The Complete Guide to Defense in Depth
Learn to identify, mitigate, and prevent cyber threats with a dynamic, layered defense approach
1st Edition
Published on 13. January 2025
298 pages
978-1-83546-473-1 (ISBN)
Description
No detailed description available for "The Complete Guide to Defense in Depth".
All prices
More details
Other editions
Additional editions
Akash Mukherjee
The Complete Guide to Defense in Depth
Learn to identify, mitigate, and prevent cyber threats with a dynamic, layered defense approach
Book
07/2024
Packt Publishing
€47.00
Shipment within 3-4 weeks
Persons
Mukherjee Akash :
Akash Mukherjee is a security enthusiast and a leader with experience setting up and executing security strategies at large tech companies. He is currently a security leader at Apple AIML. He was previously a security lead at Google, leading the insider risk program and supply chain security efforts at Google Chrome. During his time at Google, Akash was also a course lead and subject matter expert for the Google Cybersecurity Certificate course. He has been at the forefront of the emerging threat landscape and has led the development of novel security strategies and frameworks. Akash was one of the co-developers of the open-source Supply-chain Levels for Soft ware Artifacts (SLSA) framework. He is based in the Silicon Valley area in the US, and he holds a bachelor of technology degree from the Indian Institute of Technology, B.H.U., India, and a master's degree in cyber security from the University of Southern California, USA.
Akash Mukherjee is a security enthusiast and a leader with experience setting up and executing security strategies at large tech companies. He is currently a security leader at Apple AIML. He was previously a security lead at Google, leading the insider risk program and supply chain security efforts at Google Chrome. During his time at Google, Akash was also a course lead and subject matter expert for the Google Cybersecurity Certificate course. He has been at the forefront of the emerging threat landscape and has led the development of novel security strategies and frameworks. Akash was one of the co-developers of the open-source Supply-chain Levels for Soft ware Artifacts (SLSA) framework. He is based in the Silicon Valley area in the US, and he holds a bachelor of technology degree from the Indian Institute of Technology, B.H.U., India, and a master's degree in cyber security from the University of Southern California, USA.
Content
- Cover
- Title Page
- Copyright and Credits
- Foreword
- Contributors
- Table of Contents
- Preface
- Part 1: Understanding Defense in Depth - The Core Principle
- Chapter 1: Navigating Risk, Classifying Assets, and Unveiling Threats
- Foundations of security principles
- Brief history of information security
- The CIA Triad - Confidentiality, integrity, and availability
- Security standards, policies, and guidelines
- Evolution of cyber threats and attack strategies
- Security controls
- Risk-based approach to security
- Understanding risk management
- Risk analysis
- Threat modeling
- Balancing risk with business needs
- Identifying threat actors and understanding their motivations
- Types of attackers
- Threat actor motivations
- Real-world examples
- Security through the ages
- Trends in security
- The rise of cloud computing
- Security is omnipresent
- Summary
- Key takeaways
- Further reading
- Chapter 2: Practical Guide to Defense in Depth
- The concept of DiD
- The fallacy of single-point defense
- Diversification of defense
- Layered security architecture
- DiD - Principles and benefits
- Security domains and controls
- Mapping the landscape - Core security domains
- Building the arsenal for each domain
- Layering controls across security domains
- Selecting and implementing the right controls
- Assessment of organizational needs
- Matching controls to threats
- Control selection criteria
- Implementation strategies and best practices
- Continuous monitoring and adaptation
- Glimpse of a real-world DiD approach
- Threat
- Impact
- Mitigation
- Summary
- Key takeaways
- Further reading
- Chapter 3: Building a Framework for Layered Security
- Establishing a robust framework
- Organizing defensive controls
- Security layers - Protecting perimeters to information
- Continuous optimization and adaptation
- Consistency and standardization by security policies
- Crafting effective security policies
- Risk-informed policies
- Centralized policy management
- Streamlining security practices
- The power and benefits of consistent security policies
- Compliance and regulatory requirements
- Understanding the regulatory landscape
- Aligning security with regulations
- Compliance as a catalyst for consistency
- Enforcement and accountability
- Validation and assurance
- Shift-left security
- XFN collaboration
- Evolving security responsibilities
- Summary
- Key takeaways
- Further reading
- Part 2: Building a Layered Security Strategy - Thinking Like an Attacker
- Chapter 4: Understanding the Attacker Mindset
- Exploring the attacker's perspective
- In the mind of a cybercriminal
- A hacker's toolkit and its evolution
- Understanding the attacker's business model
- Advanced persistent threats (APTs)
- Thinking like an attacker - Identifying weaknesses
- Profiling potential adversaries
- Mapping and hunting exposed assets
- Vulnerability management and patch prioritization
- Threat intelligence for indicators of compromise (IoCs)
- Understanding TTPs
- Understanding TTPs and common patterns
- Exploitation techniques and vulnerability exploits
- Persistence mechanisms
- Evasion techniques and anti-forensics
- Living off the land attacks
- Defensive countermeasures - Turning the tables
- Mindset shift in defense
- Building adaptive defenses
- Strategic countermeasures
- Summary
- Key takeaways
- Further reading
- Chapter 5: Uncovering Weak Points through an Adversarial Lens
- Profiling organizational risks
- Organizational data profiling
- Adversarial simulation
- Prioritizing risks with an attacker's mindset
- DiD for security organizations with red/blue teams
- Building effective red/blue teams
- Conducting realistic red team engagements
- Translating insights into actions
- Targeted approach to controls and strategies
- Leveraging risk profiling
- Building on red team exercises
- Summary
- Key takeaways
- Further reading
- Chapter 6: Mapping Attack Vectors and Gaining an Edge
- The anatomy of common attack vectors
- Network exploits
- Web application attacks
- Social engineering
- Insider threats
- Supply chain attacks
- Physical attacks
- Linking attack vectors to attacker profiles
- Defensive information gathering
- Key profiling indicators
- Building proactive defensive programs
- Summary
- Key takeaways
- Further reading
- Chapter 7: Building a Proactive Layered Defense Strategy
- Principle of zero trust
- Core principles of zero trust
- Practical implementation of zero trust
- BeyondCorp - A real-world case study
- Designing attacker-informed defense
- Zero trust - Good start, not foolproof
- Controls with attacker disruption in mind
- Defense in depth, evolved from the inside
- Utilizing SOAR
- Real-world SOAR defense use cases
- Integrating SOAR for enhanced resilience
- Defense as an open loop
- No defense is 100% airtight
- Evolving attacker methodologies
- Summary
- Key takeaways
- Further reading
- Part 3: Adapting and Evolving with Defense in Depth - The Threat Landscape
- Chapter 8: Understanding Emerging Threats and Defense in Depth
- Emerging threat environment
- Evolving ransomware operations
- The rise of deceptive attacks
- AI-powered exploits
- Adapting DiD to new threats
- Dynamic risk assessment for prioritization
- Deception-based defenses as a core layer
- Smart incident response
- Balancing user experience
- Emerging tech for the next generation
- Advanced technologies in defense
- Advanced encryption and zero-knowledge techniques
- Security by AI
- Security of AI
- Context-aware risk mitigation
- Futureproof defense strategy
- Summary
- Key takeaways
- Future reading
- Chapter 9: The Human Factor - Security Awareness and Training
- Security as a chain
- The human element in security
- Production access
- Developer productivity
- Security versus usability
- Insider threats
- Security and reliability
- Improving reliability with security
- Understanding "what's in it for them"
- Building secure and reliable systems
- Security is everyone's responsibility
- Common challenges security teams face
- Your security toolkit
- Summary
- Key takeaways
- Further reading
- Chapter 10: Defense in Depth - A Living, Breathing Approach to Security
- Security is relative
- The complexity factor
- Legacy systems
- Complex and side-channel attacks
- Operationalizing DiD with the SSDF
- Understanding the SSDF
- Secure design and requirements
- Secure development practices
- Secure deployment and testing
- Secure operation and maintenance
- Continuously monitoring and improving security posture
- Changing the mindset
- Building a culture of continuous improvement
- Security tomorrow - Sustaining a living DiD
- The defender's mindset
- The automation imperative
- DiD as an organizational value
- Summary
- Key takeaways
- Further reading
- Index
- Other Books You May Enjoy
