Free Delivery Over $100
|
|
|||
|
||||
OverviewFull Product DetailsAuthor: David Routin , Simon Thoores , Samuel RossierPublisher: Packt Publishing Limited Imprint: Packt Publishing Limited ISBN: 9781801074292ISBN 10: 1801074291 Pages: 450 Publication Date: 24 June 2022 Audience: General/trade , General Format: Paperback Publisher's Status: Active Availability: In stock  We have confirmation that this item is in stock with the supplier. It will be ordered in for you and dispatched immediately. Table of ContentsTable of Contents Contextualizing Threats and Today's Challenges Purple Teaming – a Generic Approach and a New Model Carrying Out Adversary Emulation with CTI Threat Management – Detecting, Hunting, and Preventing Red Team Infrastructure Blue Team – Collect Blue Team – Detect Blue Team – Correlate Purple Team Infrastructure Purple Teaming the ATT&CK Tactics Purple Teaming with BAS and Adversary Emulation PTX – Purple Teaming eXtended PTX – Automation and DevOps Approach Exercise Wrap-Up and KPIsReviewsAuthor InformationDavid Routin started, in his teens, to learn cybersecurity in the 90s, the passion is continued through various contributions or projects such as MITRE ATT&CK framework, SIGMA, vulnerability disclosures (Microsoft), public events speaking and multiple publications from French MISC magazine to this book. As a professional, he owned various positions from security engineer to CISO. For the last ten years as Security Operations Center Manager roles, he built and operated multiple SOC for MSSP or private companies. His areas of expertise are SOC, Blue & Purple teaming, incident response, forensic (SANS GCIH/GCFA), detection engineering, management and compliance (ISO27001 or PCI). Simon Thoores is a cybersecurity analyst specialized in Forensic and Incident Response. He started his career as a Security Analyst after obtaining an Engineering diploma in Information System architecture focus on security. He built his forensics and reverse engineering skills during large-scale incident responses from malware and ransomware attacks to more advanced attacks for a wide variety of environments, he finally certified these skills with GCFA. Then he moved to the Cyber Threat Intelligence field to better understand attacker methodologies to align and strengthen response and support for his clients. Lately he decided to put his skills and knowledges to emulate threat actors to help customer improve their security. Samuel Rossier is currently SOC lead within a government entity where he focuses on detection engineering, incident response, automation, and cyber threat intelligence. He is also a teaching assistant at the SANS Institute. He was previously responsible for a private bank group CIRT, and also worked as an SOC manager within an MSSP. He also spent several years within a consulting cybersecurity practice. Samuel currently holds a master's degree in information systems and several information security certifications, including GRID, GMON, eCIR, eCTHP, eCRE, eNDP, and eJPT. He is also a contributor to the MITRE D3FEND and SIGMA frameworks and likes to speak at conferences and analyze malware. He values a strong emphasis on the people dimension of cybersecurity by sharing knowledge. Tab Content 6Author Website:Countries AvailableAll regions |
||||
