Showing 1–24 of 138 results
Eliminating security holes in iOS apps is critical for any developer who wants to protect their users from the bad guys. In iOS Application Security, mobile security expert David Thiel reveals common iOS coding mistakes that create serious security problems and shows you how to find and fix them.After a crash course on iOS application structure and Objective-C design patterns, you’ll move on to spotting bad code and plugging the holes. You’l learn about:The iOS security model and the limits of its built-in protectionsThe myriad ways sensitive data can leak into places it shouldn’t, such as through the pasteboardHow to implement encryption with the Keychain, the Data Protection API, and CommonCryptoLegacy flaws from C that still cause problems in modern iOS applicationsPrivacy issues related to gathering user data and how to mitigate potential pitfallsDon’t let your app’s security leak become another headline.
Editors: Jajodia, S., Subrahmanian, V.S., Swarup, V., Wang, C. (Eds.)Features chapters written by leading experts in the fieldProposes new scientific methods to address many of the practical problems of cyber deceptionProvides a thorough scientific foundation for the field of cyber deceptionIncludes military and policy dimensions not typically covered in cyber-security booksThis edited volume features a wide spectrum of the latest computer science research relating to cyber deception. Specifically, it features work from the areas of artificial intelligence, game theory, programming languages, graph theory, and more.
The spectacular cyber attack on Sony Pictures and costly hacks of Target, Home Depot, Neiman Marcus, and databases containing sensitive data on millions of U.S. federal workers have shocked the nation. Despite a new urgency for the president, Congress, law enforcement, and corporate America to address the growing threat, the hacks keep coming—each one more pernicious than the last—from China, Russia, Iran, North Korea, the Middle East, and points unknown. The continuing attacks raise a deeply disturbing question: Is the issue simply beyond the reach of our government, political leaders, business leaders, and technology visionaries to resolve? In Hacked, veteran cybersecurity journalist Charlie Mitchell reveals the innovative, occasionally brilliant, and too-often hapless government and industry responses to growing cybersecurity threats.
IT security can be a complex topic, especially for those new to the field of IT. This full-color book, with a focus on the Microsoft Technology Associate (MTA) program, offers a clear and easy-to-understand approach to Windows security risks and attacks for newcomers to the world of IT. By paring down to just the essentials, beginners gain a solid foundation of security concepts upon which more advanced topics and technologies can be built. This straightforward guide begins each chapter by laying out a list of topics to be discussed, followed by a concise discussion of the core networking skills you need to have to gain a strong handle on the subject matter.
Master the fundamentals of malware analysis for the Windows platform and enhance your anti-malware skill set
About This Book
Set the baseline towards performing malware analysis on the Windows platform and how to use the tools required to deal with malware
Understand how to decipher x86 assembly code from source code inside your favourite development environment
A step-by-step based guide that reveals malware analysis from an industry insider and demystifies the process
Who This Book Is For
This book is best for someone who has prior experience with reverse engineering Windows executables and wants to specialize in malware analysis.
Your 2-in-1 Self-Paced Training Kit
EXAM PREP GUIDE
Ace your preparation for Certified Information Systems Security Professional (CISSP) Exam. Work at your own pace through a series of lessons and reviews that fully cover each exam objective. Then, reinforce what you’ve learned by applying your knowledge to real-world case scenarios and practice exercises. This guide is designed to help make the most of your study time.
Maximize your performance on the exam in these 10 domains:
Information Security Governance and Risk Management
Physical (Environmental) Security
Security Architecture and Design
Legal, Regulations, Investigations and Compliance
Telecommunications and Network Security
Business Continuity and Disaster Recovery Planning
Software Development Security
Assess your skills with practice tests on CD.
Over 90 hands-on recipes explaining how to leverage custom scripts and integrated tools in Kali Linux to effectively master network scanning
Learn the fundamentals behind commonly used scanning techniques
Deploy powerful scanning tools that are integrated into the Kali Linux testing platform
A step-by-step guide, full of recipes that will help you use integrated scanning tools in Kali Linux, and develop custom scripts for making new and unique tools of your own
Die Normreihe ISO 27000 und der IT-Grundschutz werden immer wichtiger für Unternehmen und Behörden, die ein IT-Sicherheitsmanagement in ihrer Organisation einführen und betreiben wollen. Im internationalen Kontext ist die Anwendung der ISO 27001 für viele Organisationen nahezu unverzichtbar.
Das Buch führt den Leser Schritt für Schritt in diese Standards ein und legt verständlich dar, wie man ein adäquates Management-System (ISMS) aufbaut und bestehende Risiken analysiert und bewertet. Die ausführlich kommentierten Controls unterstützen Sicherheitsverantwortliche bei der Auswahl geeigneter Sicherheitsmaßnahmen in allen Bereichen.
Learn to implement, manage, and deploy the latest Enterprise Mobility Management (EMM) platform offered by AirWatchAbout This Book• Understand Enterprise Mobility Management (EMM) and all the features involved in creating a robust deployment• Integrate and secure EMM solutions with your enterprise IT infrastructure to better protect your organization’s information• A step-by-step guide to teach you the latest EMM solutions from AirWatch by VMware to provide an effective and efficient mobile environmentWho This Book Is ForIf you are a technical professional who wants to dive deeper into the functionality offered by AirWatch or manage the solution, then this book will help you choose the best set of configuration, device management, and monitoring options that you can use to effectively manage your EMM implementation.I
The 8 International Workshop on Digital Watermarking (IWDW 2009) was hosted by the University of Surrey, Guildford, Surrey, UK, during August 24- 26, 2009.As with previous workshops,IWDW 2009 aimed to providea balanced program covering the latest state-of-the-art theoretical and practical devel- ments in digital watermarking, steganography and steganalysis, and the eme- ing area of image forensics. The selection of the program was a challenging task for the Technical Programme Committee members and reviewers, who ensured the highest quality and reputation of the workshop.
Following in the footsteps of its bestselling predecessor, The Practical Guide to HIPAA Privacy and Security Compliance, Second Edition is a one-stop, up-to-date resource on Health Insurance Portability and Accountability Act (HIPAA) privacy and security, including details on the HITECH Act, the 2013 Omnibus Rule, and the pending rules. Updated and revised with several new sections, this edition defines what HIPAA is, what it requires, and what you need to do to achieve compliance.
The book provides an easy-to-understand overview of HIPAA privacy and security rules and compliance tasks.
Cryptography in Chinese consists of two characters meaning "secret coded". Thanks to Ch’in Chiu-Shao and his successors, the Chinese Remainder Theorem became a cornerstone of public key cryptography.
To secure Node.js applications, we’ll start by helping you delve into the building blocks that make up typical Node applications. By understanding all the layers that you are building on top of, you can write code defensively and securely.
Security practitioners must be able to build cost-effective security programs while also complying with government regulations. Information Security Governance Simplified: From the Boardroom to the Keyboard lays out these regulations in simple terms and explains how to use control frameworks to build an air-tight information security (IS) program and governance structure.
“Technology is rapidly moving into our bodies,” writes cyber expert Keenan, “and this book gives a chilling look ahead into where that road may lead us – on a one way trip to the total surrender of privacy and the commoditization of intimacy.” Here is the definitive dissection of privacy-eroding and life-invading technologies, coming at you from governments, corporations, and the person next door.Take, for example, “Girls Around Me”: a Russian-made iPhone App that allowed anyone to scan the immediate vicinity for girls and women who checked in on Foursquare and had poorly secured Facebook profiles.
Key Features- Lay your hands on physical and virtual evidence to understand the sort of crime committed by capturing and analyzing network traffic- Connect the dots by understanding web proxies, firewalls, and routers to close in on your suspect- A hands-on guide to help you solve your case with malware forensic methods and network behaviorsBook DescriptionWe live in a highly networked world. Every digital device―phone, tablet, or computer is connected to each other, in one way or another. In this new age of connected networks, there is network crime.
Successful security professionals have had to modify the process of responding to new threats in the high-profile, ultra-connected business environment. But just because a threat exists does not mean that your organization is at risk. This is what risk assessment is all about. Information Security Risk Analysis, Third Edition demonstrates how to identify threats your company faces and then determine if those threats pose a real risk to your organization.
Authored by renowned security expert and certification instructor, Thomas Peltier, this authoritative reference provides you with the knowledge and the skill-set needed to achieve a highly effective risk analysis assessment in a matter of days.
Utilize Python scripting to execute effective and efficient penetration tests
About This Book
Understand how and where Python scripts meet the need for penetration testing
Familiarise yourself with the process of highlighting a specific methodology to exploit an environment to fetch critical data
Develop your Python and penetration testing skills with real-world examples
Who This Book Is For
If you are a security professional or researcher, with knowledge of different operating systems and a conceptual idea of penetration testing, and you would like to grow your knowledge in Python, then this book is ideal for you.
What You Will Learn
Familiarise yourself with the generation of Metasploit resource files
Use the Metasploit Remote Procedure Call (MSFRPC) to automate exploit generation and execution
Use Python’s Scrapy, network, socket, office, Nmap libraries, and custom modules
Parse Microsoft Office spreadsheets and eXtensible Markup Language (XML) data files
Write buffer overflows and reverse Metasploit modules to expand capabilities
Exploit Remote File Inclusion (RFI) to gain administrative access to systems with Python and other scripting languages
Crack an organization’s Internet perimeter
Chain exploits to gain deeper access to an organization’s resources
Interact with web services with Python
This is an easy-to-follow guide, full of hands-on and real-world examples of applications. Each of the vulnerabilities discussed in the book is accompanied with the practical approach to the vulnerability, and the underlying security issue.
This book is intended for all those who are looking to get started in Android security or Android application penetration testing. You don t need to be an Android developer to learn from this book, but it is highly recommended that developers have some experience in order to learn how to create secure applications for Android.
A must–have, hands–on guide for working in the cybersecurity profession Cybersecurity involves preventative methods to protect information from attacks. It requires a thorough understanding of potential threats, such as viruses and other malicious code, as well as system vulnerability and security architecture. This essential book addresses cybersecurity strategies that include identity management, risk management, and incident management, and also serves as a detailed guide for anyone looking to enter the security profession.
As networks become ever more complex, securing them becomes more and more difficult. The solution is visualization. Using today’s state-of-the-art data visualization techniques, you can gain a far deeper understanding of what’s happening on your network right now. You can uncover hidden patterns of data, identify emerging vulnerabilities and attacks, and respond decisively with countermeasures that are far more likely to succeed than conventional methods. In Applied Security Visualization, leading network security visualization expert Raffael Marty introduces all the concepts, techniques, and tools you need to use visualization on your network.
Aimed at the end user rather than the security professional, this book presents readers with invaluable information on how to eliminate security issues that already exist on their computers. The book empowers readers by providing step-by-step instructions on the actions they can take to virtually eradicate potential security threats; addresses viruses, spyware programs, firewalls, browser security, Windows XP updates, password management, data protection, and network security; and, offers simple steps and instructions that can be easily understood by the average Windows XP user and do not require readers to become computer security experts.
Covering topics ranging from web filters to laws aimed at preventing the flow of information, this book explores freedom―and censorship―of the Internet and considers the advantages and disadvantages of policies at each end of the spectrum.• Introduces key concepts and traces the evolution of Internet censorship from its earliest days• Shows how anti-censorship groups―including the American Civil Liberties Union, the OpenNet Initiative, Reporters Without Borders, Anonymous, WikiLeaks, and the Censorware Project―band together to fight for freedom of information• Explores the role of American businesses in facilitating Internet censorship abroad• Shares opinions on Internet freedom versus Internet censorship from experts in a range of fields, including criminology, political science, philosophy, and psychology• Includes an overview of Internet usage and penetration rates by region and an examination of the Freedom on the Net 2012 findings
A practical guide to testing your network’s security with Kali Linux – the preferred choice of penetration testers and hackersOverviewConduct realistic and effective security tests on your networkDemonstrate how key data systems are stealthily exploited, and learn how to identify attacks against your own systemsUse hands-on techniques to take advantage of Kali Linux, the open source framework of security toolsIn DetailMastering Kali Linux for Advanced Penetration Testing will teach you the kill chain perspective in assessing network security – from selecting the most effective tools, to rapidly compromising network security, to highlighting the techniques used to avoid detection.T
Showing 1–24 of 138 results