Book description
If you’re a security or network professional, you already know the “do’s and don’ts”: run AV software and firewalls, lock down your systems, use encryption, watch network traffic, follow best practices, hire expensive consultants . . . but it isn’t working. You’re at greater risk than ever, and even the world’s most security-focused organizations are being victimized by massive attacks.
In Thinking Security, author Steven M. Bellovin provides a new way to think about security. As one of the world’s most respected security experts, Bellovin helps you gain new clarity about what you’re doing and why you’re doing it. He helps you understand security as a systems problem, including the role of the all-important human element, and shows you how to match your countermeasures to actual threats. You’ll learn how to move beyond last year’s checklists at a time when technology is changing so rapidly.
You’ll also understand how to design security architectures that don’t just prevent attacks wherever possible, but also deal with the consequences of failures. And, within the context of your coherent architecture, you’ll learn how to decide when to invest in a new security product and when not to.
Bellovin, co-author of the best-selling Firewalls and Internet Security, caught his first hackers in 1971. Drawing on his deep experience, he shares actionable, up-to-date guidance on issues ranging from SSO and federated authentication to BYOD, virtualization, and cloud security.
Perfect security is impossible. Nevertheless, it’s possible to build and operate security systems far more effectively. Thinking Security will help you do just that.
Table of contents
- About This eBook
- Title Page
- Copyright Page
- Dedication Page
- Contents
- Preface
- Part I: Defining the Problem
-
Part II: Technologies
- Chapter 4. Antivirus Software
- Chapter 5. Firewalls and Intrusion Detection Systems
- Chapter 6. Cryptography and VPNs
-
Chapter 7. Passwords and Authentication
- 7.1 Authentication Principles
- 7.2 Passwords
- 7.3 Storing Passwords: Users
- 7.4 Password Compromise
- 7.5 Forgotten Passwords
- 7.6 Biometrics
- 7.7 One-Time Passwords
- 7.8 Cryptographic Authentication
- 7.9 Tokens and Mobile Phones
- 7.10 Single-Sign-On and Federated Authentication
- 7.11 Storing Passwords: Servers
- 7.12 Analysis
- Chapter 8. PKI: Public Key Infrastructures
- Chapter 9. Wireless Access
- Chapter 10. Clouds and Virtualization
- Part III: Secure Operations
- Part IV: The Future
- References
- Index
- Credits
- Colophon
- Code Snippets
Product information
- Title: Thinking Security: Stopping Next Year’s Hackers
- Author(s):
- Release date: November 2015
- Publisher(s): Addison-Wesley Professional
- ISBN: 9780134278223
You might also like
book
Inside Network Security Assessment: Guarding Your IT Infrastructure
As an IT professional, you need to know how to perform network security assessments. Inside Network …
book
Kali Linux – Assuring Security by Penetration Testing
With Kali Linux you can test the vulnerabilities of your network and then take steps to …
book
Security Intelligence: A Practitioner's Guide to Solving Enterprise Security Challenges
Similar to unraveling a math word problem, Security Intelligence: A Practitioner's Guide to Solving Enterprise Security …
book
Network Vulnerability Assessment
Build a network security threat model with this comprehensive learning guide Key Features Develop a network …