Any good attacker will tell you that expensive security monitoring and prevention tools arenat enough to keep you secure. This practical book demonstrates a data-centric approach to distilling complex security monitoring, incident response, and threat analysis ideas into their most basic elements. Youall learn how to develop your own threat intelligence and incident detection strategy, rather than depend on security tools alone. Written by members of Ciscoas Computer Security Incident Response Team, this book shows IT and information security professionals how to create an InfoSec playbook by developing strategy, technique, and architecture. Learn incident response fundamentalsaand the importance of getting back to basics Understand threats you face and what you should be protecting Collect, mine, organize, and analyze as many relevant data sources as possible Build your own playbook of repeatable methods for security monitoring and response Learn how to put your plan into action and keep it running smoothly Select the right monitoring and detection tools for your environment Develop queries to help you sort through data and create valuable reports Know what actions to take during the incident response phaseThe amplification occurs when a relatively small request to a particular service from a spoofed source address ... Similar to the global calltoaction for email administrators in the 1990s shutting down spamming openmail relays, the widespread use and effect of reflective DDoS attacks has forced a global call to action for DNS administrators to identify and fix misconfigured Internet accessible DNS servers.
|Title||:||Crafting the InfoSec Playbook|
|Author||:||Jeff Bollinger, Brandon Enright, Matthew Valites|
|Publisher||:||"O'Reilly Media, Inc." - 2015-05-07|