Practical Vulnerability Management: A Strategic Approach to Managing Cyber Risk

Description: Practical Vulnerability Management by Andrew Magnusson A hands-on guide to improving an organizations computer security and developing scanning tools on a budget. FORMAT Paperback LANGUAGE English CONDITION Brand New Publisher Description A hands-on guide to improving an organizations computer security and developing scanning tools on a budget.Practical Vulnerability Management discusses the components of a vulnerability management program and shows the reader how to build a free or low-cost system to automatically handle the repetitive aspects of vulnerability management. Vulnerability management is a critical and sometimes neglected aspect of information security. It consists of two main parts- awareness and action. First, the security practitioner must be aware of the vulnerabilities that exist in an organizations systems and understand how dangerous each one is. Second, that information must feed into an ongoing process of addressing vulnerabilities by updating the vulnerable systems or otherwise mitigating their severity. Author Biography Andrew Magnusson has been working in the information security field since 2002, in areas ranging from firewall configuration to security consulting to managing SOC2 compliance. As a consultant deploying enterprise vulnerability management tools he has seen how an organizations vulnerability management practices, or lack thereof, affects their overall information security posture. Table of Contents IntroductionPart I: Vulnerability Management BasicsChapter 1: Basic ConceptsChapter 2: Sources of InformationChapter 3: Vulnerability ScannersChapter 4: Automating Vulnerability ManagementChapter 5: Vulnerability Management OutcomesChapter 6: Vulnerability Management and Organizational PrioritiesPart II: Hands-on Vulnerability ManagementChapter 7: Setting Up Your EnvironmentChapter 8: Using the Data Collection ToolsChapter 9: Getting Your Data into Usable FormatChapter 10: Maintaining the DatabaseChapter 11: Generating Asset and Vulnerability ReportsChapter 12: Automating Scans and ReportingChapter 13: Advanced ReportingChapter 14: Advanced TopicsChapter 15. ConclusionIndex Review "An easy read and offers comprehensive solutions to keeping an organization secure and always prepared for possible attacks." —Helga Labus, Help Net Security Promotional A hands-on guide to improving an organizations computer security and developing scanning tools on a budget. Review Quote "An easy read and offers comprehensive solutions to keeping an organization secure and always prepared for possible attacks." --Helga Labus, Help Net Security Promotional "Headline" A hands-on guide to improving an organizations computer security and developing scanning tools on a budget. Excerpt from Book INTRODUCTION Its human nature to pay attention to the problems that are big and flashy, attracting lots of interest, such as advanced persistent threat (APT) groups--state-sponsored attackers. APT-linked attackers have compromised major retailers, financial institutions, and even government networks. But when we focus all of our attention on APTs and other headline-generating activity, we miss basic issues. Even though you have new firewalls protecting your system and powerful traffic-monitoring devices, if you dont keep up with the bread and butter of your security responsibilities, youre leaving many chinks in your systems armor. Neglecting the basics, like keeping your systems updated, can lead to serious consequences. Consider this example: suppose youre an information security manager at a medium-sized e-commerce business. Youve set up firewalls to block incoming traffic except for traffic to internet-facing services on systems in your demilitarized zone (DMZ) . Youve turned on egress filtering to block unauthorized exit traffic. An antivirus is on the endpoints, and youve hardened your servers. You believe your system is safe. But an old web service is running on an outdated version of Tomcat on a Linux server in the DMZ. Its a relic from an ill-advised foray into selling some of your companys valuable proprietary data to selected business partners. The initiative failed, but because you made some sales, you had a contractual obligation to keep that server up for another year. At the end of the year, the project was quietly shuttered, but the server is still running. Everyone has forgotten about it. But someone on the outside notices it. An attack comes in from a compromised server in Moldova, and your unpatched Tomcat server is vulnerable to a five-year-old Java issue. Now the attacker has a foothold in your network, and all your protections couldnt stop it. Where did you fail? This guide demonstrates the value of strong information security fundamentals. These are the most important components of a successful information security program. Unfortunately, theyre regularly neglected in favor of sexier topics, such as traffic analysis and automated malware sandboxing. Dont get me wrong; these are great advances in the state of the art of information security. But without a strong grasp of the fundamentals, investment in more advanced tools and techniques is futile. Who This Book Is For This book is for security practitioners tasked with defending their organization on a small budget and looking for ways to replicate functionality from commercially available vulnerability management tools. If youre familiar with vulnerability management as a process, youll have a head start. To build your own vulnerability management system, you should be familiar with Linux and database concepts and have some experience in a programming language like Python. The scripts in this book are written in Python, but you can functionally re-create them in whichever modern scripting or programming language you prefer. Back to Basics You can consider a number of security topics as foundational, such as authentication management, network design, and asset management. Although these elements might not be exciting or interesting for an analyst to work on, theyre of critical importance. Vulnerability management is one of the foundational concepts of information security. A perfectly written and configured software package doesnt exist. Bugs are an inevitable part of software, and many bugs have security implications. Dealing with these software vulnerabilities is a perennial issue in information security; the practice of vulnerability management is required for a baseline level of security that can serve as a trusted foundation upon which to deploy more advanced and specialized tools. Vulnerabilities affect an organizations IT infrastructure at all levels, so vulnerability management affects all aspects of an IT security program. Endpoint security relies on workstations and servers being up-to-date with the latest software versions to minimize the attack surface. Zero-day vulnerabilities are always a concern. But removing the low-hanging fruit of known (and sometimes long-standing) vulnerabilities makes it more difficult for attackers to compromise an endpoint and gain a foothold in your environment. Network security does its best to ensure that only necessary traffic passes among internal network segments and to and from the internet. But if systems or network devices contain known vulnerabilities, even otherwise legitimate traffic might contain network-based attacks using known and trusted protocols. Identity and access management (IAM) restricts users to the specific systems and data to which theyre entitled. But if the identity systems are vulnerable, attackers can simply sidestep them. If your environment has a baseline level of security, any countermeasures you put in place cant be easily bypassed by exploiting known vulnerabilities. Lets consider an analogy: after World War I, France tried to protect itself from Germany by building a long line of forts and entrenchments along its German border. It was named the Maginot Line after the French minister of war. But when World War II began, the Germans ignored the barrier by simply going around it, invading France across the Belgian border instead. All of that expensive defensive infrastructure was irrelevant. The same goes for your environment. If it doesnt have a foundational level of security, any additional countermeasures are no more than a Maginot Line. Attackers can easily avoid them because there is an easier path elsewhere. But by establishing a vulnerability management baseline and maintaining it via an active vulnerability management program, you can trust that additional security measures will add real value to your security program. Vulnerability Management Is Not Patch Management Patch management , perhaps in conjunction with a full software configuration management (SCM) system, keeps track of the versions and patch levels of servers and endpoints across an enterprise. It can push patches remotely to keep systems up-to-date. But although traditional patch management and vulnerability management (as described in this guide) share many similarities, the underlying assumptions are very different. Patch management assumes that patches are available, a patch management system can manage all the devices on the network that need patches, and there is enough time and manpower to apply all patches. But in real environments, its very rare for all of these conditions to hold. Devices exist that arent managed by the SCM: for example, network devices like routers and firewalls, test machines, abandoned servers, and devices running operating systems that arent compatible with SCM agents. All these components are invisible to a typical SCM deployment and could easily become out-of-date without anyone noticing. Even if automated patching is practicable for endpoints, often you must handle servers and network devices manually, because automatically patching a server might lead to downtime when the organization can least afford it. On the other hand, manually patching servers and network devices takes time that overworked IT staff often cant spare. Vulnerability management takes a more pragmatic approach. Instead of asking, "How can we apply all of these patches?" vulnerability management asks, "Given our limited resources, how can we best improve our security posture by addressing the most important vulnerabilities?" Vulnerability management looks at the problem through a risk management lens. We start with the full domain of vulnerabilities that exist on networked devices--managed and unmanaged--and determine which of these vulnerabilities present the highest risk to the organizations security. Once weve gathered that data, we have enough information to prioritize patching and remediation activities. If after this process is complete we have the capacity to apply more updates and remediation, so much the better. But by looking at the highest-risk issues first and using our limited time and resources wisely, we can improve the systems security posture significantly with comparatively little effort. Main Topics Covered This technical guide is divided into two main parts: conceptual and practical. In the first part, youll learn about the concepts and components of the vulnerability management process. In the second and larger part, youll look at a practical approach to building a free or low-cost vulnerability management system. Although you can follow the guide exactly, its most important for you to understand the concepts behind each script to adapt it to your own needs. Toward the end of the book, youll explore topics you might want to tackle once your vulnerability management system is up and running. One of those topics is purchasing a commercial tool to improve your vulnerability management program when you have the budget to do so. Description for Sales People An easy-to-follow guide on a critical, often-neglected aspect of information security. One of the only accessible books on this topic to currently exist. Helps readers understand how to patch and maintain vulnerable systems and prevent attack. Magnusson is a veteran information security expert and has been working in the field since 2002. Details ISBN1593279884 Author Andrew Magnusson Publisher No Starch Press,US Year 2020 ISBN-10 1593279884 ISBN-13 9781593279882 Format Paperback Imprint No Starch Press,US Place of Publication San Francisco Country of Publication United States Language English Short Title Practical Vulnerability Management Subtitle A Strategic Approach to Managing Cyber Risk DEWEY 658.478 UK Release Date 2020-10-06 Publication Date 2020-10-06 AU Release Date 2020-10-06 NZ Release Date 2020-10-06 US Release Date 2020-10-06 Illustrator Andy Price Translator Donald Nicholson-Smith Birth 1974 Affiliation Department of Psychology, University of New Mexico, USA Position Department of Psychology Qualifications Ph.D. Audience General Pages 270 We've got this At The Nile, if you're looking for it, we've got it. With fast shipping, low prices, friendly service and well over a million items - you're bound to find what you want, at a price you'll love! TheNile_Item_ID:141750358;

Price: 47.44 AUD

Location: Melbourne

End Time: 2024-11-09T06:06:17.000Z

Shipping Cost: 0 AUD