Sponsored by Keepnet Labs

Cybersecurity Book Review by Government Technology -April 2020

Cybersecurity Book Review by Government Technology

Cybersecurity – Attack and Defense Strategies

This second edition book provides a great cybersecurity overview for technology and security professionals as well as a needed comprehensive guide for new cyber pros entering the security field.

BY DAN LOHRMANN APRIL 25, 2020 As published at Government Technology 

I am often asked to recommend a book that does a good (or great) job at covering the cybersecurity disciplines, problems and solutions from an academic perspective. Many people are looking for a comprehensive look at current technology basics, cutting-edge terminologies, new and old (but still working) approaches and more.

Going further, how does one systematically address cyberthreats, build a cybersecurity program, and maintain ongoing cyberdefenses?

I agreed to review Cybersecurity – Attack and Defense Strategies (Second Edition) because the book offered the promise of all of the above. This excellent book did not disappoint, and I highly recommend it for those looking for a comprehensive (610 pages) manual with a great index of terms at the end.

Here’s what you will learn:

  • The importance of having a solid foundation for your security posture
  • Use the cybersecurity kill chain to understand the attacks strategy
  • Boost your organization’s cyber resilience by improving your security policies, hardening your network, implementing active sensors, and leveraging threat intelligence
  • Utilize the latest defense tool, including Azure Sentinel and the Zero Trust Network strategy
  • Identify different types of cyberattacks such as SQL injection, and social engineering threats such as phishing emails
  • Perform an incident investigation using Azure Security Center and Azure Sentinel
  • Get an in-depth understanding of the disaster recovery process
  • Understand how to consistently monitor security and implement a vulnerability management strategy for on-premises and hybrid cloud
  • Learn how to perform log analysis using the cloud to identify suspicious activities including logs from Amazon Web Services and Azure

Dan Lohrmann Review

If you are looking for a book offering comprehensive coverage of cybersecurity, “Cybersecurity – Attack and Defense Strategies” is an excellent choice. It covers both offensive and defensive cyber strategies in a wide manner. Each of the sections could probably be a book of their own if the authors decide to do a deeper dive. Nevertheless, the essential topics are covered to address the named topics listed above.

The book also covers differing perspectives for various professional roles from managers to executives to the front-line analysts who use cybertools. The authors clearly know the material well, and both have written several other technical books. This is not a book with numerous cyber “war stories” regarding front-line battles and intriguing security narratives. Other (less-technical) books offer better personal cyber career stories.

Nevertheless, if you are a novice or an experience security professional, there is always more to learn. This book offers cyber coverage of topics that you may not address on a day-to-day basis, but need to cover occasionally. I really like the index of terms in the back for this purpose.

Overall, I give this book 5 stars for the comprehensive coverage of so much important cybersecurity material. I would not be surprised to see this as a cybersecurity text book at some universities.

 

You can order the book right from the below link :

Order From Amazon

Order From Packt Publishing

To Read more about the book

https://www.erdalozkaya.com/best-cybersecurity-books-to-read/

Cybersecurity Book Review by Government Technology

 

Cybersecurity – Attack and Defense Strategies – Second Edition:

Counter modern threats and employ state-of-the-art tools and techniques to protect your organization against cybercriminals

Updated and revised edition of the bestselling guide to developing defense strategies against the latest threats to cybersecurity

Key Features

  • Covers the latest security threats and defense strategies for 2020
  • Introduces techniques and skillsets required to conduct threat hunting and deal with a system breach
  • Provides new information on Cloud Security Posture Management, Microsoft Azure Threat Protection, Zero Trust Network strategies, Nation State attacks, the use of Azure Sentinel as a cloud-based SIEM for logging and investigation, and much more

Book Description

Cybersecurity – Attack and Defense Strategies, Second Edition is a completely revised new edition of the bestselling book, covering the very latest security threats and defense mechanisms including a detailed overview of Cloud Security Posture Management (CSPM) and an assessment of the current threat landscape, with additional focus on new IoT threats and cryptomining.

Cybersecurity starts with the basics that organizations need to know to maintain a secure posture against outside threat and design a robust cybersecurity program. It takes you into the mindset of a Threat Actor to help you better understand the motivation and the steps of performing an actual attack – the Cybersecurity kill chain. You will gain hands-on experience in implementing cybersecurity using new techniques in reconnaissance and chasing a user’s identity that will enable you to discover how a system is compromised, and identify and then exploit the vulnerabilities in your own system.

This book also focuses on defense strategies to enhance the security of a system. You will also discover in-depth tools, including Azure Sentinel, to ensure there are security controls in each network layer, and how to carry out the recovery process of a compromised system.

What you will learn

  • The importance of having a solid foundation for your security posture
  • Use cyber security kill chain to understand the attack strategy
  • Boost your organization’s cyber resilience by improving your security policies, hardening your network, implementing active sensors, and leveraging threat intelligence
  • Utilize the latest defense tools, including Azure Sentinel and Zero Trust Network strategy
  • Identify different types of cyberattacks, such as SQL injection, malware and social engineering threats such as phishing emails
  • Perform an incident investigation using Azure Security Center and Azure Sentinel
  • Get an in-depth understanding of the disaster recovery process
  • Understand how to consistently monitor security and implement a vulnerability management strategy for on-premises and hybrid cloud
  • Learn how to perform log analysis using the cloud to identify suspicious activities, including logs from Amazon Web Services and Azure

Who This Book Is For

For the IT professional venturing into the IT security domain, IT pentesters, security consultants, or those looking to perform ethical hacking. Prior knowledge of penetration testing is beneficial.

Share this post

Leave a Reply

Your email address will not be published. Required fields are marked *