عنوان

Professional Red teaming :

(Number (ISBN

1484243099

(Number (ISBN

1484243102

(Number (ISBN

9781484243091

(Number (ISBN

9781484243107

Erroneous ISBN

1484243080

Erroneous ISBN

9781484243084

Title Proper

Professional Red teaming :

General Material Designation

[Book]

Other Title Information

conducting successful cybersecurity engagements /

First Statement of Responsibility

Jacob G. Oakley.

Place of Publication, Distribution, etc.

[Berkeley, CA] :

Name of Publisher, Distributor, etc.

Apress,

Date of Publication, Distribution, etc.

2019.

Specific Material Designation and Extent of Item

1 online resource

Text of Note

Includes index.

Text of Note

Intro; Table of Contents; About the Author; About the Technical Reviewer; Acknowledgments; Introduction; Chapter 1: Red Teams in Cyberspace; Intentions; Advantages; Evaluating Preparedness; Evaluating Defenses; Evaluating Monitoring; Evaluating Responses; Disadvantages; Summary; Chapter 2: Why Human Hackers?; Innovation and Automation; Modeling Technology; Nonpivot Technology; Pivoting and Exploiting Technology; Automation Advantages and Disadvantages; Advantages; Disadvantages; Active; Passive; Example Scenarios; Scenario 1; Scenario 2; Scenario 3; Scenario 4; Threat Hunting; Summary

Text of Note

CAPTR TeamingWorst-case Risk Analysis and Scoping; Critical Initialization Perspective; Reverse Pivot Chaining; Contrast; Zero Day; Insider Threats; Efficiency; Introduced Risk; Disadvantages; Summary; Chapter 10: Outcome-oriented Scoping; Worst-case Risk Assessment; The Right Stuff; Operational Personnel; Technical Personnel; Assessor Personnel; Example Scope; Centrality Analysis; Summary; Chapter 11: Initialization Perspectives; External Initialization Perspective; DMZ Initialization Perspective; Internal Initialization Perspective; Critical Initialization Perspective

Text of Note

Chapter 3: The State of Modern Offensive SecurityThe Challenge of Advanced Persistent Threats; More Capable; More Time; Infinite Scope; No Rules of Engagement; Environmental Challenges; Regulatory Standards; Limited Innovation; Misconceptions; Adversarial Customers; Technical Personnel; Managerial Personnel; User Personnel; Personnel Conclusion; Effective Red Team Staffing; Summary; Chapter 4: Shaping; Who; Customer Technical Personnel; Customer Operational Personnel; Provider Technical Personnel; Provider Operational Personnel; When; Preventing Incidents; Balancing Scope Attributes; What

Text of Note

Leaving the TargetExample Operational Notes; Summary; Chapter 7: Reporting; Necessary Inclusions; Types of Findings; Exploited Vulnerabilities; Nonexploited Vulnerabilities; Technical Vulnerabilities; Nontechnical Vulnerabilities; Documenting Findings; Findings Summaries; Individual Findings; Briefing; The No-Results Assessment; Summary; Chapter 8: Purple Teaming; Challenges; People Problems; Customer Needs; Types of Purple Teaming; Reciprocal Awareness; Unwitting Host; Unwitting Attacker; Red-Handed Testing; Catch and Release; The Helpful Hacker; Summary; Chapter 9: Counter-APT Red Teaming

Text of Note

Motivation of the AssessmentPrior Testing; Existing Security; Scope Footprint; Inorganic Constraints; Summary; Chapter 5: Rules of Engagement; Activity Types; Physical; Social Engineering; External Network; Internal Network; Pivoting; Wireless Network; Category; Escalation of Force; Incident Handling; Tools; Certification Requirements; Personnel Information; Summary; Chapter 6: Executing; Staffing; The Professional Hacker; Best Practices; Check the ROE; Acknowledge Activity; Operational Tradecraft; Operational Notes; Enumeration and Exploitation; Postaccess Awareness; System Manipulation

0

8

8

8

8

Text of Note

Use this unique book to leverage technology when conducting offensive security engagements. You will understand practical tradecraft, operational guidelines, and offensive security best practices as carrying out professional cybersecurity engagements is more than exploiting computers, executing scripts, or utilizing tools. Professional Red Teaming introduces you to foundational offensive security concepts. The importance of assessments and ethical hacking is highlighted, and automated assessment technologies are addressed. The state of modern offensive security is discussed in terms of the unique challenges present in professional red teaming. Best practices and operational tradecraft are covered so you feel comfortable in the shaping and carrying out of red team engagements. Anecdotes from actual operations and example scenarios illustrate key concepts and cement a practical understanding of the red team process. You also are introduced to counter advanced persistent threat red teaming (CAPTR teaming). This is a reverse red teaming methodology aimed at specifically addressing the challenges faced from advanced persistent threats (APTs) by the organizations they target and the offensive security professionals trying to mitigate them. What You'll Learn: Understand the challenges faced by offensive security assessments Incorporate or conduct red teaming to better mitigate cyber threats Initiate a successful engagement Get introduced to counter-APT red teaming (CAPTR) Evaluate offensive security processes.

Source for Acquisition/Subscription Address

Springer Nature

Stock Number

com.springer.onix.9781484243091

Title

Professional Red teaming.

International Standard Book Number

9781484243084

Computer security.

Computer security.

COMPUTERS-- Security-- General.

COM-- 053000

UR

UR

Number

Edition

Class number

Oakley, Jacob G.

Date of Transaction

20200823032704.0

Cataloguing Rules (Descriptive Conventions))

pn

Electronic name

[Book]

Y