Building an Intelligence-Led Security Program - 1st Edition - ISBN: 9780128021453, 9780128023709

Building an Intelligence-Led Security Program

1st Edition

Authors: Allan Liska
eBook ISBN: 9780128023709
Paperback ISBN: 9780128021453
Imprint: Syngress
Published Date: 5th December 2014
Page Count: 200
Tax/VAT will be calculated at check-out Price includes VAT (GST)
30% off
30% off
30% off
30% off
30% off
20% off
20% off
30% off
30% off
30% off
30% off
30% off
20% off
20% off
30% off
30% off
30% off
30% off
30% off
20% off
20% off
69.95
48.97
48.97
48.97
48.97
48.97
55.96
55.96
42.99
30.09
30.09
30.09
30.09
30.09
34.39
34.39
53.95
37.77
37.77
37.77
37.77
37.77
43.16
43.16
Unavailable
Price includes VAT (GST)
× DRM-Free

Easy - Download and start reading immediately. There’s no activation process to access eBooks; all eBooks are fully searchable, and enabled for copying, pasting, and printing.

Flexible - Read on multiple operating systems and devices. Easily read eBooks on smart phones, computers, or any eBook readers, including Kindle.

Open - Buy once, receive and download all available eBook formats, including PDF, EPUB, and Mobi (for Kindle).

Institutional Access

Secure Checkout

Personal information is secured with SSL technology.

Free Shipping

Free global shipping
No minimum order.

Description

As recently as five years ago, securing a network meant putting in a firewall, intrusion detection system, and installing antivirus software on the desktop. Unfortunately, attackers have grown more nimble and effective, meaning that traditional security programs are no longer effective.

Today's effective cyber security programs take these best practices and overlay them with intelligence. Adding cyber threat intelligence can help security teams uncover events not detected by traditional security platforms and correlate seemingly disparate events across the network. Properly-implemented intelligence also makes the life of the security practitioner easier by helping him more effectively prioritize and respond to security incidents.

The problem with current efforts is that many security practitioners don't know how to properly implement an intelligence-led program, or are afraid that it is out of their budget. Building an Intelligence-Led Security Program is the first book to show how to implement an intelligence-led program in your enterprise on any budget. It will show you how to implement a security information a security information and event management system, collect and analyze logs, and how to practice real cyber threat intelligence. You'll learn how to understand your network in-depth so that you can protect it in the best possible way.

Key Features

  • Provides a roadmap and direction on how to build an intelligence-led information security program to protect your company.
  • Learn how to understand your network through logs and client monitoring, so you can effectively evaluate threat intelligence.
  • Learn how to use popular tools such as BIND, SNORT, squid, STIX, TAXII, CyBox, and splunk to conduct network intelligence.

Readership

IT security professionals like security auditors, security engineers, compliance specialists, etc.; IT professionals like network administrators, IT managers, security managers, security analysts, directors of security, etc.

Table of Contents

  • Dedication
  • Introduction
  • About the Author
  • About the Technical Editor
  • Acknowledgments
  • Chapter 1: Understanding the threat
    • Abstract
    • Introduction
    • A brief of history of network security
    • Understanding the current threat
    • The coming threats
    • Conclusion
  • Chapter 2: What is intelligence?
    • Abstract
    • Introduction
    • Defining intelligence
    • The intelligence cycle
    • Types of intelligence
    • The professional analyst
    • Denial and deception
    • Intelligence throughout the ages
    • Conclusion
  • Chapter 3: Building a network security intelligence model
    • Abstract
    • Introduction
    • Defining cyber threat intelligence
    • The anatomy of an attack
    • Approaching cyber attacks differently
    • Incorporating the intelligence lifecycle into security workflow
    • Automation
    • Conclusion
  • Chapter 4: Gathering data
    • Abstract
    • Introduction
    • The continuous monitoring framework
    • NIST cybersecurity framework
    • Security + intelligence
    • The business side of security
    • Planning a phased approach
    • Conclusion
  • Chapter 5: Internal intelligence sources
    • Abstract
    • Introduction
    • Asset, vulnerability, and configuration management
    • Network logging
    • Network monitoring
    • Conclusion
  • Chapter 6: External intelligence sources
    • Abstract
    • Introduction
    • Brand monitoring versus intelligence
    • Asset, vulnerability, and configuration management
    • Network logging
    • Network monitoring
    • Protecting against zero-day attacks
    • Incident response and intelligence
    • Collaborative research into threats
    • Conclusion
  • Chapter 7: Fusing internal and external intelligence
    • Abstract
    • Introduction
    • Security awareness training
    • OpenIOC, CyBOX, STIX, and TAXII
    • Threat intelligence management platforms
    • Big data security analytics
    • Conclusion
  • Chapter 8: CERTs, ISACs, and intelligence-sharing communities
    • Abstract
    • Introduction
    • CERTs and CSIRTs
    • ISACs
    • Intelligence-sharing communities
    • Conclusion
  • Chapter 9: Advanced intelligence capabilities
    • Abstract
    • Introduction
    • Malware analysis
    • Honeypots
    • Intrusion deception
    • Conclusion
  • Index

Details

No. of pages:
200
Language:
English
Copyright:
© Syngress 2015
Published:
Imprint:
Syngress
eBook ISBN:
9780128023709
Paperback ISBN:
9780128021453

About the Author

Allan Liska

Allan Liska has more than 15 years of experience in the world of information security. Mr. Liska has worked both as a security practitioner and an ethical hacker, so he is familiar with both sides of the security aisle and, through his work at Symantec and iSIGHT Partners, has helped countless organizations improve their security posture using more effective intelligence.

In addition to security experience, Mr. Liska also authored the book The Practice of Network Security and contributed the security-focused chapters to The Apache Administrators Handbook.

Affiliations and Expertise

Allan Liska, security practitioner, Symantec and iSIGHT.