Professional Red teaming : conducting successful cybersecurity engagements /: conducting successful cybersecurity engagements. (2019)
- Record Type:
- Book
- Title:
- Professional Red teaming : conducting successful cybersecurity engagements /: conducting successful cybersecurity engagements. (2019)
- Main Title:
- Professional Red teaming : conducting successful cybersecurity engagements
- Further Information:
- Note: Jacob G. Oakley.
- Authors:
- Oakley, Jacob G
- Contents:
- Intro; Table of Contents; About the Author; About the Technical Reviewer; Acknowledgments; Introduction; Chapter 1: Red Teams in Cyberspace; Intentions; Advantages; Evaluating Preparedness; Evaluating Defenses; Evaluating Monitoring; Evaluating Responses; Disadvantages; Summary; Chapter 2: Why Human Hackers?; Innovation and Automation; Modeling Technology; Nonpivot Technology; Pivoting and Exploiting Technology; Automation Advantages and Disadvantages; Advantages; Disadvantages; Active; Passive; Example Scenarios; Scenario 1; Scenario 2; Scenario 3; Scenario 4; Threat Hunting; Summary Chapter 3: The State of Modern Offensive SecurityThe Challenge of Advanced Persistent Threats; More Capable; More Time; Infinite Scope; No Rules of Engagement; Environmental Challenges; Regulatory Standards; Limited Innovation; Misconceptions; Adversarial Customers; Technical Personnel; Managerial Personnel; User Personnel; Personnel Conclusion; Effective Red Team Staffing; Summary; Chapter 4: Shaping; Who; Customer Technical Personnel; Customer Operational Personnel; Provider Technical Personnel; Provider Operational Personnel; When; Preventing Incidents; Balancing Scope Attributes; What Motivation of the AssessmentPrior Testing; Existing Security; Scope Footprint; Inorganic Constraints; Summary; Chapter 5: Rules of Engagement; Activity Types; Physical; Social Engineering; External Network; Internal Network; Pivoting; Wireless Network; Category; Escalation of Force; Incident Handling; Tools;Intro; Table of Contents; About the Author; About the Technical Reviewer; Acknowledgments; Introduction; Chapter 1: Red Teams in Cyberspace; Intentions; Advantages; Evaluating Preparedness; Evaluating Defenses; Evaluating Monitoring; Evaluating Responses; Disadvantages; Summary; Chapter 2: Why Human Hackers?; Innovation and Automation; Modeling Technology; Nonpivot Technology; Pivoting and Exploiting Technology; Automation Advantages and Disadvantages; Advantages; Disadvantages; Active; Passive; Example Scenarios; Scenario 1; Scenario 2; Scenario 3; Scenario 4; Threat Hunting; Summary Chapter 3: The State of Modern Offensive SecurityThe Challenge of Advanced Persistent Threats; More Capable; More Time; Infinite Scope; No Rules of Engagement; Environmental Challenges; Regulatory Standards; Limited Innovation; Misconceptions; Adversarial Customers; Technical Personnel; Managerial Personnel; User Personnel; Personnel Conclusion; Effective Red Team Staffing; Summary; Chapter 4: Shaping; Who; Customer Technical Personnel; Customer Operational Personnel; Provider Technical Personnel; Provider Operational Personnel; When; Preventing Incidents; Balancing Scope Attributes; What Motivation of the AssessmentPrior Testing; Existing Security; Scope Footprint; Inorganic Constraints; Summary; Chapter 5: Rules of Engagement; Activity Types; Physical; Social Engineering; External Network; Internal Network; Pivoting; Wireless Network; Category; Escalation of Force; Incident Handling; Tools; Certification Requirements; Personnel Information; Summary; Chapter 6: Executing; Staffing; The Professional Hacker; Best Practices; Check the ROE; Acknowledge Activity; Operational Tradecraft; Operational Notes; Enumeration and Exploitation; Postaccess Awareness; System Manipulation Leaving the TargetExample Operational Notes; Summary; Chapter 7: Reporting; Necessary Inclusions; Types of Findings; Exploited Vulnerabilities; Nonexploited Vulnerabilities; Technical Vulnerabilities; Nontechnical Vulnerabilities; Documenting Findings; Findings Summaries; Individual Findings; Briefing; The No-Results Assessment; Summary; Chapter 8: Purple Teaming; Challenges; People Problems; Customer Needs; Types of Purple Teaming; Reciprocal Awareness; Unwitting Host; Unwitting Attacker; Red-Handed Testing; Catch and Release; The Helpful Hacker; Summary; Chapter 9: Counter-APT Red Teaming CAPTR TeamingWorst-case Risk Analysis and Scoping; Critical Initialization Perspective; Reverse Pivot Chaining; Contrast; Zero Day; Insider Threats; Efficiency; Introduced Risk; Disadvantages; Summary; Chapter 10: Outcome-oriented Scoping; Worst-case Risk Assessment; The Right Stuff; Operational Personnel; Technical Personnel; Assessor Personnel; Example Scope; Centrality Analysis; Summary; Chapter 11: Initialization Perspectives; External Initialization Perspective; DMZ Initialization Perspective; Internal Initialization Perspective; Critical Initialization Perspective … (more)
- Publisher Details:
- Berkeley, CA : Apress
- Publication Date:
- 2019
- Extent:
- 1 online resource
- Subjects:
- 005.8
Computer security
COMPUTERS / Security / General
Electronic books
Electronic books - Languages:
- English
- ISBNs:
- 9781484243091
1484243099 - Related ISBNs:
- 9781484243084
1484243080 - Notes:
- Note: Online resource; title from PDF title page (SpringerLink, viewed March 13, 2019).
- Access Rights:
- Legal Deposit; Only available on premises controlled by the deposit library and to one user at any one time; The Legal Deposit Libraries (Non-Print Works) Regulations (UK).
- Access Usage:
- Restricted: Printing from this resource is governed by The Legal Deposit Libraries (Non-Print Works) Regulations (UK) and UK copyright law currently in force.
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD.DS.396222
- Ingest File:
- 02_417.xml