وبلاگ بلیان

Identity Attack Vectors: Strategically Designing and Implementing Identity Security, Second Edition

جلد کتاب Identity Attack Vectors: Strategically Designing and Implementing Identity Security, Second Edition

معرفی کتاب «Identity Attack Vectors: Strategically Designing and Implementing Identity Security, Second Edition» نوشتهٔ Dorothy E. Roberts و Morey J. Haber, Darran Rolls، منتشرشده توسط نشر Apress L. P. در سال 2024. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.

Today, it’s easier for threat actors to simply log in versus hack in. As cyberattacks continue to increase in volume and sophistication, it’s not a matter of if, but when, your organization will have an incident. Threat actors target accounts, users, and their associated identities—whether human or machine, to initiate or progress their attack. Detecting and defending against these malicious activities should be the basis of all modern cybersecurity initiatives. This book details the risks associated with poor identity security hygiene, the techniques that external and internal threat actors leverage, and the operational best practices that organizations should adopt to protect against identity theft, account compromises, and to develop an effective identity and access security strategy. As a solution to these challenges, Identity Security has emerged as a cornerstone of modern Identity and Access Management (IAM) initiatives. Managing accounts, credentials, roles, entitlements, certifications, and attestation reporting for all identities is now a security and regulatory compliance requirement. In this book, you will discover how inadequate identity and privileged access controls can be exploited to compromise accounts and credentials within an organization. You will understand the modern identity threat landscape and learn how role-based identity assignments, entitlements, and auditing strategies can be used to mitigate the threats across an organization’s entire Identity Fabric. What You Will Learn Understand the concepts behind an identity and how its associated credentials and accounts can be leveraged as an attack vector Implement an effective identity security strategy to manage identities and accounts based on roles and entitlements, including the most sensitive privileged accounts Know the role that identity security controls play in the cyber kill chain and how privileges should be managed as a potential weak link Build upon industry standards and strategies such as Zero Trust to integrate key identity security technologies into a corporate ecosystem Plan for a successful identity and access security deployment; create an implementation scope and measurable risk reduction; design auditing, discovery, and regulatory reporting; and develop oversight based on real-world strategies to prevent identity attack vectors Who This Book Is For Management and implementers in IT operations, security, and auditing looking to understand and implement an Identity and Access Management (IAM) program and manage privileges in these environments Table of Contents About the Authors About the Technical Reviewer About the Foreword Author Acknowledgments Foreword Chapter 1: Introduction: “The Machine” Chapter 2: Introduction: “The Human” Chapter 3: An Identity Crisis Chapter 4: Identity As a Business Function Chapter 5: Identity Access Defined Authentication Authorization Administration Audit Analytics Chapter 6: Understanding Enterprise Identity Personas Physical Persona Electronic Persona Accounts Password Passcode Passkey Certificate Credentials Users Applications Machines Ownership Automation Types of Accounts Local Accounts Centralized Accounts Functional Accounts Managed Accounts Service Accounts Application Accounts Cloud Accounts Entitlements Simple Entitlement Complex Entitlement Roles Business Roles IT Roles Roles and Least Privilege Summary Chapter 7: Identity and Access Management (IAM) Architectures Risks Best Practices Chapter 8: Privileged Access Management (PAM) Chapter 9: Identity Threat Detection and Response (ITDR) ITDR, EDR, and XDR ITDR and Identity Governance and Administration (IGA) ITDR and IAM Privileged Access Management (PAM) and ITDR Chapter 10: Indicators of Compromise Role-Based IoC Hacking Techniques Identity-Based IoCs Chapter 11: Identity Attack Vectors Methods Tactics Implications Privileges Chapter 12: The Identity Cyber Kill Chain Part I: The Cyber Kill Chain Reconnaissance Infiltration Exploitation Exfiltration Part II: Real-World Identity Attack Part III: Identities Under Attack Part IV: Old School Chapter 13: Six Steps to Identity Security 1. Identity and Asset Management 2. Identity Accountability 3. Remote Access 4. Implement Least Privilege and Application Control 5. Integrate Directory Services 6. Identity Security Chapter 14: Evolving Identity Security Threats DevOps (Development Operations) Synthetic Identities Masquerade Attack Operational Technology, IoT, and Nontraditional Endpoints Robotic Process Automation (RPA) Cyber Insurance Artificial Intelligence Secure Remote Access Biometrics Multifactor Authentication Passwordless Ransomware Chapter 15: Complexity Inherent in the IAM System Separate Products and Isolated Infrastructure Doors and Corners Managed Identity Services Platforms Chapter 16: Identity Technical Debt Chapter 17: Identity Digital Transformations Chapter 18: Just-in-Time Access Management Chapter 19: Zero Trust for Identity Security Zero-Trust Details Defining Zero-Trust Architectures Zero-Trust Architectural Models Least Privilege and Zero Trust Privileged Account Control Remote Access Zero-Trust Least Privilege Directory Bridging Measuring Zero Trust Zero-Trust Design Considerations Chapter 20: Identity Obfuscation Chapter 21: Regulatory Compliance Overview Compliance Example US Regulatory Compliance Global Regulatory Compliance Regulatory Compliance Best Practices The Future of Identity-Based Compliance Chapter 22: Key Takeaways Chapter 23: A Final Thought on Vendors Chapter 24: Conclusion Appendix A Identity Security Sample RFP Questions Business Justification Universal Identity Security Capabilities Privileged Access Management Capabilities Zero-Trust Remote Access Technology Endpoint Least Privilege Identity and Directory Services Bridging Appendix B Department of Defense (DoD) Zero-Trust Framework Index Today, it's easier for threat actors to simply log in versus hack in. As cyberattacks continue to increase in volume and sophistication, it’s not a matter of if, but when, your organization will have an incident. Threat actors target accounts, users, and their associated identities -- whether human or machine, to initiate or progress their attack. Detecting and defending against these malicious activities should be the basis of all modern cybersecurity initiatives. This book details the risks associated with poor identity security hygiene, the techniques that external and internal threat actors leverage, and the operational best practices that organizations should adopt to protect against identity theft, account compromises, and to develop an effective identity and access security strategy. As a solution to these challenges, Identity Security has emerged as a cornerstone of modern Identity and Access Management (IAM) initiatives. Managing accounts, credentials, roles, entitlements, certifications, and attestation reporting for all identities is now a security and regulatory compliance requirement. In this book, you will discover how inadequate identity and privileged access controls can be exploited to compromise accounts and credentials within an organization. You will understand the modern identity threat landscape and learn how role-based identity assignments, entitlements, and auditing strategies can be used to mitigate the threats across an organization’s entire Identity Fabric
دانلود کتاب Identity Attack Vectors: Strategically Designing and Implementing Identity Security, Second Edition