The newest threat to security has been categorized as the Advanced Persistent Threat or APT. The APT bypasses most of an organization’s current security devices, and is typically carried out by an organized group, such as a foreign nation state or rogue group with both the capability and the intent to persistently and effectively target a specific entity and wreak havoc. Most organizations do not understand how to deal with it and what is needed to protect their network from compromise. In Advanced Persistent Threat: Understanding the Danger and How to Protect your Organization Eric Cole discusses the critical information that readers need to know about APT and how to avoid being a victim.
Advanced Persistent Threat is the first comprehensive manual that discusses how attackers are breaking into systems and what to do to protect and defend against these intrusions.
- How and why organizations are being attacked
- How to develop a "Risk based Approach to Security"
- Tools for protecting data and preventing attacks
- Critical information on how to respond and recover from an intrusion
- The emerging threat to Cloud based networks
IT Security Professionals (Security Auditors, Security Engineers, Compliance Specialists, etc.), IT Professionals (Network Administrators, IT Managers, Security Managers, Security Analysts, Directors of Security, etc.)
Section I. Understanding the Problem
Chapter 1. The Changing Threat
The Current Landscape
Organizations View on Security
You will be Compromised
The Cyber ShopLifter
The New Defense in Depth
Proactive vs Reactive
Loss of Common Sense
It is All About Risk
What Was In Place?
Pain Killer Security
Reducing the Surface Space
HTML Embedded Email
Macros in Office Documents
The Traditional Threat
The Emerging Threat
Advanced Persistent Threat (APT)
APT—Stealthy, Targeted, and Data Focused
Characteristics of the APT
Defending Against the APT
APT vs Traditional Threat
Sample APT Attacks
APT Multi-Phased Approach
Chapter 2. Why are Organizations Being Compromised?
Doing Good Things and Doing the Right Things
Security is Not Helpless
Beyond Good or Bad
Attackers are in Your Network
Proactive, Predictive, and Adaptive
Example of How to Win
Data Centric Security
Money Does Not Equal Security
The New Approach to APT
Selling Security to Your Executives
Top Security Trends
Chapter 3. How are Organizations Being Compromised?
What are Attackers After?
Cover Their Tracks
Compromising a Server
Compromising a Client
InBound Prevention and OutBound Detection
Chapter 4. Risk-Based Approach to Security
Products vs. Solutions
Learning from the Past
What is Risk?
Formal Risk Model
Section II. Emerging Trends
Chapter 5. Protecting Your Data
Everything Starts with Your Data
Types of Encryption
Goals of Encryption
Data at Rest
Data at Motion
Encryption—More Than You Bargained For
Network Segmentation and De-Scoping
Encryption Free Zone
Chapter 6. Prevention is Ideal but Detection is a Must
Network vs. Host
Making Hard Decisions
Is AV/Host Protection Dead?
Chapter 7. Incident Response: Respond and Recover
The New Rule
Chapter 8. Technologies for Success
Integrated Approach to APT
How Bad is the Problem?
Trying to Hit a Moving Target
Finding the Needle in the Haystack
Understand What You Have
Minimizing the Problem
End to End Solution for the APT
Section III. The Future and How to Win
Chapter 9. The Changing Landscape: Cloud and Mobilization
You Cannot Fight the Cloud
Is the Cloud Really New?
What is the Cloud?
Securing the Cloud
Reducing Cloud Computing Risks
Mobilization—BYOD (Bring Your Own Device)
Dealing with Future Technologies
Chapter 10. Proactive Security and Reputational Ranking
Predicting Attacks to Become Proactive
Changing How You Think About Security
The Problem has Changed
The APT Defendable Network
Chapter 11. Focusing in on the Right Security
What is the Problem That is Being Solved?
If the Offense Knows More Than the Defense You Will Loose
Enhancing User Awareness
Chapter 12. Implementing Adaptive Security
Focusing on the Human
Focusing on the Data
Key Emerging Technologies
The Critical Controls
- No. of pages:
- © Syngress 2013
- 13th November 2012
- eBook ISBN:
- Paperback ISBN:
Dr. Eric Cole is an industry recognized security expert, technology visionary and scientist, with over 15 year’s hands-on experience. Dr. Cole currently performs leading edge security consulting and works in research and development to advance the state of the art in information systems security. Dr. Cole has over a decade of experience in information technology, with a focus on perimeter defense, secure network design, vulnerability discovery, penetration testing, and intrusion detection systems. Dr. Cole has a Masters in Computer Science from NYIT, and Ph.D. from Pace University with a concentration in Information Security. Dr. Cole is the author of several books to include Hackers Beware, Hiding in Plain Site, Network Security Bible and Insider Threat. He is also the inventor of over 20 patents and is a researcher, writer, and speaker for SANS Institute and faculty for The SANS Technology Institute, a degree granting institution.
Independant network security consultant and speaker, USA
"Cole explains why advanced persistence threats are able to bypass security measures on many large computer systems and recommends how to protect an organization's data from these well-organized attackers." --Reference and Research Book News, August 2013
"This book should come in handy to anyone who's tasked with protecting an organization's networks… definitely worth it, as it is clear, concise, and thought provoking." --HelpNetSecurity.com, February 2013