger, Johann

  • 出版商: Packt Publishing
  • 出版日期: 2020-03-31
  • 售價: $1,400
  • 貴賓價: 9.5$1,330
  • 語言: 英文
  • 頁數: 524
  • 裝訂: Quality Paper - also called trade paper
  • ISBN: 1838828869
  • ISBN-13: 9781838828868
  • 相關分類: 資訊安全
  • 立即出貨 (庫存=1)

買這商品的人也買了...

商品描述

Develop your red team skills by learning essential foundational tactics, techniques, and procedures, and boost the overall security posture of your organization by leveraging the homefield advantage

Key Features

  • Build, manage, and measure an offensive red team program
  • Leverage the homefield advantage to stay ahead of your adversaries
  • Understand core adversarial tactics and techniques, and protect pentesters and pentesting assets

Book Description

It's now more important than ever for organizations to be ready to detect and respond to security events and breaches. Preventive measures alone are not enough for dealing with adversaries. A well-rounded prevention, detection, and response program is required. This book will guide you through the stages of building a red team program, including strategies and homefield advantage opportunities to boost security.

The book starts by guiding you through establishing, managing, and measuring a red team program, including effective ways for sharing results and findings to raise awareness. Gradually, you'll learn about progressive operations such as cryptocurrency mining, focused privacy testing, targeting telemetry, and even blue team tooling. Later, you'll discover knowledge graphs and how to build them, then become well-versed with basic to advanced techniques related to hunting for credentials, and learn to automate Microsoft Office and browsers to your advantage. Finally, you'll get to grips with protecting assets using decoys, auditing, and alerting with examples for major operating systems.

By the end of this book, you'll have learned how to build, manage, and measure a red team program effectively and be well-versed with the fundamental operational techniques required to enhance your existing skills.

What you will learn

  • Understand the risks associated with security breaches
  • Implement strategies for building an effective penetration testing team
  • Map out the homefield using knowledge graphs
  • Hunt credentials using indexing and other practical techniques
  • Gain blue team tooling insights to enhance your red team skills
  • Communicate results and influence decision makers with appropriate data

Who this book is for

This is one of the few detailed cybersecurity books for penetration testers, cybersecurity analysts, security leaders and strategists, as well as red team members and chief information security officers (CISOs) looking to secure their organizations from adversaries. The program management part of this book will also be useful for beginners in the cybersecurity domain. To get the most out of this book, some penetration testing experience, and software engineering and debugging skills are necessary.

商品描述(中文翻譯)

透過學習基礎的戰術、技巧和程序,提升你的紅隊技能,並利用主場優勢提高組織的整體安全性。

主要特點:
- 建立、管理和評估攻擊性紅隊計劃
- 利用主場優勢,保持領先於對手
- 了解核心對抗戰術和技巧,保護測試人員和測試資產

書籍描述:
現在組織必須隨時準備檢測和應對安全事件和入侵。單靠預防措施無法應對對手。需要一個全面的預防、檢測和應對計劃。本書將指導您建立紅隊計劃的各個階段,包括戰略和主場優勢機會,以提高安全性。

本書首先指導您建立、管理和評估紅隊計劃,包括有效的共享結果和發現的方法,以提高意識。逐步地,您將學習進階操作,如加密貨幣挖掘、專注於隱私測試、針對遙測的操作,甚至是藍隊工具。然後,您將了解知識圖和如何構建它們,並熟悉與搜尋憑證相關的基本和高級技術,並學習如何自動化Microsoft Office和瀏覽器以獲得優勢。最後,您將掌握使用誘餌、審計和警報來保護資產的技巧,並提供主要操作系統的示例。

通過閱讀本書,您將學習如何有效地建立、管理和評估紅隊計劃,並熟悉提升現有技能所需的基本操作技巧。

你將學到什麼:
- 了解安全入侵的風險
- 實施建立有效滲透測試團隊的策略
- 使用知識圖繪製主場
- 使用索引和其他實用技術尋找憑證
- 獲得藍隊工具的洞察,以增強紅隊技能
- 使用適當的數據傳達結果並影響決策者

本書適合對手測試人員、網絡安全分析師、安全領導者和策略師,以及紅隊成員和首席信息安全官(CISO)等希望保護組織免受對手侵害的人士。本書的計劃管理部分對於網絡安全領域的初學者也很有用。為了充分利用本書,需要一些滲透測試經驗和軟件工程和調試技能。

作者簡介

Johann Rehberger has over fifteen years of experience in threat analysis, threat modeling, risk management, penetration testing, and red teaming. As part of his many years at Microsoft, Johann established a penetration test team in Azure Data and led the program as Principal Security Engineering Manager. Recently, he built out a red team at Uber and currently works as an independent security and software engineer. Johann is well versed in analysis, design, implementation, and testing of software systems. Additionally, he enjoys providing training and was an instructor for ethical hacking at the University of Washington. Johann contributed to the MITRE ATT&CK framework and holds a master's in computer security from the University of Liverpool.

作者簡介(中文翻譯)

Johann Rehberger擁有超過十五年的威脅分析、威脅建模、風險管理、滲透測試和紅隊測試經驗。在他在微軟的多年中,Johann在Azure Data建立了一個滲透測試團隊並擔任首席安全工程經理。最近,他在Uber建立了一個紅隊,目前作為獨立的安全和軟體工程師工作。Johann精通軟體系統的分析、設計、實施和測試。此外,他喜歡提供培訓,曾在華盛頓大學擔任道德黑客的講師。Johann為MITRE ATT&CK框架做出了貢獻,並擁有利物浦大學的計算機安全碩士學位。

目錄大綱

  1. Establishing an Offensive Security Program
  2. Managing an Offensive Security Team
  3. Measuring an Offensive Security Program
  4. Progressive Red Team Operations
  5. Situational Awareness – Mapping Out the Homefield Using Graph Databases
  6. Building a Comprehensive Knowledge Graph
  7. Hunting for Credentials
  8. Advanced Credential Hunting
  9. Powerful Automation
  10. Protecting the Pen Tester
  11. Traps, Deceptions, and Honeypots
  12. Blue Team Tactics for the Red Team

目錄大綱(中文翻譯)

- 建立攻擊性安全計劃
- 管理攻擊性安全團隊
- 衡量攻擊性安全計劃
- 進階紅隊作戰
- 情境感知 - 使用圖形資料庫繪製主場地圖
- 建立全面性知識圖譜
- 尋找憑證
- 進階憑證尋找
- 強大的自動化
- 保護滲透測試人員
- 陷阱、欺騙和蜜罐
- 藍隊戰術適用於紅隊