The InfoSec Handbook

Book Description:

The InfoSec Handbook offers the reader an organized layout of information that is easily read and understood. Allowing beginners to enter the field and understand the key concepts and ideas, while still keeping the experienced readers updated on topics and concepts.

It is intended mainly for beginners to the field of information security, written in a way that makes it easy for them to understand the detailed content of the book. The book offers a practical and simple view of the security practices while still offering somewhat technical and detailed information relating to security. It helps the reader build a strong foundation of information, allowing them to move forward from the book with a larger knowledge base.





Source: allitebooks

By Offensive Sec

Read More

The Manager’s - Guide to Web Application Security

Book Description:

The Manager’s Guide to Web Application Security is a concise, information-packed guide to application security risks every organization faces, written in plain language, with guidance on how to deal with those issues quickly and effectively. Often, security vulnerabilities are difficult to understand and quantify because they are the result of intricate programming deficiencies and highly technical issues. Author and noted industry expert Ron Lepofsky breaks down the technical barrier and identifies many real-world examples of security vulnerabilities commonly found by IT security auditors, translates them into business risks with identifiable consequences, and provides practical guidance about mitigating them.





Source: allitebooks

By Offensive Sec

Read More

Threat Modeling

Book Description:

Adam Shostack is responsible for security development lifecycle threat modeling at Microsoft and is one of a handful of threat modeling experts in the world. Now, he is sharing his considerable expertise into this unique book. With pages of specific actionable advice, he details how to build better security into the design of systems, software, or services from the outset. You’ll explore various threat modeling approaches, find out how to test your designs against threats, and learn effective ways to address threats that have been validated at Microsoft and other top companies.





Source: allitebooks

By Offensive Sec

Read More

What Is Computer Science?

Book Description:

This engaging and accessible text addresses the fundamental question: What Is Computer Science? The book showcases a set of representative concepts broadly connected by the theme of information security, for which the presentation of each topic can be treated as a “mini” lecture course, demonstrating how it allows us to solve real problems, as well as how it relates to other subjects. The discussions are further supported by numerous examples and practical hands-on exercises. Features: presents a concise introduction to the study of algorithms and describes how computers work; introduces the concepts of data compression, and error detection and correction; highlights the role of data structures; explores the topic of web-search; reviews both historic and modern cryptographic schemes, examines how a physical system can leak information and discusses the idea of randomness; investigates the science of steganography; provides additional supplementary material at an associated website.





Source: allitebooks

By Offensive Sec

Read More

Computer Security – ESORICS 2013

Book Description:

This book constitutes the refereed proceedings of the 18th European Symposium on Computer Security, ESORICS 2013, held in Egham, UK, in September 2013.

The 43 papers included in the book were carefully reviewed and selected from 242 papers. The aim of ESORICS is to further the progress of research in computer security by establishing a European forum for bringing together researchers in this area, by promoting the exchange of ideas with system developers and by encouraging links with researchers in related areas. The papers cover all topics related to security, privacy and trust in computer systems and networks.





Source: allitebooks

By Offensive Sec

Read More

Cuckoo Malware Analysis

Book Description:

Cuckoo Sandbox is a leading open source automated malware analysis system. This means that you can throw any suspicious file at it and, in a matter of seconds, Cuckoo will provide you with some detailed results outlining what said file did when executed inside an isolated environment.

Cuckoo Malware Analysis is a hands-on guide that will provide you with everything you need to know to use Cuckoo Sandbox with added tools like Volatility, Yara, Cuckooforcanari, Cuckoomx, Radare, and Bokken, which will help you to learn malware analysis in an easier and more efficient way.





Source: allitebooks

By Offensive Sec

Read More

Hacking Exposed Mobile

Book Description:

Hacking Exposed Mobile continues in the great tradition of the Hacking Exposed series, arming business leaders and technology practitioners with an in-depth understanding of the latest attacks and countermeasures – so they can leverage the power of mobile platforms while ensuring that security risks are contained.

Identify and evade key threats across the expanding mobile risk landscape. Hacking Exposed Mobile: Security Secrets & Solutions covers the wide range of attacks to your mobile deployment alongside ready-to-use countermeasures. Find out how attackers compromise networks and devices, attack mobile services, and subvert mobile apps. Learn how to encrypt mobile data, fortify mobile platforms, and eradicate malware. This cutting-edge guide reveals secure mobile development guidelines, how to leverage mobile OS features and MDM to isolate apps and data, and the techniques the pros use to secure mobile payment systems.






Source: allitebooks

By Offensive Sec

Read More

Hacking For Dummies - 4th Edition

Book Description:

The best way to stay safe online is to stop hackers before they attack – first, by understanding their thinking and second, by ethically hacking your own site to measure the effectiveness of your security. This practical, top-selling guide will help you do both. Fully updated for Windows 8 and the latest version of Linux, Hacking For Dummies, 4th Edition explores the malicious hacker’s mindset and helps you develop an ethical hacking plan (also known as penetration testing) using the newest tools and techniques.





Source: allitebooks

By Offensive Sec

Read More

Information Security The Complete Reference - 2nd Edition

Book Description:

Today’s complex world of mobile platforms, cloud computing, and ubiquitous data access puts new security demands on every IT professional. Information Security: The Complete Reference, 2nd Edition is the only comprehensive book that offers vendor-neutral details on all aspects of information protection, with an eye toward the evolving threat landscape. Thoroughly revised and expanded to cover all aspects of modern information security—from concepts to details—this edition provides a one-stop reference equally applicable to the beginner and the seasoned professional.

Find out how to build a holistic security program based on proven methodology, risk analysis, compliance, and business needs. You’ll learn how to successfully protect data, networks, computers, and applications. In-depth chapters cover data protection, encryption, information rights management, network security, intrusion detection and prevention, Unix and Windows security, virtual and cloud security, secure application development, disaster recovery, forensics, and real-world attacks and countermeasures. Included is an extensive security glossary, as well as standards-based references. This is a great resource for professionals and students alike.





Source: allitebooks

By Offensive Sec

Read More