Library Logo
Normal view MARC view ISBD view

Security intelligence : a practitioner's guide to solving enterprise security challenges / [electronic resource]

by Li, Qing [author.]; Clark, Gregory [author.].
Material type: materialTypeLabelBookPublisher: Indianapolis, IN : Wiley, 2015.Description: 1 online resource.ISBN: 9781118896679; 111889667X; 9781118896662; 1118896661; 9781119183617; 1119183618; 1118896696; 9781118896693.Subject(s): Electronic information resources -- Access control | Computer networks -- Security measures | Computer security | COMPUTERS / Internet / Security | COMPUTERS / Networking / Security | COMPUTERS / Security / General | Computer networks -- Security measures. World Wide Web -- Security measures | Computer science | Network security | Computer networks -- Security measures | Computer security | Electronic information resources -- Access control | Electronic books | Electronic booksOnline resources: Wiley Online Library
Contents:
Security Intelligence: A Practitioner's Guide to Solving Enterprise Security Challenges; Contents; Foreword; Preface; Chapter 1 Fundamentals of Secure Proxies; Security Must Protect and Empower Users; The Birth of Shadow IT; Internet of Things and Connected Consumer Appliances; Conventional Security Solutions; Traditional Firewalls: What Are Their Main Deficiencies?; Firewall with DPI: A Better Solution?; IDS/IPS and Firewall; Unified Threat Management and Next-Generation Firewall; Security Proxy-A Necessary Extension of the End Point; Transaction-Based Processing; The Proxy Architecture
SSL Proxy and InterceptionInterception Strategies; Certificates and Keys; Certificate Pinning and OCSP Stapling; SSL Interception and Privacy; Summary; Chapter 2 Proxy Deployment Strategies and Challenges; Definitions of Proxy Types: Transparent Proxy and Explicit Proxy; Inline Deployment of Transparent Proxy: Physical Inline and Virtual Inline; Physical Inline Deployment; Virtual Inline Deployment; Traffic Redirection Methods: WCCP and PBR; LAN Port and WAN Port; Forward Proxy and Reverse Proxy; Challenges of Transparent Interception; Directionality of Connections; Maintaining Traffic Paths
Avoiding InterceptionAsymmetric Traffic Flow Detection and Clustering; Proxy Chaining; Summary; Chapter 3 Proxy Policy Engine and Policy Enforcements; Policy System Overview; Conditions and Properties; Policy Transaction; Policy Ticket; Policy Updates and Versioning System; Security Implications; Policy System in the Cloud Security Operation; Policy Evaluation; Policy Checkpoint; Policy Execution Timing; Revisiting the Proxy Interception Steps; Enforcing External Policy Decisions; Summary; Chapter 4 Malware and Malware Delivery Networks; Cyber Warfare and Targeted Attacks
Espionage and Sabotage in CyberspaceIndustrial Espionage; Operation Aurora; Watering Hole Attack; Breaching the Trusted Third Party; Casting the Lures; Spear Phishing; Pharming; Cross-Site Scripting; Search Engine Poisoning; Drive-by Downloads and the Invisible iframe; Tangled Malvertising Networks; Malware Delivery Networks; Fast-Flux Networks; Explosion of Domain Names; Abandoned Sites and Domain Names; Antivirus Software and End-Point Solutions -- The Losing Battle; Summary; Chapter 5 Malnet Detection Techniques; Automated URL Reputation System; Creating URL Training Sets
Extracting URL Feature SetsClassifier Training; Dynamic Webpage Content Rating; Keyword Extraction for Category Construction; Keyword Categorization; Detecting Malicious Web Infrastructure; Detecting Exploit Servers through Content Analysis; Topology-Based Detection of Dedicated Malicious Hosts; Detecting C2 Servers; Detection Based on Download Similarities; Crawlers; Detecting Malicious Servers with a Honeyclient; High Interaction versus Low Interaction; Capture-HPC: A High-Interaction Honeyclient; Thug: A Low-Interaction Honeyclient; Evading Honeyclients; Summary; Chapter 6 Writing Policies
Summary: Identify, deploy, and secure your enterprise Security Intelligence, A Practitioner's Guide to Solving Enterprise Security Challenges is a handbook for security in modern times, against modern adversaries. As leaders in the design and creation of security products that are deployed globally across a range of industries and market sectors, authors Qing Li and Gregory Clark deliver unparalleled insight into the development of comprehensive and focused enterprise security solutions. They walk you through the process of translating your security goals into specific security technology domains, fo.
Tags from this library: No tags from this library for this title. Add tag(s)
Log in to add tags.
    average rating: 0.0 (0 votes)
No physical items for this record

Includes bibliographical references and index.

Security Intelligence: A Practitioner's Guide to Solving Enterprise Security Challenges; Contents; Foreword; Preface; Chapter 1 Fundamentals of Secure Proxies; Security Must Protect and Empower Users; The Birth of Shadow IT; Internet of Things and Connected Consumer Appliances; Conventional Security Solutions; Traditional Firewalls: What Are Their Main Deficiencies?; Firewall with DPI: A Better Solution?; IDS/IPS and Firewall; Unified Threat Management and Next-Generation Firewall; Security Proxy-A Necessary Extension of the End Point; Transaction-Based Processing; The Proxy Architecture

SSL Proxy and InterceptionInterception Strategies; Certificates and Keys; Certificate Pinning and OCSP Stapling; SSL Interception and Privacy; Summary; Chapter 2 Proxy Deployment Strategies and Challenges; Definitions of Proxy Types: Transparent Proxy and Explicit Proxy; Inline Deployment of Transparent Proxy: Physical Inline and Virtual Inline; Physical Inline Deployment; Virtual Inline Deployment; Traffic Redirection Methods: WCCP and PBR; LAN Port and WAN Port; Forward Proxy and Reverse Proxy; Challenges of Transparent Interception; Directionality of Connections; Maintaining Traffic Paths

Avoiding InterceptionAsymmetric Traffic Flow Detection and Clustering; Proxy Chaining; Summary; Chapter 3 Proxy Policy Engine and Policy Enforcements; Policy System Overview; Conditions and Properties; Policy Transaction; Policy Ticket; Policy Updates and Versioning System; Security Implications; Policy System in the Cloud Security Operation; Policy Evaluation; Policy Checkpoint; Policy Execution Timing; Revisiting the Proxy Interception Steps; Enforcing External Policy Decisions; Summary; Chapter 4 Malware and Malware Delivery Networks; Cyber Warfare and Targeted Attacks

Espionage and Sabotage in CyberspaceIndustrial Espionage; Operation Aurora; Watering Hole Attack; Breaching the Trusted Third Party; Casting the Lures; Spear Phishing; Pharming; Cross-Site Scripting; Search Engine Poisoning; Drive-by Downloads and the Invisible iframe; Tangled Malvertising Networks; Malware Delivery Networks; Fast-Flux Networks; Explosion of Domain Names; Abandoned Sites and Domain Names; Antivirus Software and End-Point Solutions -- The Losing Battle; Summary; Chapter 5 Malnet Detection Techniques; Automated URL Reputation System; Creating URL Training Sets

Extracting URL Feature SetsClassifier Training; Dynamic Webpage Content Rating; Keyword Extraction for Category Construction; Keyword Categorization; Detecting Malicious Web Infrastructure; Detecting Exploit Servers through Content Analysis; Topology-Based Detection of Dedicated Malicious Hosts; Detecting C2 Servers; Detection Based on Download Similarities; Crawlers; Detecting Malicious Servers with a Honeyclient; High Interaction versus Low Interaction; Capture-HPC: A High-Interaction Honeyclient; Thug: A Low-Interaction Honeyclient; Evading Honeyclients; Summary; Chapter 6 Writing Policies

Identify, deploy, and secure your enterprise Security Intelligence, A Practitioner's Guide to Solving Enterprise Security Challenges is a handbook for security in modern times, against modern adversaries. As leaders in the design and creation of security products that are deployed globally across a range of industries and market sectors, authors Qing Li and Gregory Clark deliver unparalleled insight into the development of comprehensive and focused enterprise security solutions. They walk you through the process of translating your security goals into specific security technology domains, fo.

Online resource; title from PDF title page (Ebsco, viewed April 13, 2015).

There are no comments for this item.

Log in to your account to post a comment.
Last Updated on September 15, 2019
© Dhaka University Library. All Rights Reserved|Staff Login