Modern Vulnerability Management: Predictive Cybersecurity (Computer Security)
معرفی کتاب «Modern Vulnerability Management: Predictive Cybersecurity (Computer Security)» نوشتهٔ Michael Roytman و Ed Bellis، منتشرشده توسط نشر Artech House Publishers در سال 2023. این کتاب در 238 صفحه، فرمت pdf، زبان انگلیسی ارائه شده است.
This book comprehensively covers the principles of Risk-based vulnerability management (RBVM) one of the most challenging tasks in cybersecurity -- from the foundational mathematical models to building your own decision engine to identify, mitigate, and eventually forecast the vulnerabilities that pose the greatest threat to your organization.You will how to structure data pipelines in security and derive and measure value from them; where to procure open-source data to better your organizations pipeline and how to structure it; how to build a predictive model using vulnerability data; how to measure the return on investment a model in security can yield; which organizational structures and policies work best, and how to use data science to detect when they are not working in security; and ways to manage organizational change around data science implementation. Youll also be shown real-world examples of how to mature an RBVM program and will understand how to prioritize remediation efforts based on which vulnerabilities pose the greatest risk to your organization.The book presents a fresh approach, rooted in risk management, and taking advantage of rich data and machine learning, helping you focus more on what matters and ultimately make your organization more secure with a system commensurate to the scale of the threat. This is a timely and much-needed book for security managers and practitioners who need to evaluate their organizations and plan future projects and change. Students of cybersecurity will also find this a valuable introduction on how to use their skills in the enterprise workplace to drive change. Contents Foreword Acknowledgments 1 THE STATE OF THE VULNERABILITY LANDSCAPE 1.1 THE SECURITY CANON: FUNDAMENTAL CYBERSECURITYTERMINOLOGY 1.2 SECURITY METRICS: THE NEW GUARD 2 DATA SCIENCE TO DEFINE RISK 2.1 RISK MANAGEMENT HISTORY AND CHALLENGES 3 DECISION SUPPORT: TAPPING MATHEMATICALMODELS AND MACHINE LEARNING 3.1 MATHEMATICAL MODELING 3.2 MACHINE LEARNING FOR CYBERSECURITY 4 HOW TO BUILD A DECISION ENGINE TOFORECAST RISK 4.1 THE DATA 4.2 BUILDING A LOGISTIC REGRESSION MODEL 4.3 DESIGNING A NEURAL NETWORK 5 MEASURING PERFORMANCE 5.1 RISK VS PERFORMANCE 5.2 WHAT MAKES A METRIC “GOOD”? 5.3 REMEDIATION METRICS 5.4 WHY DOES PERFORMANCE MATTER? 5.5 MEASURING WHAT MATTERS 6 BUILDING A SYSTEM FOR SCALE 6.1 CONSIDERATIONS BEFORE YOU BUILD 6.2 ON PREMISE VS CLOUD 6.3 PROCESSING CONSIDERATIONS 6.4 DATABASE ARCHITECTURE 6.5 SEARCH CAPABILITIES 6.6 ROLE-BASED ACCESS CONTROLS 7 ALIGNING INTERNAL PROCESS AND TEAMS 7.1 THE SHIFT TO A RISK-BASED APPROACH 7.2 DRIVING DOWN RISK 7.3 SLA ADHERENCE 7.4 SHIFTING FROM SECURITY-CENTRIC TO IT SELF-SERVICE 7.5 STEADY-STATE WORKFLOW 7.6 THE IMPORTANCE OF PROCESS AND TEAMS 8 REAL-WORLD EXAMPLES 8.1 A WORD FROM THE REAL WORLD1 9 THE FUTURE OF MODERN VM 9.1 STEPS TOWARD A PREDICTIVE RESPONSE TO RISK 9.2 FORECASTING VULNERABILITY EXPLOITATION WITH THE EXPLOITPREDICTION SCORING SYSTEM 9.3 SUPPORT FROM INTELLIGENT AWARENESS 9.4 THE RISE OF XDR 9.5 THE OTHER SIDE OF THE COIN: REMEDIATION 9.6 THE WICKED PROBLEM OF SECURITY ADVANCES GLOSSARY ABOUT THE AUTHORS INDEX
دانلود کتاب Modern Vulnerability Management: Predictive Cybersecurity (Computer Security)