The last chapter, you learned about the incident response process and how it fits into the overall enhancement of a company's security posture. Now it is time to start thinking as an attacker and understand the rationale, the motivation, and the steps of performing an attack. We call this the cybersecurity kill chain, which is something that we briefly covered in Chapter 1, Secure Posture. Today, the most advanced cyber-attacks are reported to involve intrusions inside a target's network that last a long time before doing damage or being discovered. This reveals a unique characteristic of today's attackers: they have an astounding ability to remain undetected until the time is right. This means that they operate on well-structured and scheduled plans. The precision of their attacks has been under study and has revealed...

Cybersecurity - Attack and Defense Strategies
By :

Cybersecurity - Attack and Defense Strategies
By:
Overview of this book
The book will start talking about the security posture before moving to Red Team tactics, where you will learn the basic syntax for the Windows and Linux tools that are commonly used to perform the necessary operations. You will also gain hands-on experience of using new Red Team techniques with powerful tools such as python and PowerShell, which will enable you to discover vulnerabilities in your system and how to exploit them. Moving on, you will learn how a system is usually compromised by adversaries, and how they hack user's identity, and the various tools used by the Red Team to find vulnerabilities in a system.
In the next section, you will learn about the defense strategies followed by the Blue Team to enhance the overall security of a system. You will also learn about an in-depth strategy to ensure that there are security controls in each network layer, and how you can carry out the recovery process of a compromised system. Finally, you will learn how to create a vulnerability management strategy and the different techniques for manual log analysis.
Table of Contents (18 chapters)
Preface
Security Posture
Incident Response Process
Understanding the Cybersecurity Kill Chain
Reconnaissance
Compromising the System
Chasing a User's Identity
Lateral Movement
Privilege Escalation
Security Policy
Network Segmentation
Active Sensors
Threat Intelligence
Investigating an Incident
Recovery Process
Vulnerability Management
Log Analysis
Other Books You May Enjoy
How would like to rate this book
Customer Reviews