Despite the increase of high-profile hacks, record-breaking data leaks, and ransomware attacks, many organizations don’t have the budget to establish or outsource an information security (InfoSec) program, forcing them to learn on the job. For companies obliged to improvise, this pragmatic guide provides a security-101 handbook with steps, tools, processes, and ideas to help you drive maximum-security improvement at little or no cost.
Each chapter in this book provides step-by-step instructions for dealing with a specific issue, including breaches and disasters, compliance, network infrastructure and password management, vulnerability scanning, and penetration testing, among others. Network engineers, system administrators, and security professionals will learn tools and techniques to help improve security in sensible, manageable chunks.
Learn fundamentals of starting or redesigning an InfoSec program
Create a base set of policies, standards, and procedures
Plan and design incident response, disaster recovery, compliance, and physical security
Bolster Microsoft and Unix systems, network infrastructure, and password management
Use segmentation practices and designs to compartmentalize your network
Explore automated process and tools for vulnerability management
Securely develop code to reduce exploitable errors
Understand basic penetration testing concepts through purple teaming
Delve into IDS, IPS, SOC, logging, and monitoring
Chapter 1Creating a Security Program
Lay the Groundwork
Baseline Security Posture
Assess Threats and Risks
Use Cases, Tabletops, and Drills
Expanding Your Team and Skillsets
Chapter 2Asset Management and Documentation
Asset Management Implementation Steps
Asset Management Guidelines
Storage and Communication
Chapter 4Standards and Procedures
Chapter 5User Education
Bridging the Gap
Building Your Own Program
Gaining Meaningful Metrics
Chapter 6Incident Response
Tools and Technology
Chapter 7Disaster Recovery
Invoking a Fail Over...and Back
Chapter 8Industry Compliance Standards and Frameworks
Industry Compliance Standards
Chapter 9Physical Security
Chapter 10Microsoft Windows Infrastructure
Active Directory Domain Services
Group Policy Objects
Chapter 11Unix Application Servers
Mobile Device Management
Chapter 13Password Management and Multifactor Authentication
Lee Brotherston is a Senior Security Advisor with Leviathan Security, providing Information Security consulting services to a range of clients. Having spent more than a decade in Information Security, Lee has worked as an Internal Security resource across many verticals including Finance, Telecommunications, Hospitality, Entertainment, and Government in roles ranging from Engineer to IT Security Manager.
Amanda Berlin is an Information Security Architect for a consulting firm in Northern Ohio. She has spent over a decade in different areas of technology and sectors providing infrastructure support, triage, and design. Amanda has been involved in implementing a secure Payment Card Industries (PCI) process and Health Insurance Portability and Accountability Act (HIPAA) compliance as well as building a comprehensive phishing and awards-based user education program. She is the author for a Blue Team best practices book called "Defensive Security Handbook: Best Practices for Securing Infrastructure" through O'Reilly Media. She is a co-host on the Brakeing Down Security podcast and writes for several blogs. On Twitter, she's @InfoSystir.
Comments about oreilly Defensive Security Handbook:
This book is shaping up to be an excellent resource for those who find themselves suddenly wearing an infosec hat. Since only 4 of the 19 chapters are available as of this review, I cannot speak for the entire work but the existing material is quite good - especially the multifactor authentication and app server portions.
I'm excited for it to be published so we can add a couple copies to our engineering library.
Bottom Line Yes, I would recommend this to a friend