Identity Attack Vectors

Implementing an Effective Identity and Access Management Solution



Bookstore > Books > Identity Attack Vectors

Price$26.19 - $32.99
Rating
AuthorsMorey J. Haber, Darran Rolls
PublisherApress
Published2020
Pages196
LanguageEnglish
FormatPaper book / ebook (PDF)
ISBN-101484251644
ISBN-139781484251645
EBook Hardcover Paperback

Discover how poor identity and privilege management can be leveraged to compromise accounts and credentials within an organization. Learn how role-based identity assignments, entitlements, and auditing strategies can be implemented to mitigate the threats leveraging accounts and identities and how to manage compliance for regulatory initiatives.

As a solution, Identity Access Management (IAM) has emerged as the cornerstone of enterprise security. Managing accounts, credentials, roles, certification, and attestation reporting for all resources is now a security and compliance mandate. When identity theft and poor identity management is leveraged as an attack vector, risk and vulnerabilities increase exponentially. As cyber attacks continue to increase in volume and sophistication, it is not a matter of if, but when, your organization will have an incident. Threat actors target accounts, users, and their associated identities, to conduct their malicious activities through privileged attacks and asset vulnerabilities.

Identity Attack Vectors details the risks associated with poor identity management practices, the techniques that threat actors and insiders leverage, and the operational best practices that organizations should adopt to protect against identity theft and account compromises, and to develop an effective identity governance program.

Understand the concepts behind an identity and how their associated credentials and accounts can be leveraged as an attack vector; Implement an effective Identity Access Management (IAM) program to manage identities and roles, and provide certification for regulatory compliance; See where identity management controls play a part of the cyber kill chain and how privileges should be managed as a potential weak link; Build upon industry standards to integrate key identity management technologies into a corporate ecosystem; Plan for a successful deployment, implementation scope, measurable risk reduction, auditing and discovery, regulatory reporting, and oversight based on real-world strategies to prevent identity attack vectors.


  1. (2 books)



Similar Books


Asset Attack Vectors

Asset Attack Vectors

by Morey J. Haber, Brad Hibbert

Build an effective vulnerability management strategy to protect your organization's assets, applications, and data.Today's network environments are dynamic, requiring multiple defenses to mitigate vulnerabilities and stop data breaches. In the modern enterprise, everything connected to the network is a target. Attack surfaces are rapidly ...

Price:  $22.94  |  Publisher:  Apress  |  Release:  2018

Identity and Data Security for Web Development

Identity and Data Security for Web Development

by Jonathan LeBlanc, Tim Messerschmidt

Developers, designers, engineers, and creators can no longer afford to pass responsibility for identity and data security onto others. Web developers who don't understand how to obscure data in transmission, for instance, can open security flaws on a site without realizing it. With this practical guide, you'll learn how and why everyone w...

Price:  $33.33  |  Publisher:  O'Reilly Media  |  Release:  2016

Secure Your Node.js Web Application

Secure Your Node.js Web Application

by Karl Duuna

Cyber-criminals have your web applications in their crosshairs. They search for and exploit common security mistakes in your web application to steal user data. Learn how you can secure your Node.js applications, database and web server to avoid these security holes. Discover the primary attack vectors against web applications, and implem...

Price:  $10.96  |  Publisher:  The Pragmatic Programmers  |  Release:  2016

Mastering Metasploit

Mastering Metasploit

by Nipun Jaswal

The Metasploit framework has been around for a number of years and is one of the most widely used tools for carrying out penetration testing on various services.This book is a hands-on guide to penetration testing using Metasploit and covers its complete development. It will help you clearly understand the creation process of various expl...

Price:  $16.31  |  Publisher:  Packt Publishing  |  Release:  2014

Hands-On Cybersecurity with Blockchain

Hands-On Cybersecurity with Blockchain

by Rajneesh Gupta

Blockchain technology is being welcomed as one of the most revolutionary and impactful innovations of today. Blockchain technology was first identified in the world's most popular digital currency, Bitcoin, but has now changed the outlook of several organizations and empowered them to use it even for storage and transfer of value.This boo...

Price:  $35.99  |  Publisher:  Packt Publishing  |  Release:  2018

Hacking Exposed Malware & Rootkits, 2nd Edition

Hacking Exposed Malware & Rootkits, 2nd Edition

by Christopher C. Elisan, Michael A. Davis, Sean M. Bodmer, Aaron LeMasters

Thwart debilitating cyber-attacks and dramatically improve your organization's security posture using the proven defense strategies in this thoroughly updated guide. Hacking Exposed Malware and Rootkits: Security Secrets & Solutions, Second Edition fully explains the hacker's latest methods alongside ready-to-deploy countermeasures. D...

Price:  $22.94  |  Publisher:  McGraw-Hill  |  Release:  2016

Exam Ref MS-100 Microsoft 365 Identity and Services

Exam Ref MS-100 Microsoft 365 Identity and Services

by Orin Thomas

Prepare for Microsoft Exam MS-100 - and help demonstrate your real-world mastery of skills and knowledge needed to effectively design, deploy, manage, and secure Microsoft 365 services. Designed for experienced IT professionals, Exam Ref focuses on critical thinking and decision-making acumen needed for success at the Microsoft Certified ...

Price:  $31.99  |  Publisher:  Microsoft Press  |  Release:  2019

Risk Centric Threat Modeling

Risk Centric Threat Modeling

by Tony UcedaVelez, Marco M. Morana

This book introduces the Process for Attack Simulation & Threat Analysis (PASTA) threat modeling methodology. It provides an introduction to various types of application threat modeling and introduces a risk-centric methodology aimed at applying security countermeasures that are commensurate to the possible impact that could be su...

Price:  $91.29  |  Publisher:  Wiley  |  Release:  2015