Nicht aus der Schweiz? Besuchen Sie lehmanns.de
Cloud Attack Vectors - Morey J. Haber, Brian Chappell, Christopher Hills

Cloud Attack Vectors (eBook)

Building Effective Cyber-Defense Strategies to Protect Cloud Resources
eBook Download: PDF
2022 | 1st ed.
XXXI, 473 Seiten
Apress (Verlag)
978-1-4842-8236-6 (ISBN)
Systemvoraussetzungen
62,99 inkl. MwSt
(CHF 61,50)
Der eBook-Verkauf erfolgt durch die Lehmanns Media GmbH (Berlin) zum Preis in Euro inkl. MwSt.
  • Download sofort lieferbar
  • Zahlungsarten anzeigen

Cyberattacks continue to increase in volume and sophistication, targeting everything owned, managed, and serviced from the cloud. Today, there is widespread consensus-it is not a matter of if, but rather when an organization will be breached. Threat actors typically target the path of least resistance. With the accelerating adoption of cloud technologies and remote work, the path of least resistance is shifting in substantive ways. In recent years, attackers have realigned their efforts, focusing on remaining undetected, monetization after exploitation, and publicly shaming organizations after a breach.

New, innovative, and useful products continue to emerge and offer some cloud protection, but they also have distinct limitations. No single, standalone solution or strategy can effectively protect against all cloud attack vectors or identify all malicious activity. The simple fact is that the cloud is based on a company's assets being offered as services. As a result, the best security any organization can achieve is to establish controls and procedures in conjunction with services that are licensed in the cloud.

Cloud Attack Vectors details the risks associated with cloud deployments, the techniques threat actors leverage, the empirically-tested defensive measures organizations should adopt, and shows how to improve detection of malicious activity.

What You'll Learn

  • Know the key definitions pertaining to cloud technologies, threats, and cybersecurity solutions
  • Understand how entitlements, permissions, rights, identities, accounts, credentials, and exploits can be leveraged to breach a cloud environment
  • Implement defensive and monitoring strategies to mitigate cloud threats, including those unique to cloud and hybrid cloud environments
  • Develop a comprehensive model for documenting risk, compliance, and reporting based on your cloud implementation

 Who This Book Is For

New security professionals, entry-level cloud security engineers, managers embarking on digital transformation, and auditors looking to understand security and compliance risks associated with the cloud

Morey J. Haber is Chief Technology Officer at BeyondTrust. He has more than 20 years of IT industry experience and is author of the book Privileged Attack Vectors and Asset Attack Vectors. Morey joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition. He currently oversees BeyondTrust technology for vulnerability, privileged, and remote access management solutions. In 2004, Morey joined eEye as the Director of Security Engineering and was responsible for strategic business discussions and vulnerability management architectures in Fortune 500 clients. Prior to eEye, he was a Development Manager for Computer Associates, Inc. (CA), responsible for new product beta cycles and named customer accounts. Morey began his career as a Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelors of Science in Electrical Engineering from the State University of New York at Stony Brook.

Brian Chappell is Chief Security Strategist for Beyond Trust, EMEA & APAC, and is a multi-skilled individual with a passion for delivering best practice solutions that help customers run their businesses more effectively and securely. His specialties include: cybersecurity solutions, IT strategy and implementation, project management, global IT operations management, sales engineering, software development, and enterprise and solutions architecture.

Christopher Hills is a Security Strategist focused on Privileged Access Management (PAM) and Identity and Access Management (IAM). He is Security Strategist for BeyondTrust's Privileged Access Management Solutions, enforcing Privileged Password Management and Privileged Session Management, Privileged Endpoint Management, and Secure Remote Access which utilizes a single pane of glass for all management aspects, including Automated Account Discovery, Privileged Management and Elevation, Audit and Compliance, and Behavior & Reporting. His responsibilities include: IAM/PAM focus, strategy, mentoring, leadership, customer and prospect liaison, thought leadership, background reference, business development, customer-facing GRC, and working closely with global sales and marketing organizations to help support GTM efforts while assisting with critical sales opportunities and key marketing events.


Cyberattacks continue to increase in volume and sophistication, targeting everything owned, managed, and serviced from the cloud. Today, there is widespread consensus-it is not a matter of if, but rather when an organization will be breached. Threat actors typically target the path of least resistance. With the accelerating adoption of cloud technologies and remote work, the path of least resistance is shifting in substantive ways. In recent years, attackers have realigned their efforts, focusing on remaining undetected, monetization after exploitation, and publicly shaming organizations after a breach.New, innovative, and useful products continue to emerge and offer some cloud protection, but they also have distinct limitations. No single, standalone solution or strategy can effectively protect against all cloud attack vectors or identify all malicious activity. The simple fact is that the cloud is based on a company's assets being offered as services. As a result, the best security any organization can achieve is to establish controls and procedures in conjunction with services that are licensed in the cloud.Cloud Attack Vectors details the risks associated with cloud deployments, the techniques threat actors leverage, the empirically-tested defensive measures organizations should adopt, and shows how to improve detection of malicious activity.What You'll LearnKnow the key definitions pertaining to cloud technologies, threats, and cybersecurity solutionsUnderstand how entitlements, permissions, rights, identities, accounts, credentials, and exploits can be leveraged to breach a cloud environmentImplement defensive and monitoring strategies to mitigate cloud threats, including those unique to cloud and hybrid cloud environmentsDevelop a comprehensive model for documenting risk, compliance, and reporting based on your cloud implementation Who This Book Is ForNew security professionals, entry-level cloud security engineers, managers embarking on digital transformation, and auditors looking to understand security and compliance risks associated with the cloud
Erscheint lt. Verlag 21.7.2022
Zusatzinfo XXXI, 473 p. 49 illus.
Sprache englisch
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Schlagworte Alibaba • Amazon Web Services • API • authentication • Cloud • Cloud attack vectors • cybersecurity • entitlements • Google Cloud Platform • Identities • Microsoft Azure • Oracle Cloud • Phishing • Remote Access • security • Vulnerabilities
ISBN-10 1-4842-8236-1 / 1484282361
ISBN-13 978-1-4842-8236-6 / 9781484282366
Haben Sie eine Frage zum Produkt?
PDFPDF (Wasserzeichen)
Größe: 11,0 MB

DRM: Digitales Wasserzeichen
Dieses eBook enthält ein digitales Wasser­zeichen und ist damit für Sie persona­lisiert. Bei einer missbräuch­lichen Weiter­gabe des eBooks an Dritte ist eine Rück­ver­folgung an die Quelle möglich.

Dateiformat: PDF (Portable Document Format)
Mit einem festen Seiten­layout eignet sich die PDF besonders für Fach­bücher mit Spalten, Tabellen und Abbild­ungen. Eine PDF kann auf fast allen Geräten ange­zeigt werden, ist aber für kleine Displays (Smart­phone, eReader) nur einge­schränkt geeignet.

Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen dafür einen PDF-Viewer - z.B. den Adobe Reader oder Adobe Digital Editions.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen dafür einen PDF-Viewer - z.B. die kostenlose Adobe Digital Editions-App.

Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.

Mehr entdecken
aus dem Bereich
Das Praxishandbuch zu Krisenmanagement und Krisenkommunikation

von Holger Kaschner

eBook Download (2024)
Springer Fachmedien Wiesbaden (Verlag)
CHF 34,15
Methodische Kombination von IT-Strategie und IT-Reifegradmodell

von Markus Mangiapane; Roman P. Büchler

eBook Download (2024)
Springer Vieweg (Verlag)
CHF 41,95