COVID-19 Update: We are currently shipping orders daily. However, due to transit disruptions in some geographies, deliveries may be delayed. To provide all customers with timely access to content, we are offering 50% off Science and Technology Print & eBook bundle options. Terms & conditions.
Advanced Persistent Security - 1st Edition - ISBN: 9780128093160, 9780128093658

Advanced Persistent Security

1st Edition

A Cyberwarfare Approach to Implementing Adaptive Enterprise Protection, Detection, and Reaction Strategies

Authors: Ira Winkler Araceli Treu Gomes
Paperback ISBN: 9780128093160
eBook ISBN: 9780128093658
Imprint: Syngress
Published Date: 22nd November 2016
Page Count: 260
Sales tax will be calculated at check-out Price includes VAT/GST
Price includes VAT/GST

Institutional Subscription

Secure Checkout

Personal information is secured with SSL technology.

Free Shipping

Free global shipping
No minimum order.


Advanced Persistent Security covers secure network design and implementation, including authentication, authorization, data and access integrity, network monitoring, and risk assessment. Using such recent high profile cases as Target, Sony, and Home Depot, the book explores information security risks, identifies the common threats organizations face, and presents tactics on how to prioritize the right countermeasures.

The book discusses concepts such as malignant versus malicious threats, adversary mentality, motivation, the economics of cybercrime, the criminal infrastructure, dark webs, and the criminals organizations currently face.

Key Features

  • Contains practical and cost-effective recommendations for proactive and reactive protective measures
  • Teaches users how to establish a viable threat intelligence program
  • Focuses on how social networks present a double-edged sword against security programs


Security and network professionals tasked with designing and implementing information security programs

Table of Contents

Chapter 1. What Is Advanced Persistent Security?

  • Protection
  • Detection
  • Reaction
  • Defense in Depth
  • What is Advanced Persistent Security?
  • Advanced Persistent Threat and Advanced Persistent Security
  • Applying Advanced Persistent Security to the Sony Hack

Section 1. Concepts/Foundation


Chapter 2. Cyberwarfare Concepts

  • Confidentiality, Integrity, and Availability
  • Computer Network Attack
  • Computer Network Exploitation
  • Computer Network Defense

Chapter 3. What Is Proaction?

  • Kill Chain Basics
  • Changing the Game
  • Threat Hunting
  • Summary

Chapter 4. Risk Management

  • Death by 1000 Cuts
  • Understanding Risk
  • Risk Optimization Versus Risk Minimization
  • Practical Implementation
  • Getting the Budget You Need, Not the Budget You Deserve

Chapter 5. How to Hack Computers

  • Security Researchers
  • Two Ways to Hack a Computer or Other Technology
  • Technology Is Irrelevant

Chapter 6. Threat

  • Why Threats Are Important to Consider
  • Who Threats Versus What Threats
  • Malignant Threats Versus Malicious Threats
  • Adversary Categorization
  • Threat Summary

Chapter 7. Adversary Infrastructure

  • Highly Sophisticated Adversary Infrastructure
  • Deep/Dark Web
  • Tor
  • Bitcoin
  • Botnets
  • Ransomware
  • Security Researchers
  • Leased or Purchased Malware
  • Brokerage or Escrow of Data
  • Hackers for Hire
  • Encrypted Apps
  • Summary

Section 2. Protection


Chapter 8. Governance

  • The Importance of Security Policies, Standards, Guidelines, and Procedures
  • Standards
  • Policies
  • Procedures
  • Guidelines
  • Summary

Chapter 9. Vulnerabilities to Address

  • Operational Vulnerabilities
  • Personnel Vulnerabilities
  • Physical Vulnerabilities
  • Technical Vulnerabilities
  • Summary

Chapter 10. Countermeasures

  • Operational Countermeasures
  • Personnel Countermeasures
  • Physical Countermeasures
  • Technical Countermeasures
  • Summary

Chapter 11. Security Culture

  • What is Security Culture?
  • Forming a Security Culture
  • The ABCs of Behavior
  • Elements of a Security Awareness Program
  • Management Support
  • Summary

Chapter 12. What Is Threat Intelligence?

  • Types of Threat Intelligence
  • Threat Intelligence Platforms
  • Threat Intelligence Platform Capabilities
  • Summary

Section 3. Detection


Chapter 13. What Is Detection?

  • Prevention Is Insufficient
  • Lasting Damage Follows After Initial Compromise
  • Determine What Is to Be Detected
  • Determine where to Look
  • Enable the Detection Capabilities that you have
  • Human Intrusion Detection Systems
  • Summary

Chapter 14. Detection Deficit Disorder

  • What Is ADD?
  • What Is DDD?
  • Diagnosing DDD
  • Treating DDD
  • Summary

Chapter 15. The Human Intrusion Detection System

  • Perform Positive Outreach
  • If You See Something, Say Something
  • Knowing What to Look for
  • It's Better to Be Safe Than Sorry
  • Eliminate Punishments When Reporting Incidents
  • Implement Rewards for Detection
  • Knowing How to Report Things
  • Summary

Chapter 16. Kill Chain Analysis

  • Why the Kill Chain Is in Detection
  • What Is a Kill Chain?
  • The Cyber Kill Chain
  • Applying the Cyber Kill Chain to Detection
  • Applying the Kill Chain to Protection and Reaction
  • Summary

Section 4. Reaction


Chapter 17. Setting Reaction Strategy

  • Executive Support
  • Define Your Team
  • Define an Incident
  • Controls Success Versus Program Success
  • Metrics: A Tale of Two Lenses
  • Summary

Chapter 18. Incident Response and Investigations

  • Incident Response is Complicated
  • Proper Training
  • Order of Operations
  • The IR Imperative
  • Houston, We Have a Standard!
  • Response Readiness Assessment
  • Forensic Readiness
  • Summary

Section 5. Implementation


Chapter 19. Know Yourself

  • Is There Proper Governance in Place?
  • How Many People Are There in the Enterprise?
  • What Is the Range of Job Functions?
  • What Information Is Involved?
  • What Industry Are You in?
  • What Is Your Technology Posture?
  • Are There Special Technologies in Use?
  • Do You Understand Your Network?
  • Perform a Security Assessment
  • What Is Your Physical Security Posture?
  • How Is Data Transported?
  • Who Are Your Adversaries?
  • What Is the Security Posture of Similar Enterprises?
  • Summary

Chapter 20. Know Your Adversaries

  • List the Most Likely Threats
  • Detail the Likely Attack Strategies
  • Define Vulnerabilities to Be Exploited
  • Prioritize Vulnerabilities by Potential Loss and Likelihood to Be Exploited
  • Summary

Chapter 21. Define Your Strategy

  • Implement Proper Governance
  • Assess the Program in Place
  • Review Past Incidents
  • Determine Information and Other Resources
  • Review The Vulnerability Analysis
  • Create Potential Attack Scenarios
  • Summary

Chapter 22. Determining the Appropriate Countermeasures

  • Addressing Vulnerabilities
  • Evaluate the Completeness of Protection, Detection, and Reaction
  • Performing a Cost/Benefit Sanity Check
  • Summary

Chapter 23. Advanced Persistent Security

  • Adaptive Persistent Security
  • Summary


No. of pages:
© Syngress 2017
22nd November 2016
Paperback ISBN:
eBook ISBN:

About the Authors

Ira Winkler

Ira Winkler, CISSP is President of the Internet Security Advisors Group. He is considered one of the world’s most influential security professionals, and has been named a “Modern Day James Bond” by the media. He obtained this status by identifying common trends in the way information and computer systems are compromised. He did this by performing penetration tests, where he physically and technically “broke into” some of the largest companies in the World and investigating crimes against them, and telling them how to cost effectively protect their information and computer infrastructure. He continues to perform these penetration tests, as well as assisting organizations in developing cost effective security programs. Ira also won the Hall of Fame award from the Information Systems Security Association.

Ira is also author of the riveting, entertaining, and educational book, Spies Among Us. He is also a regular contributor to

Mr. Winkler began his career at the National Security Agency, where he served as an Intelligence and Computer Systems Analyst. He moved onto support other US and overseas government military and intelligence agencies. After leaving government service, he went on to serve as President of the Internet Security Advisors Group and Director of Technology of the National Computer Security Association. He was also on the Graduate and Undergraduate faculties of the Johns Hopkins University and the University of Maryland.

Mr. Winkler has also written the book Corporate Espionage, which has been described as the bible of the Information Security field, and the bestselling Through the Eyes of the Enemy. Both books address the threats that companies face protecting their information. He has also written over 100 professional and trade articles. He has been featured and frequently appears on TV on every continent. He has also been featured in magazines and newspapers including Forbes, USA Today, and Wall Street Journal.

Affiliations and Expertise

(CISSP), President, Internet Security Advisors Group; author of Spies Among Us

Araceli Treu Gomes

Araceli Treu Gomes is an Intelligence and Investigations Subject Matter Expert for Dell SecureWorks. She holds certifications in privacy and computer forensics, and serves on several cybersecurity industry boards. Araceli writes for Computerworld and CSO Magazine and is an active speaker at conferences around the world.

Affiliations and Expertise

Intelligence and Investigations Subject Manager, Dell SecureWorks


"...this book couldn’t be more topical…it provides those who are tasked to implement an organization’s security strategy with an easy-to-follow plan of action to cover – and keep covering – all their bases." --Help Net Security

"The authors propose methods for more adaptive and comprehensive approaches to information security…For those looking for a methodology to create a more robust information security program, Advanced Persistent Security is a valuable resource."

Ratings and Reviews