COVID-19 Update: We are currently shipping orders daily. However, due to transit disruptions in some geographies, deliveries may be delayed. To provide all customers with timely access to content, we are offering 50% off Science and Technology Print & eBook bundle options. Terms & conditions.
Advanced Persistent Threat - 1st Edition - ISBN: 9781597499491, 9781597499552

Advanced Persistent Threat

1st Edition

Understanding the Danger and How to Protect Your Organization

Author: Eric Cole
Paperback ISBN: 9781597499491
eBook ISBN: 9781597499552
Imprint: Syngress
Published Date: 13th November 2012
Page Count: 320
Sales tax will be calculated at check-out Price includes VAT/GST
Price includes VAT/GST

Institutional Subscription

Secure Checkout

Personal information is secured with SSL technology.

Free Shipping

Free global shipping
No minimum order.


The newest threat to security has been categorized as the Advanced Persistent Threat or APT. The APT bypasses most of an organization’s current security devices, and is typically carried out by an organized group, such as a foreign nation state or rogue group with both the capability and the intent to persistently and effectively target a specific entity and wreak havoc. Most organizations do not understand how to deal with it and what is needed to protect their network from compromise. In Advanced Persistent Threat: Understanding the Danger and How to Protect your Organization Eric Cole discusses the critical information that readers need to know about APT and how to avoid being a victim.

Advanced Persistent Threat is the first comprehensive manual that discusses how attackers are breaking into systems and what to do to protect and defend against these intrusions.

Key Features

  • How and why organizations are being attacked
  • How to develop a "Risk based Approach to Security"
  • Tools for protecting data and preventing attacks
  • Critical information on how to respond and recover from an intrusion
  • The emerging threat to Cloud based networks


IT Security Professionals (Security Auditors, Security Engineers, Compliance Specialists, etc.), IT Professionals (Network Administrators, IT Managers, Security Managers, Security Analysts, Directors of Security, etc.)

Table of Contents


Author Biography


Section I. Understanding the Problem

Chapter 1. The Changing Threat


The Current Landscape

Organizations View on Security

You will be Compromised

The Cyber ShopLifter

The New Defense in Depth

Proactive vs Reactive

Loss of Common Sense

It is All About Risk

What Was In Place?

Pain Killer Security

Reducing the Surface Space

HTML Embedded Email

Buffer Overflows

Macros in Office Documents

The Traditional Threat

Common Cold

Reactive Security


The Emerging Threat

APT—Cyber Cancer

Advanced Persistent Threat (APT)

APT—Stealthy, Targeted, and Data Focused

Characteristics of the APT

Defending Against the APT

APT vs Traditional Threat

Sample APT Attacks

APT Multi-Phased Approach


Chapter 2. Why are Organizations Being Compromised?


Doing Good Things and Doing the Right Things

Security is Not Helpless

Beyond Good or Bad

Attackers are in Your Network

Proactive, Predictive, and Adaptive

Example of How to Win

Data Centric Security

Money Does Not Equal Security

The New Approach to APT

Selling Security to Your Executives

Top Security Trends


Chapter 3. How are Organizations Being Compromised?


What are Attackers After?

Attacker Process




Create Backdoors

Cover Their Tracks

Compromising a Server

Compromising a Client

Insider Threat

Traditional Security


Dropped Packets

InBound Prevention and OutBound Detection

Intrusion Detection


Chapter 4. Risk-Based Approach to Security


Products vs. Solutions

Learning from the Past

What is Risk?

Focused Security

Formal Risk Model

Insurance Model

Calculating Risk


Section II. Emerging Trends

Chapter 5. Protecting Your Data


Data Discovery

Protected Enclaves

Everything Starts with Your Data


Data Classification


Types of Encryption

Goals of Encryption

Data at Rest

Data at Motion

Encryption—More Than You Bargained For

Network Segmentation and De-Scoping

Encryption Free Zone


Chapter 6. Prevention is Ideal but Detection is a Must


Inbound Prevention

Outbound Detection

Network vs. Host

Making Hard Decisions

Is AV/Host Protection Dead?


Chapter 7. Incident Response: Respond and Recover


The New Rule

Suicidal Mindset

Incident Response

Events/Audit Trails

Sample Incidents

6-Step Process

Forensic Overview


Chapter 8. Technologies for Success


Integrated Approach to APT

How Bad is the Problem?

Trying to Hit a Moving Target

Finding the Needle in the Haystack

Understand What You Have

Identifying APT

Minimizing the Problem

End to End Solution for the APT


Section III. The Future and How to Win

Chapter 9. The Changing Landscape: Cloud and Mobilization


You Cannot Fight the Cloud

Is the Cloud Really New?

What is the Cloud?

Securing the Cloud

Reducing Cloud Computing Risks

Mobilization—BYOD (Bring Your Own Device)

Dealing with Future Technologies


Chapter 10. Proactive Security and Reputational Ranking


Facing Reality

Predicting Attacks to Become Proactive

Changing How You Think About Security

The Problem has Changed

The APT Defendable Network


Chapter 11. Focusing in on the Right Security


What is the Problem That is Being Solved?

If the Offense Knows More Than the Defense You Will Loose

Enhancing User Awareness

Virtualized Sandboxing


White Listing


Chapter 12. Implementing Adaptive Security


Focusing on the Human

Focusing on the Data

Game Plan

Prioritizing Risks

Key Emerging Technologies

The Critical Controls




No. of pages:
© Syngress 2013
13th November 2012
Paperback ISBN:
eBook ISBN:

About the Author

Eric Cole

Dr. Eric Cole is an industry recognized security expert, technology visionary and scientist, with over 15 year’s hands-on experience. Dr. Cole currently performs leading edge security consulting and works in research and development to advance the state of the art in information systems security. Dr. Cole has over a decade of experience in information technology, with a focus on perimeter defense, secure network design, vulnerability discovery, penetration testing, and intrusion detection systems. Dr. Cole has a Masters in Computer Science from NYIT, and Ph.D. from Pace University with a concentration in Information Security. Dr. Cole is the author of several books to include Hackers Beware, Hiding in Plain Site, Network Security Bible and Insider Threat. He is also the inventor of over 20 patents and is a researcher, writer, and speaker for SANS Institute and faculty for The SANS Technology Institute, a degree granting institution.

Affiliations and Expertise

Independant network security consultant and speaker, USA


"Cole explains why advanced persistence threats are able to bypass security measures on many large computer systems and recommends how to protect an organization's data from these well-organized attackers." --Reference and Research Book News, August 2013

"This book should come in handy to anyone who's tasked with protecting an organization's networks… definitely worth it, as it is clear, concise, and thought provoking.", February 2013

Ratings and Reviews