Professional Red Teaming: Conducting Successful Cybersecurity Engagements
Jacob G. Oakley
相關主題
商品描述
Use this unique book to leverage technology when conducting offensive security engagements. You will understand practical tradecraft, operational guidelines, and offensive security best practices as carrying out professional cybersecurity engagements is more than exploiting computers, executing scripts, or utilizing tools.
Professional Red Teaming introduces you to foundational offensive security concepts. The importance of assessments and ethical hacking is highlighted, and automated assessment technologies are addressed. The state of modern offensive security is discussed in terms of the unique challenges present in professional red teaming.
Best practices and operational tradecraft are covered so you feel comfortable in the shaping and carrying out of red team engagements. Anecdotes from actual operations and example scenarios illustrate key concepts and cement a practical understanding of the red team process.
You also are introduced to counter advanced persistent threat red teaming (CAPTR teaming). This is a reverse red teaming methodology aimed at specifically addressing the challenges faced from advanced persistent threats (APTs) by the organizations they target and the offensive security professionals trying to mitigate them.
What You’ll Learn
- Understand the challenges faced by offensive security assessments
- Incorporate or conduct red teaming to better mitigate cyber threats
- Initiate a successful engagement
- Get introduced to counter-APT red teaming (CAPTR)
- Evaluate offensive security processes
Who This Book Is For
Offensive security assessors and those who want a working knowledge of the process, its challenges, and its benefits. Current professionals will gain tradecraft and operational insight and non-technical readers will gain a high-level perspective of what it means to provide and be a customer of red team assessments.
商品描述(中文翻譯)
使用這本獨特的書籍,在進行攻擊性安全測試時,可以充分利用技術。你將了解實用的技巧、操作指南和攻擊性安全的最佳實踐,因為專業的網絡安全測試不僅僅是利用電腦、執行腳本或使用工具。
《專業紅隊測試》將介紹你基礎的攻擊性安全概念。強調了評估和道德駭客的重要性,並討論了自動化評估技術。通過專業紅隊測試的獨特挑戰,討論了現代攻擊性安全的狀況。
本書涵蓋了最佳實踐和操作技巧,讓你在塑造和執行紅隊測試中感到自在。實際操作的軼事和示例情境說明了關鍵概念,並鞏固了對紅隊測試過程的實際理解。
你還將了解到反高級持續性威脅紅隊測試(CAPTR紅隊測試)。這是一種反向紅隊測試方法,旨在專門應對組織面臨的高級持續性威脅(APT)以及試圖減輕這些威脅的攻擊性安全專業人員所面臨的挑戰。
你將學到什麼:
- 了解攻擊性安全評估所面臨的挑戰
- 納入或進行紅隊測試以更好地減輕網絡威脅
- 發起一個成功的測試
- 介紹反-APT紅隊測試(CAPTR)
- 評估攻擊性安全流程
適合閱讀對象:
攻擊性安全評估師以及希望瞭解該過程、挑戰和好處的人。現有的專業人員將獲得技巧和操作見解,非技術讀者將獲得對紅隊測試提供和成為客戶的高層次觀點。