CHF47.00
Download est disponible immédiatement
Similar to unraveling a math word problem, Security Intelligence: A Practitioner's Guide to Solving Enterprise Security Challenges guides you through a deciphering process that translates each security goal into a set of security variables, substitutes each variable with a specific security technology domain, formulates the equation that is the deployment strategy, then verifies the solution against the original problem by analyzing security incidents and mining hidden breaches, ultimately refines the security formula iteratively in a perpetual cycle. You will learn about:
Secure proxies - the necessary extension of the endpoints
Application identification and control - visualize the threats
Malnets - where is the source of infection and who are the pathogens
Identify the security breach - who was the victim and what was the lure
Security in Mobile computing - SNAFU
With this book, you will be able to:
Identify the relevant solutions to secure the infrastructure
Construct policies that provide flexibility to the users so to ensure productivity
Deploy effective defenses against the ever evolving web threats
Implement solutions that are compliant to relevant rules and regulations
Offer insight to developers who are building new security solutions and products
Auteur
Qing Li is Chief Scientist and Vice President of Advanced Technologies for Blue Coat Systems, a worldwide provider of security and network systems. He has 17 issued patents, has received multiple industry awards and has been an active speaker at industry conferences and an active voice in the technology media around the world. Gregory Clark is currently the CEO of Blue Coat Systems, a worldwide provider of security and network systems.
Résumé
Similar to unraveling a math word problem, Security Intelligence: A Practitioner's Guide to Solving Enterprise Security Challenges guides you through a deciphering process that translates each security goal into a set of security variables, substitutes each variable with a specific security technology domain, formulates the equation that is the deployment strategy, then verifies the solution against the original problem by analyzing security incidents and mining hidden breaches, ultimately refines the security formula iteratively in a perpetual cycle. You will learn about:
Security in Mobile computing SNAFU With this book, you will be able to:
Contenu
Foreword xv
Preface xvii
Chapter 1 Fundamentals of Secure Proxies 1
Security Must Protect and Empower Users 2
The Birth of Shadow IT 2
Internet of Things and Connected Consumer Appliances 3
Conventional Security Solutions 5
Traditional Firewalls: What Are Their Main Deficiencies? 5
Firewall with DPI: A Better Solution? 9
IDS/IPS and Firewall 11
Unified Threat Management and Next?]Generation Firewall 14
Security ProxyA Necessary Extension of the End Point 15
Transaction?]Based Processing 18
The Proxy Architecture 19
SSL Proxy and Interception 22
Interception Strategies 24
Certificates and Keys 28
Certificate Pinning and OCSP Stapling 32
SSL Interception and Privacy 33
Summary 35
Chapter 2 Proxy Deployment Strategies and Challenges 37
Definitions of Proxy Types: Transparent Proxy and Explicit Proxy 38
Inline Deployment of Transparent Proxy: Physical Inline and Virtual Inline 41
Physical Inline Deployment 41
Virtual Inline Deployment 43
Traffic Redirection Methods: WCCP and PBR 44
LAN Port and WAN Port 46
Forward Proxy and Reverse Proxy 47
Challenges of Transparent Interception 48
Directionality of Connections 53
Maintaining Traffic Paths 53
Avoiding Interception 56
Asymmetric Traffic Flow Detection and Clustering 58
Proxy Chaining 62
Summary 64
Chapter 3 Proxy Policy Engine and Policy Enforcements 67
Policy System Overview 69
Conditions and Properties 70
Policy Transaction 71
Policy Ticket 73
Policy Updates and Versioning System 77
Security Implications 77
Policy System in the Cloud Security Operation 80
Policy Evaluation 82
Policy Checkpoint 82
Policy Execution Timing 84
Revisiting the Proxy Interception Steps 86
Enforcing External Policy Decisions 90
Summary 91
Chapter 4 Malware and Malware Delivery Networks 93
Cyber Warfare and Targeted Attacks 94
Espionage and Sabotage in Cyberspace 94
Industrial Espionage 96
Operation Aurora 96
Watering Hole Attack 98
Breaching the Trusted Third Party 100
Casting the Lures 101
Spear Phishing 102
Pharming 102
Cross?]Site Scripting 103
Search Engine Poisoning 106
Drive?]by Downloads and the Invisible iframe 109
Tangled Malvertising Networks 113
Malware Delivery Networks 114
Fast?]Flux Networks 117
Explosion of Domain Names 119
Abandoned Sites and Domain Names 120
Antivirus Software and End?]Point Solutions The Losing Battle 121
Summary 122
Chapter 5 Malnet Detection Techniques 123
Automated URL Reputation System 124
Creating URL Training Sets 125
Extracting URL Feature Sets 126
Classifier Training 128
Dynamic Webpage Content Rating 131
Keyword Extraction for Category Construction 132
Keyword Categorization 135
Detecting Malicious Web Infrastructure 138
Detecting Exploit Servers through Content Analysis 138
Topology?]Based Detection of Dedicated Malicious Hosts 142
Detecting C2 Servers 144
Detection Based on Download Similarities 147
Crawlers 148
Detecting Malicious Servers with a Honeyclient 150
High Interaction versus Low Interaction 151
Capture?]HPC: A High?]Interaction Honeyclient 152
Thug: A Low?]Interaction Honeyclient 154
Evading Honeyclients 154
Summary 158
Chapter 6 Writing Policies 161
Overview of the ProxySG Policy Language 162 Scenarios...