Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

Cyberattacks continue to increase in volume and sophistication, targeting everything owned, managed, and serviced from the cloud. Today, there is widespread consensus—it is not a matter of if, but rather when an organization will be breached. Threat actors typically target the path of least resistance. With the accelerating adoption of cloud technologies and remote work, the path of least resistance is shifting in substantive ways. In recent years, attackers have realigned their efforts, focusing on remaining undetected, monetization after exploitation, and publicly shaming organizations after a breach. New, innovative, and useful products continue to emerge and offer some cloud protection, but they also have distinct limitations. No single, standalone solution or strategy can effectively protect against all cloud attack vectors or identify all malicious activity. The simple fact is that the cloud is based on a company’s assets being offered as services. As a result, the best security any organization can achieve is to establish controls and procedures in conjunction with services that are licensed in the cloud. Cloud Attack Vectors details the risks associated with cloud deployments, the techniques threat actors leverage, the empirically-tested defensive measures organizations should adopt, and shows how to improve detection of malicious activity. What You’ll Learn Know the key definitions pertaining to cloud technologies, threats, and cybersecurity solutions Understand how entitlements, permissions, rights, identities, accounts, credentials, and exploits can be leveraged to breach a cloud environment Implement defensive and monitoring strategies to mitigate cloud threats, including those unique to cloud and hybrid cloud environments Develop a comprehensive model for documenting risk, compliance, and reporting based on your cloud implementation.

Computer. Automation --- computerbeveiliging --- Cloud computing. --- Cloud computing --- Cyberterrorism. --- Security measures.

Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

Use the guidance in this comprehensive field guide to gain the support of your top executives for aligning a rational cybersecurity plan with your business. You will learn how to improve working relationships with stakeholders in complex digital businesses, IT, and development environments. You will know how to prioritize your security program, and motivate and retain your team. Misalignment between security and your business can start at the top at the C-suite or happen at the line of business, IT, development, or user level. It has a corrosive effect on any security project it touches. But it does not have to be like this. Author Dan Blum presents valuable lessons learned from interviews with over 70 security and business leaders. You will discover how to successfully solve issues related to: risk management, operational security, privacy protection, hybrid cloud management, security culture and user awareness, and communication challenges. This open access book presents six priority areas to focus on to maximize the effectiveness of your cybersecurity program: risk management, control baseline, security culture, IT rationalization, access control, and cyber-resilience. Common challenges and good practices are provided for businesses of different types and sizes. And more than 50 specific keys to alignment are included. You will: Improve your security culture: clarify security-related roles, communicate effectively to businesspeople, and hire, motivate, or retain outstanding security staff by creating a sense of efficacy Develop a consistent accountability model, information risk taxonomy, and risk management framework Adopt a security and risk governance model consistent with your business structure or culture, manage policy, and optimize security budgeting within the larger business unit and CIO organization IT spend Tailor a control baseline to your organization’s maturity level, regulatory requirements, scale, circumstances, and critical assets Help CIOs, Chief Digital Officers, and other executives to develop an IT strategy for curating cloud solutions and reducing shadow IT, building up DevSecOps and Disciplined Agile, and more Balance access control and accountability approaches, leverage modern digital identity standards to improve digital relationships, and provide data governance and privacy-enhancing capabilities Plan for cyber-resilience: work with the SOC, IT, business groups, and external sources to coordinate incident response and to recover from outages and come back stronger Integrate your learnings from this book into a quick-hitting rational cybersecurity success plan.

Computer. Automation --- computerbeveiliging --- Data protection. --- Computer security. --- Computer networks --- Business enterprises --- Security measures.

Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

Improve cloud security within your organization by leveraging AWS’s Shared Responsibility Model, Well-Architected Framework, and the Cloud Adoption Framework. This book will show you to use these tools to make the best decisions for securing your cloud environment. You’ll start by understanding why security is important in the cloud and then review the relevant services offered to meet an organization’s needs. You’ll then move on to the finer points of building a secure architecture and take a deep look into the differences of responsibility of managed services and those that allow customers more control. With multiple AWS services available, organizations must weigh the tradeoffs between those that provide granular control (IaaS), a managed service (PaaS), delivering applications remotely over the internet instead of locally on machines (SaaS). This book will help you to identify the appropriate resources and show you how to implement them to meet an organization’s business, technical, and security perspective in the Cloud Adoption Framework. Finally, you'll see how organizations can launch a secure and optimized cloud architecture and use monitoring tools to be proactive in security measures. With Beginning AWS Security, you'll understand frameworks, models, and the services needed to build a secure architecture. You will: Review the similarities and differences between cloud and traditional computing. See how security changes when using on-site, hybrid, and cloud models Develop an understanding that security is not “one and done” Reinforce the need for updates and monitoring as a continued part of AWS security.

Computer. Automation --- computerbeveiliging --- Cloud computing --- Service-oriented architecture (Computer science) --- Security measures. --- Amazon Web Services (Firm)

Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

Operating systems (Computers) --- Security measures --- Management --- Security measures. --- Computer operating systems --- Computers --- Disk operating systems --- Systems software --- Operating systems --- Systèmes d'exploitation (Ordinateurs) --- Sécurité --- Mesures --- Gestion --- Systèmes d'exploitation (Ordinateurs) --- Sécurité

Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

Take a friendly, non-technical approach to installing, configuring, and maintaining a web server for development and testing on Mac OS, Linux, and Windows. This new edition uses straightforward language to demystify the mechanics of the web, leading the reader through a complex topic via simple, iterative steps. The book reflects current, relevant Apache configurations and web application frameworks, and prepares the reader for working in professional web development environments. You'll begin by reviewing a brief history of Apache that focuses on the necessary foundation to understand what these web servers are and why they are used. You'll then install a basic Apache setup on your operating system that loads a static HTML file for display in a browser. Next you'll work through progressively more detailed configurations towards a modern, secure application development environment for the two most commonly implemented development frameworks: a PHP-based framework such as Laravel or a NodeJS application. In the end, Apache Essentials, second edition will show novice web developers and UX professionals how to quickly and confidently build and test their website changes safely and securely. You will: Install and configure Apache to support your development Support common development frameworks using specific configuration guides Set up a secure web server for testing Use logs for troubleshooting and why that’s important.

Computer. Automation --- websites --- software engineering --- Web servers --- Computer networks --- Computer programs. --- Security measures. --- Apache (Computer file : Apache Group)