finelybook
Asset Attack Vectors: Building Effective Vulnerability Management Strategies to Protect Organizations
by 作者: Morey J. Haber - Brad Hibbert
ISBN-10 书号: 1484236262
ISBN-13 书号: 9781484236260
Edition 版本: 1st ed.
Released: 2018-07-20
Pages: 371
Build an effective vulnerability management strategy to protect your organization’s assets,applications,and data.
Today’s network environments are dynamic,requiring multiple defenses to mitigate vulnerabilities and stop data breaches. In the modern enterprise,everything connected to the network is a target. Attack surfaces are rapidly expanding to include not only traditional servers and desktops,but also routers,printers,cameras,and other IOT devices. It doesn’t matter whether an organization uses LAN,WAN,wireless,or even a modern PAN—savvy criminals have more potential entry points than ever before. To stay ahead of these threats,IT and security leaders must be aware of exposures and understand their potential impact.
Asset Attack Vectors will help you build a vulnerability management program designed to work in the modern threat environment. Drawing on years of combined experience,the authors detail the latest techniques for threat analysis,risk measurement,and regulatory reporting. They also outline practical service level agreements (SLAs) for vulnerability management and patch management.
Vulnerability management needs to be more than a compliance check box; it should be the foundation of your organization’s cybersecurity strategy. Read Asset Attack Vectors to get ahead of threats and protect your organization with an effective asset protection strategy.
What You’ll Learn
Create comprehensive assessment and risk identification policies and procedures
Implement a complete vulnerability management workflow in nine easy steps
Understand the implications of active,dormant,and carrier vulnerability states
Develop,deploy,and maintain custom and commercial vulnerability management programs
Discover the best strategies for vulnerability remediation,mitigation,and removal
Automate credentialed scans that leverage least-privilege access principles
Read real-world case studies that share successful strategies and reveal potential pitfalls
Who this book is for
New and intermediate security management professionals,auditors,and information technology staff looking to build an effective vulnerability management program and defend against asset based cyberattacks
Introduction
Chapter 1: The Attack Chain
Chapter 2: The Vulnerability Landscape
Chapter 3: Threat Intelligence
Chapter 4: Credential Asset Risks
Chapter 5: Vulnerability Assessment
Chapter 6: Configuration Assessment
Chapter 7: Risk Measurement
Chapter 8: Vulnerability States
Chapter 9: Vulnerability Authorities
Chapter 10: Penetration Testing
Chapter 11: Remediation
Chapter 12: The Vulnerability Management Program
Chapter 13: Vulnerability Management Design
Chapter 14: Vulnerability Management Development
Chapter 15: Vulnerability Management Deployment
Chapter 16: Vulnerability Management Operations
Chapter 17: Vulnerability Management Architecture
Chapter 18: Sample Vulnerability Plan
Chapter 19: Regulatory Compliance
Chapter 20: Risk Management Frameworks
Chapter 21: Making It All Work
Chapter 22: Tales from the Trenches
Chapter 23: Final Recommendations
Chapter 24: Conclusion
Appendix A: Sample Request for Proposal(RFP)
Appendix B: Request for Proposal Spreadsheet
