Identity Attack Vectors: Implementing an Effective Identity and Access Management Solution
Autor Morey J. Haber, Darran Rollsen Limba Engleză Paperback – 19 dec 2019
As a solution, Identity Access Management (IAM) has emerged as the cornerstone of enterprise security. Managing accounts, credentials, roles, certification, and attestation reporting for all resources is now a security and compliance mandate. When identity theft and poor identity management is leveraged as an attack vector, risk and vulnerabilities increase exponentially. As cyber attacks continue to increase in volume and sophistication, it is not a matter of if, but when, your organization will have an incident. Threat actors target accounts, users, and their associated identities, to conduct their malicious activities through privileged attacks and asset vulnerabilities.Identity Attack Vectors details the risks associated with poor identity management practices, the techniques that threat actors and insiders leverage, and the operational best practices that organizations should adopt to protect against identity theft and account compromises, and to develop an effective identity governance program.
What You Will Learn
- Understand the concepts behind an identity and how their associated credentials and accounts can be leveraged as an attack vector
- Implement an effective Identity Access Management (IAM) program to manage identities and roles, and provide certification for regulatory compliance
- See where identity management controls play a part of the cyber kill chain and how privileges should be managed as a potential weak link
- Build upon industry standards to integrate key identity management technologies into a corporate ecosystem
- Plan for a successful deployment, implementation scope, measurable risk reduction, auditing and discovery, regulatory reporting, and oversight based on real-world strategies to prevent identity attack vectors
Who This Book Is For
Management and implementers in IT operations, security, and auditing looking to understand and implement an identity access management program and manage privileges in these environments
| Toate formatele și edițiile | Preț | Express |
|---|---|---|
| Paperback (2) | 207.99 lei 38-45 zile | |
| Apress – 31 mar 2024 | 285.37 lei 3-5 săpt. | |
| Apress – 19 dec 2019 | 207.99 lei 38-45 zile |
Preț: 207.99 lei
Preț vechi: 259.99 lei
-20% Nou
Puncte Express: 312
Preț estimativ în valută:
39.80€ • 41.50$ • 33.08£
39.80€ • 41.50$ • 33.08£
Carte tipărită la comandă
Livrare economică 17-24 martie
Preluare comenzi: 021 569.72.76
Specificații
ISBN-13: 9781484251645
ISBN-10: 1484251644
Pagini: 196
Ilustrații: XXIII, 196 p. 33 illus.
Dimensiuni: 178 x 254 mm
Greutate: 0.45 kg
Ediția:1st ed.
Editura: Apress
Colecția Apress
Locul publicării:Berkeley, CA, United States
ISBN-10: 1484251644
Pagini: 196
Ilustrații: XXIII, 196 p. 33 illus.
Dimensiuni: 178 x 254 mm
Greutate: 0.45 kg
Ediția:1st ed.
Editura: Apress
Colecția Apress
Locul publicării:Berkeley, CA, United States
V-ar putea interesa
-
On the Foundations of ComputingGiuseppe Primiero-27%Preț: 337.41 lei463.55 lei -
Algorithms Are Not EnoughHerbert L. Roitblat-20%Preț: 215.82 lei269.77 lei -
Blockchain Chicken FarmXiaowei WangPreț: 89.18 lei -
Possible Minds: Twenty-Five Ways of Looking at AIJohn Brockman-34%Preț: 75.23 lei113.68 lei -
-20%Preț: 448.83 lei561.05 lei -
The Zynq BookLouise H CrockettPreț: 277.95 lei -
Algorithms Illuminated (Part 2)Tim Roughgarden-20%Preț: 92.70 lei115.88 lei -
Database SystemsRamez Elmasri-20%Preț: 486.43 lei608.04 lei -
-20%Preț: 223.61 lei279.51 lei -
-20%Preț: 374.60 lei468.25 lei -
-20%Preț: 312.68 lei390.85 lei -
When Is a Hack an Attack? a Sovereign State's Options If Attacked in CyberspaceAir Command and Staff College-20%Preț: 79.67 lei99.59 lei -
The Secret World of WikileaksDan Lance-20%Preț: 43.27 lei54.09 lei -
Recommended PracticeU. S. Department of Homeland Security-20%Preț: 95.40 lei119.26 lei -
Enabling Distributed Security in CyberspaceExecutive Office of the President-20%Preț: 79.32 lei99.15 lei -
Cyber Insurance Roundtable Readout ReportDepartment of Homeland Security-20%Preț: 60.75 lei75.94 lei -
Conduite Et Maitrise de L'Audit InformatiqueDidier Hallepee-20%Preț: 251.73 lei314.66 lei -
Conduite Et Maitrise de La Securite InformatiqueDidier Hallepee-20%Preț: 255.64 lei319.56 lei -
Proactive Botnet DetectionDr Thomas S. Hyslip-20%Preț: 41.81 lei52.26 lei -
Remember!V. J. Schultz-20%Preț: 46.45 lei58.07 lei -
Problem Solving with Algorithms and Data Structures Using PythonBradley N. MillerPreț: 369.03 lei -
tmux 2Brian P. Hogan-20%Preț: 93.09 lei116.36 lei -
The Revolutionary PhenotypeJean-François GariépyPreț: 117.92 lei -
AdventureJamie LendinoPreț: 122.60 lei -
Preț: 446.59 lei -
Peeling Design PatternsNarasimha KarumanchiPreț: 301.86 lei
Cuprins
Chapter 1: The Three Pillars of Cybersecurity.- Chapter 2: A Nuance on Lateral Movement .- Chapter 3: The Five A’s of Enterprise IAM.- Chapter 4: Understanding Enterprise Identity.- Chapter 5: BOTS .- Chapter 6: Identity Governance Defined.- Chapter 7: The Identity Governance Process.- Chapter 8: Meeting Regulatory Compliance Mandates.- Chapter 9: Indicators of Compromise.- Chapter 10: Identity Attack Vectors.- Chapter 11: Identity Management Controls in the Cyber Kill Chain .- Chapter 12: Identity Management Program Planning .- Chapter 13: Privileged Access Management.- Chapter 14: Just-In-Time Access Management.- Chapter 15: Identity Obfuscation.- Chapter 16: System for Cross-domain Identity Management (SCIM).- Chapter 17: Remote Access.- Chapter 18: Identity-Based Threat Response.- Chapter 19: Biometric Risks Related to Identities.- Chapter 20: Blockchain and Identity Management.- Chapter 21: Conclusion.
Notă biografică
Morey J. Haber is Chief Technology Officer at BeyondTrust. He has more than 20 years of IT industry experience, and has authored two Apress books: Privileged Attack Vectors and Asset Attack Vectors. He joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition. He currently oversees BeyondTrust technology management solutions for vulnerability, and privileged and remote access. In 2004, he joined eEye as Director of Security Engineering and was responsible for strategic business discussions and vulnerability management architectures in Fortune 500 clients. Prior to eEye, he was Development Manager for Computer Associates, Inc. (CA), responsible for new product beta cycles and named customer accounts. He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelor of Science degree in Electrical Engineering from the State University of New York at Stony Brook.
Darran Rolls is CISO and Chief Technology Officer at SailPoint, where he is responsible for directing the company’s technology strategy and security operations. He has a long history in identity management and security at companies such as Tivoli Systems, IBM, Waveset Technologies, and Sun Microsystems. He has helped design, build, and deliver innovative, ground-breaking technology solutions that have defined and shaped the identity and access management (IAM) industry. He frequently speaks at industry events and to customers about IAM and next-generation enterprise security solutions.
Darran Rolls is CISO and Chief Technology Officer at SailPoint, where he is responsible for directing the company’s technology strategy and security operations. He has a long history in identity management and security at companies such as Tivoli Systems, IBM, Waveset Technologies, and Sun Microsystems. He has helped design, build, and deliver innovative, ground-breaking technology solutions that have defined and shaped the identity and access management (IAM) industry. He frequently speaks at industry events and to customers about IAM and next-generation enterprise security solutions.
Textul de pe ultima copertă
Discover how poor identity and privilege management can be leveraged to compromise accounts and credentials within an organization. Learn how role-based identity assignments, entitlements, and auditing strategies can be implemented to mitigate the threats leveraging accounts and identities and how to manage compliance for regulatory initiatives.
As a solution, Identity Access Management (IAM) has emerged as the cornerstone of enterprise security. Managing accounts, credentials, roles, certification, and attestation reporting for all resources is now a security and compliance mandate. When identity theft and poor identity management is leveraged as an attack vector, risk and vulnerabilities increase exponentially. As cyber attacks continue to increase in volume and sophistication, it is not a matter of if, but when, your organization will have an incident. Threat actors target accounts, users, and their associated identities, to conduct their malicious activities through privileged attacks and asset vulnerabilities.
Identity Attack Vectors details the risks associated with poor identity management practices, the techniques that threat actors and insiders leverage, and the operational best practices that organizations should adopt to protect against identity theft and account compromises, and to develop an effective identity governance program.
You will:
As a solution, Identity Access Management (IAM) has emerged as the cornerstone of enterprise security. Managing accounts, credentials, roles, certification, and attestation reporting for all resources is now a security and compliance mandate. When identity theft and poor identity management is leveraged as an attack vector, risk and vulnerabilities increase exponentially. As cyber attacks continue to increase in volume and sophistication, it is not a matter of if, but when, your organization will have an incident. Threat actors target accounts, users, and their associated identities, to conduct their malicious activities through privileged attacks and asset vulnerabilities.
Identity Attack Vectors details the risks associated with poor identity management practices, the techniques that threat actors and insiders leverage, and the operational best practices that organizations should adopt to protect against identity theft and account compromises, and to develop an effective identity governance program.
You will:
- Understand the concepts behind an identity and how their associated credentials and accounts can be leveraged as an attack vector
- Implement an effective Identity Access Management (IAM) program to manage identities and roles, and provide certification for regulatory compliance
- See where identity management controls play a part of the cyber kill chain and how privileges should be managed as a potential weak link
- Build upon industry standards to integrate key identity management technologies into a corporate ecosystem
- Plan for a successful deployment, implementation scope, measurable risk reduction, auditing and discovery, regulatory reporting, and oversight based on real-world strategies to prevent identity attack vectors
Caracteristici
Details how best to balance between operational efficiency, security, and compliance when deploying a comprehensive identity management strategy Explores a methodology for deploying a success identity access management program within an organization and managing the critical identities associated with privileged access Provides a foundation for the importance of identity access management and the attack vectors used for corporate identity theft