Security Operations in Practice
by Mike Sheward
- Length: 251 pages
- Edition: 1
- Language: English
- Publisher: BCS
- Publication Date: 2020-02-29
- ISBN-10: 178017506X
- ISBN-13: 9781780175065
- Sales Rank: #4901402 (See Top 100 Books)
Security operations departments are growing in importance and recognition; they are responsible for the secure day to day running of an organisation’s network, endpoint, application, identity and physical security controls. This book walks you through how to establish and grow a strong security operations team, including hiring the right people, knowing when to build a tool rather than buy, and crafting procedures that allow the team to detect and respond to a wide variety of security threats.
List of figures and tables About the author Foreword Acknowledgements Abbreviations Glossary Useful websites Preface 1. INTRODUCTION What is security operations? Blue and red The blue team The red team Purple teams How this book fits in References 2. ESTABLISHING A SECURITY OPERATIONS TEAM Hiring for security operations Roles Priorities and procedures Putting it into practice Summary PART I: BLUE TEAMS 3. MONITORING NETWORKS AND CLOUDS Network fundamentals Monitoring the network The cloud Summary References 4. MANAGING ENDPOINT DEVICES Endpoint types Minimum equipment list Endpoint hardening Summary References 5. PROTECTING DATA Confidentiality, integrity and availability Securing servers Cloud storage Database security Backups Summary References 6. IDENTITY AND ACCESS MANAGEMENT IAM terminology Goals of IAM IAM tools Checks and balances Summary Reference 7. INCIDENT DETECTION AND RESPONSE Security incident basics Organisational structure Security incident identification On-call First responders The security operations centre Digital forensics Summary Reference 8. VULNERABILITY MANAGEMENT Building a programme Evolution of vulnerability management Summary References 9. BUILDING RELATIONSHIPS AND TRUST Trust within the enterprise Trust outside the enterprise Summary 10. BEYOND THE ENTERPRISE Open-source intelligence Social media monitoring Employee safety Summary Reference PART II: RED TEAMS 11. RED TEAMING AND THREAT HUNTING What is red teaming? Building your red team Penetration testing Threat hunting Summary References 12. BUILDING BESPOKE TOOLS Test automation Exploitation tools Social engineering tools Reporting tools Summary References 13. PHYSICAL SECURITY Physical security controls Environmental security Convergent physical security Physical security testing Summary Reference 14. CONCLUSION Security operations in a new age of security and privacy Great power demands great people The future of security operations Never stop building Endnotes Index
Donate to keep this site alive
To access the Link, solve the captcha.
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.