This book is a little different to the ones I have been reading recently in that it is more general in a sense that it covers the whole cybersecurity umbrella regarding red and blue teaming and the like.
It’s nice every now and then to just read book like this every now and then over some others that are more like work, educational and reference books now this IS educational so don’t get me wrong but it’s not based in a specific subject so no need to really get the highlighters and post it notes out for it if you know what I mean.
What is the book about?
“Cybersecurity – Attack and Defense Strategies, Third Edition will bring you up to speed with the key aspects of threat assessment and security hygiene, the current threat landscape and its challenges, and how to maintain a strong security posture.
In this carefully revised new edition, you will learn about the Zero Trust approach and the initial Incident Response process. You will gradually become familiar with Red Team tactics, where you will learn basic syntax for commonly used tools to perform the necessary operations. You will also learn how to apply newer Red Team techniques with powerful tools. Simultaneously, Blue Team tactics are introduced to help you defend your system from complex cyber-attacks. This book provides a clear, in-depth understanding of attack/defense methods as well as patterns to recognize irregular behavior within your organization. Finally, you will learn how to analyze your network and address malware, while becoming familiar with mitigation and threat detection techniques.
By the end of this cybersecurity book, you will have discovered the latest tools to enhance the security of your system, learned about the security controls you need, and understood how to carry out each step of the incident response process.”
Who are the Authors?
Yuri Diogenes has a Master of Science in Cybersecurity Intelligence and Forensics Investigation from UTICA College, and is currently working on his PhD in Cybersecurity Leadership from Capitol Technology University. Yuri has been working at Microsoft since 2006 and, currently, he is a Principal PM Manager for the CxE Microsoft Defender for Cloud Team. Yuri has published a total of 26 books, mostly around information security and Microsoft technologies. Yuri is also a Professor at EC-Council University where he teaches at the Bachelor in Cybersecurity program. Yuri has an MBA and many IT/Security industry certifications, including CISSP, MITRE ATT&CK® Cyber Threat Intelligence Certified, E|CND, E|CEH, E|CSA, E|CHFI, CompTIA Security+, CySA+, Network+, CASP, and CyberSec First Responder.
Dr Erdal Ozkaya is known as a passionate, solutions-focused professional with a comprehensive, global background within the information technology, information security, and cybersecurity fields. He is committed to the delivery of accurate, accessible resources to inform individuals and organizations of cybersecurity and privacy matters in the internet age.
Erdal is a well-known public speaker, an award-winning technical expert, the author of more than 20 books, and a writer of certifications. Some of his recent awards are: Global Cybersecurity Leader of the year (InfoSec Awards), Best IT Blogs by Cisco (Top 5), Best CISO for Banking and Financial Sector, Top 50 Technology Leaders by IDC, and CIO Online & Microsoft Most Valuable Professional.
I genuinely had no idea who either of them was but they are definitely skilled enough to be teaching this by the looks of it all.
Table of Contents
- Security Posture
- Incident Response Process
- What is a Cyber Strategy?
- Understanding the Cybersecurity Kill Chain in the age of Cyber Attacks
- Compromising the System
- Chasing a User’s Identity
- Lateral Movement
- Privilege Escalation
- Security Policy
- Network Segmentation
- Active Sensors
- Threat Intelligence
- Investigating an Incident
- Recovery Process
- Vulnerability Management
- Log Analysis
This is the third edition, the previous edition was released in 2019, prior to the pandemic. With the pandemic, we saw many changes in the threat landscape, so they reviewed and updated each chapter according to this new reality.
These updates include content on new trends related to security hygiene, the use of the MITRE ATT&CK framework (not only for threat detection but also to improve security posture), and new attacks and tools that have come out or been updated since they released the second edition.
This book is a comprehensive guide to the world of cybersecurity, he authors provide an in-depth look at the different types of attacks, defense strategies, and best practices for protecting networks, systems, and applications.
At the beginning we start with a discussion of the fundamentals of cybersecurity, It then moves on to threats and vulnerabilities, and countermeasures and defense strategies.
The authors provide detailed instructions on how to detect, respond to, and prevent a wide range of attacks, from the most sophisticated to the more mundane. In addition, the book provides guidance on how to ensure compliance with industry regulations, as well as discussions on current trends in the industry.
Overall, this book is an invaluable resource for anyone interested in cyber security, It provides a thorough overview of the subject, as well as detailed instructions for implementing the best practices for protecting networks, systems, and applications.
The authors’ expertise and experience in the field is evident throughout the book, and the text is well organized and easy to follow. This book is an essential resource for anyone looking to develop a strong foundation in cyber security.