Agile Security Operations
Packt Publishing Limited (Verlag)
978-1-80181-551-2 (ISBN)
Get to grips with security operations through incident response, the ATT&CK framework, active defense, and agile threat intelligence
Key Features
Explore robust and predictable security operations based on measurable service performance
Learn how to improve the security posture and work on security audits
Discover ways to integrate agile security operations into development and operations
Book DescriptionAgile security operations allow organizations to survive cybersecurity incidents, deliver key insights into the security posture of an organization, and operate security as an integral part of development and operations. It is, deep down, how security has always operated at its best.
Agile Security Operations will teach you how to implement and operate an agile security operations model in your organization. The book focuses on the culture, staffing, technology, strategy, and tactical aspects of security operations. You'll learn how to establish and build a team and transform your existing team into one that can execute agile security operations. As you progress through the chapters, you'll be able to improve your understanding of some of the key concepts of security, align operations with the rest of the business, streamline your operations, learn how to report to senior levels in the organization, and acquire funding.
By the end of this Agile book, you'll be ready to start implementing agile security operations, using the book as a handy reference.
What you will learn
Get acquainted with the changing landscape of security operations
Understand how to sense an attacker's motives and capabilities
Grasp key concepts of the kill chain, the ATT&CK framework, and the Cynefin framework
Get to grips with designing and developing a defensible security architecture
Explore detection and response engineering
Overcome challenges in measuring the security posture
Derive and communicate business values through security operations
Discover ways to implement security as part of development and business operations
Who this book is forThis book is for new and established CSOC managers as well as CISO, CDO, and CIO-level decision-makers. If you work as a cybersecurity engineer or analyst, you'll find this book useful. Intermediate-level knowledge of incident response, cybersecurity, and threat intelligence is necessary to get started with the book.
Hinne Hettema is a practitioner in cybersecurity operations, focusing especially on enabling security capabilities through detection engineering, security monitoring, threat intelligence, incident response, operational technology, and malware research. He works in New Zealand in security operations and the establishment of cybersecurity defensive capabilities in various organizations. He is an adjunct senior fellow at the University of Queensland, researching cybersecurity operations, the security of operational technology, and the philosophy of cybersecurity. He studied theoretical chemistry and philosophy.
Table of Contents
How Security Operations Are Changing
Incident Response - A Key Capability in Security Operations
Engineering for Incident Response
Key Concepts in Cyber Defense
Defensible Architecture
Active Defense
How Secure are You? - Measuring Security Posture
Red, Blue and Purple Teaming
Running and Operating Security Services
Implementing Agile Threat Intelligence
| Erscheinungsdatum | 18.02.2022 |
|---|---|
| Verlagsort | Birmingham |
| Sprache | englisch |
| Maße | 75 x 93 mm |
| Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
| ISBN-10 | 1-80181-551-8 / 1801815518 |
| ISBN-13 | 978-1-80181-551-2 / 9781801815512 |
| Zustand | Neuware |
| Haben Sie eine Frage zum Produkt? |
aus dem Bereich
