The Ethical Hacking & Cyber Defense Bundle by Packt

Explore the evolving field of cybersecurity leadership and gain real-world insights from top security leaders on strategy, communication, and resilience to excel as a CISO in today's digital landscape. Free with your book: DRM-free PDF version + access to Packt's next-gen Reader* Key Features Gain practical perspectives from global CISOs on cyber transformation, risk management, and career growth Explore AI threats, building resilient teams, cyber strategy, communication skills, and breach recovery Equip yourself to lead effectively while adapting to evolving cyber challenges Purchase of the print or Kindle book includes a free PDF eBook Book DescriptionAs cyber threats become more complex, effective cybersecurity leadership calls for more than technical expertise; it requires strategic thinking, resilient leadership, and deft communication skills. A Day in the Life of a CISO brings together candid insights from some of the world’s most accomplished CISOs and cybersecurity executives. With invaluable guidance on managing emerging threats, balancing risk and business needs, leading through crisis, and building elite security teams, this book is a practical, real-world guide for professionals looking to elevate their cybersecurity careers or transition into leadership roles. You’ll benefit from the collective wisdom and hard-earned experiences of 29 contributors representing leading organizations worldwide, and learn how to craft cyber strategies, manage vulnerabilities, lead transformations, and develop long-lasting careers in cybersecurity. Whether you are an aspiring CISO, a current security leader, or a business executive seeking a deeper understanding of cybersecurity leadership, this book offers you the knowledge and inspiration to thrive in an increasingly challenging digital world. *Email sign-up and proof of purchase required What you will learn Adapt security strategies to manage emerging threats, including AI-driven risks Build and execute cyber strategies while balancing business needs and budget constraints Discover effective leadership and communication techniques critical for CISOs Implement talent development strategies for building a resilient cybersecurity team Learn from real-world incidents, including how to recover after breaches Explore career development pathways for cybersecurity professionals, including alternative and non-traditional paths to CISO roles Who this book is for This book is for aspiring cybersecurity leaders and managers, as well as current CISOs seeking to sharpen their leadership and strategic skills. IT and risk management professionals transitioning into cybersecurity leadership roles and business executives and board members interested in cybersecurity governance will also find this book useful.

“The book not only explains how adversarial attacks work but also shows you how to build your own test environment and run attacks to see how they can corrupt ML models. It's a comprehensive guide that walks you through the technical details and then flips to show you how to defend against these very same attacks.” – Elaine Doyle, VP and Cybersecurity Architect, Salesforce Free with your book: DRM-free PDF version + access to Packt's next-gen Reader* Key Features Understand the unique security challenges presented by predictive and generative AI Explore common adversarial attack strategies as well as emerging threats such as prompt injection Mitigate the risks of attack on your AI system with threat modeling and secure-by-design methods Book DescriptionAdversarial attacks trick AI systems with malicious data, creating new security risks by exploiting how AI learns. This challenges cybersecurity as it forces us to defend against a whole new kind of threat. This book demystifies adversarial attacks and equips you with the skills to secure AI technologies. Learn how to defend AI and LLM systems against manipulation and intrusion through adversarial attacks such as poisoning, trojan horses, and model extraction, leveraging DevSecOps, MLOps, and other methods to secure systems. This is a comprehensive guide to AI security, combining structured frameworks with practical examples to help you identify and counter adversarial attacks. Part 1 introduces the foundations of AI and adversarial attacks. Parts 2, 3, and 4 cover key attack types, showing how each is performed and how to defend against them. Part 5 presents secure-by-design AI strategies, including threat modeling, MLSecOps, and guidance aligned with OWASP and NIST. The book concludes with a blueprint for maturing enterprise AI security based on NIST pillars, addressing ethics and safety under Trustworthy AI. By the end of this book, you’ll be able to develop, deploy, and secure AI systems against the threat of adversarial attacks effectively. *Email sign-up and proof of purchase required What you will learn Set up a playground to explore how adversarial attacks work Discover how AI models can be poisoned and what you can do to prevent this Learn about the use of trojan horses to tamper with and reprogram models Understand supply chain risks Examine how your models or data can be stolen in privacy attacks See how GANs are weaponized for Deepfake creation and cyberattacks Explore emerging LLM-specific attacks, such as prompt injection Leverage DevSecOps, MLOps and MLSecOps to secure your AI system Who this book is for This book tackles AI security from both angles - offense and defence. AI developers and engineers will learn how to create secure systems, while cybersecurity professionals, such as security architects, analysts, engineers, ethical hackers, penetration testers, and incident responders will discover methods to combat threats to AI and mitigate the risks posed by attackers. The book also provides a secure-by-design approach for leaders to build AI with security in mind. To get the most out of this book, you’ll need a basic understanding of security, ML concepts, and Python.

Gain practical information systems auditing expertise to pass the latest CISA exam on your first attempt and advance your career Purchase of the book unlocks access to web-based exam prep resources, including over 1000 practice test questions, flashcards, exam tips, and a free eBook PDF Key Features Learn from a qualified CISA and bestselling instructor, Hemang Doshi Aligned with the latest CISA exam objectives from the 28th edition of the Official Review Manual Assess your exam readiness with over 1000 targeted practice test questions Book Description Following on from the success of its bestselling predecessor, this third edition of the CISA - Certified Information Systems Auditor Study Guide serves as your go-to resource for acing the CISA exam. Written by renowned CISA expert Hemang Doshi, this guide equips you with practical skills and in-depth knowledge to excel in information systems auditing, setting the foundation for a thriving career. Fully updated to align with the 28th edition of the CISA Official Review Manual, this guide covers the latest exam objectives and provides a deep dive into essential IT auditing areas, including IT governance, systems development, and asset protection. The book follows a structured, three-step approach to solidify your understanding. First, it breaks down the fundamentals with clear, concise explanations. Then, it highlights critical exam-focused points to ensure you concentrate on key areas. Finally, it challenges you with self-assessment questions that reflect the exam format, helping you assess your knowledge. Additionally, you’ll gain access to online resources, including mock exams, interactive flashcards, and invaluable exam tips, ensuring you’re fully prepared for the exam with unlimited practice opportunities. By the end of this guide, you’ll be ready to pass the CISA exam with confidence and advance your career in auditing. What you will learn Conduct audits that adhere to globally accepted standards and frameworks Identify and propose IT processes and control enhancements Use data analytics tools to optimize audit effectiveness Evaluate the efficiency of IT governance and management Examine and implement various IT frameworks and standard Manage effective audit reporting and communication Assess evidence collection methods and forensic techniques Who this book is for This CISA study guide is for anyone with a non-technical background aspiring to achieve the CISA certification. It caters to those currently working in or seeking employment in IT audit and security management roles.

A comprehensive reference guide to securing the basic building blocks of cloud services, with actual examples for leveraging Azure, AWS, and GCP built-in services and capabilities Key Features: Discover practical techniques for implementing cloud security Learn how to secure your data and core cloud infrastructure to suit your business needs Implement encryption, detect cloud threats and misconfiguration, and achieve compliance in the cloud Book Description: Securing resources in the cloud is challenging, given that each provider has different mechanisms and processes. Cloud Security Handbook helps you to understand how to embed security best practices in each of the infrastructure building blocks that exist in public clouds. This book will enable information security and cloud engineers to recognize the risks involved in public cloud and find out how to implement security controls as they design, build, and maintain environments in the cloud. You'll begin by learning about the shared responsibility model, cloud service models, and cloud deployment models, before getting to grips with the fundamentals of compute, storage, networking, identity management, encryption, and more. Next, you'll explore common threats and discover how to stay in compliance in cloud environments. As you make progress, you'll implement security in small-scale cloud environments through to production-ready large-scale environments, including hybrid clouds and multi-cloud environments. This book not only focuses on cloud services in general, but it also provides actual examples for using AWS, Azure, and GCP built-in services and capabilities. By the end of this cloud security book, you'll have gained a solid understanding of how to implement security in cloud environments effectively. What You Will Learn: Secure compute, storage, and networking services in the cloud Get to grips with identity management in the cloud Audit and monitor cloud services from a security point of view Identify common threats and implement encryption solutions in cloud services Maintain security and compliance in the cloud Implement security in hybrid and multi-cloud environments Design and maintain security in a large-scale cloud environment Who this book is for: This book is for IT or information security personnel taking their first steps in the public cloud or migrating existing environments to the cloud. Cloud engineers, cloud architects, or cloud security professionals maintaining production environments in the cloud will also benefit from this book. Prior experience of deploying virtual machines, using storage services, and networking will help you to get the most out of this book.

Discover the ins and outs of cybersecurity architecture with this handbook, designed to enhance your expertise in implementing and maintaining robust security structures for the ever-evolving digital landscape Key Features Gain insights into the cybersecurity architect role and master key skills to excel in it Acquire a diverse skill set for becoming a cybersecurity architect through up-to-date, practical examples Discover valuable tips and best practices to launch your career in cybersecurity Purchase of the print or Kindle book includes a free PDF eBook Book DescriptionStepping into the role of a Cybersecurity Architect (CSA) is no mean feat, as it requires both upskilling and a fundamental shift in the way you view cybersecurity altogether. Cybersecurity Architect’s Handbook is an all-encompassing guide, introducing the essential skills for aspiring CSAs, outlining a path for cybersecurity engineers and newcomers to evolve into architects, and sharing best practices to enhance the skills of existing CSAs. Following a brief introduction to the role and foundational concepts, this book will help you understand the day-to-day challenges faced by CSAs, supported by practical examples. You'll gain insights into assessing and improving your organization’s security posture, concerning system, hardware, and software security. You'll also get to grips with setting user and system policies and protocols through effective monitoring and enforcement, along with understanding countermeasures that protect the system from unauthorized access attempts. To prepare you for the road ahead and augment your existing skills, the book provides invaluable tips and practices that will contribute to your success as a CSA. By the end of this book, you’ll be well-equipped to take up the CSA role and execute robust security solutions.What you will learn Get to grips with the foundational concepts and basics of cybersecurity Understand cybersecurity architecture principles through scenario-based examples Navigate the certification landscape and understand key considerations for getting certified Implement zero-trust authentication with practical examples and best practices Find out how to choose commercial and open source tools Address architecture challenges, focusing on mitigating threats and organizational governance Who this book is for This book is for cybersecurity professionals looking to transition into a cybersecurity architect role. Solution architects interested in understanding the scope of the role and the necessary skills for success will also find this book useful.

Understand the cyber kill chain framework and discover essential tactics and strategies to effectively prevent cyberattacks Free with your book: DRM-free PDF version + access to Packt's next-gen Reader* Key Features Explore each stage of the cyberattack process using the cyber kill chain and track threat actor movements Learn key components of threat intelligence and how they enhance the cyber kill chain Apply practical examples and case studies for effective, real-time responses to cyber threats Book DescriptionGain a strategic edge in cybersecurity by mastering the systematic approach to identifying and responding to cyber threats through a detailed exploration of the cyber kill chain framework. This guide walks you through each stage of the attack, from reconnaissance and weaponization to exploitation, command and control (C2), and actions on objectives. Written by cybersecurity leaders Gourav Nagar, Director of Information Security at BILL Holdings, with prior experience at Uber and Apple, and Shreyas Kumar, Professor of Practice at Texas A&M, and former expert at Adobe and Oracle, this book helps enhance your cybersecurity posture. You’ll gain insight into the role of threat intelligence in boosting the cyber kill chain, explore the practical applications of the framework in real-world scenarios, and see how AI and machine learning are revolutionizing threat detection. You’ll also learn future-proofing strategies and get ready to counter sophisticated threats like supply chain attacks and living-off-the-land attacks, and the implications of quantum computing on cybersecurity. By the end of this book, you’ll have gained the strategic understanding and skills needed to protect your organization's digital infrastructure in the ever-evolving landscape of cybersecurity. *Email sign-up and proof of purchase required.What you will learn Discover methods, tools, and best practices to counteract attackers at every stage Leverage the latest defensive measures to thwart command-and-control activities Understand weaponization and delivery techniques to improve threat recognition Implement strategies to prevent unauthorized installations and strengthen security Enhance threat prediction, detection, and automated response with AI and ML Convert threat intelligence into actionable strategies for enhancing cybersecurity defenses Who this book is for This book is for cybersecurity professionals, IT administrators, network engineers, students, and business leaders who want to understand modern cyber threats and defense strategies. It’s also a valuable resource for decision-makers seeking insight into cybersecurity investments and strategic planning. With clear explanation of cybersecurity concepts suited to all levels of expertise, this book equips you to apply the cyber kill chain framework in real-world scenarios, covering key topics such as threat actors, social engineering, and infrastructure security.

Strengthen your incident response strategy and build operational resilience by sharpening your incident management skills for industrial control systems in critical infrastructure Free with your book: DRM-free PDF version + access to Packt's next-gen Reader* Key Features Understand OT incident management with a focus on IACS, their security challenges, and role in CI Develop training and exercise methods to boost ICS incident readiness for your organization Be better prepared for incidents in CI and understand the importance of government reporting Get With Your Book: PDF Copy, AI Assistant, and Next-Gen Reader Free Book DescriptionIncident Management for Industrial Control Systems is a practical guide that highlights the vital role of effective incident response in protecting complex industrial environments. The author distills nearly two decades of experience in this book to explain the foundational role of critical infrastructure (CI), exploring the world of operational technology (OT), emphasizing Industrial Automation and Control Systems (IACS) and their evolving threat landscape. The book simplifies the complexities of incident command systems (ICSs) for CI, addressing emergency operations, specialized frameworks, and compliance standards. With actionable insights, it also guides you through drills, scenario planning, and improving response strategies across varied operational environments. You’ll gain practical experience in ICS-focused training and exercises, grounded in widely adopted industry frameworks. The chapters further discuss FEMA’s ICS, OT fundamentals, and the nuances of incident management standards. By the end of this book, you'll have a solid grasp of CI operations, core cybersecurity principles, and the dynamics of incident response across industrial control systems and broader OT environments. *Email sign-up and proof of purchase requiredWhat you will learn Differentiate between IT, OT, and ICS for a comprehensive understanding Recognize threats to ICS, including cyber attacks and physical damage Gain insights into specialized incident command systems for critical infrastructure Explore advanced considerations for optimizing exercises within organizations Familiarize yourself with global perspectives on critical infrastructure security Understand ICS components in various sectors, such as energy, transportation, and manufacturing Who this book is for This book is for critical infrastructure security and incident response professionals, process control engineers, automation specialists, control systems analysts, safety engineers, security managers, physical security specialists, network security analysts, and cybersecurity consultants. To get the most out of this book, you’ll need to be familiar with the basics of information security, industrial manufacturing, and incident response.

When you know what hackers know, you re better able to protect your online information. With this book you ll learn just what Kali Linux is capable of and get the chance to use a host of recipes. Key Features Recipes designed to educate you extensively on the penetration testing principles and Kali Linux tools Learning to use Kali Linux tools, such as Metasploit, Wire Shark, and many more through in-depth and structured instructions Teaching you in an easy-to-follow style, full of examples, illustrations, and tips that will suit experts and novices alike Book DescriptionIn this age, where online information is at its most vulnerable, knowing how to execute the same attacks that hackers use to break into your system or network helps you plug the loopholes before it's too late and can save you countless hours and money. Kali Linux is a Linux distribution designed for penetration testing and security auditing. It is the successor to BackTrack, the world's most popular penetration testing distribution. Discover a variety of popular tools of penetration testing, such as information gathering, vulnerability identification, exploitation, privilege escalation, and covering your tracks. Packed with practical recipes, this useful guide begins by covering the installation of Kali Linux and setting up a virtual environment to perform your tests. You will then learn how to eavesdrop and intercept traffic on wireless networks, bypass intrusion detection systems, and attack web applications, as well as checking for open ports, performing data forensics, and much more. The book follows the logical approach of a penetration test from start to finish with many screenshots and illustrations that help to explain each tool in detail. The Kali Linux Cookbook will serve as an excellent source of information for the security professional and novice alike!What you will learn Install and setup Kali Linux on multiple platforms Customize Kali Linux to your individual needs Locate vulnerabilities with Nessus and OpenVAS Exploit vulnerabilities you ve found with Metasploit Learn multiple solutions to escalate privileges on a compromised machine Understand how to use Kali Linux in all phases of a penetration test Crack WEP/WPA/WPA2 encryption Simulate an actual penetration test using Kali Linux Who this book is for This book is ideal for anyone who wants to get up to speed with Kali Linux. It would also be an ideal book to use as a reference for seasoned penetration testers.

Packed with real-world examples, this book simplifies cybersecurity, delves into malware development, and serves as a must-read for advanced ethical hackers Free with your book: DRM-free PDF version + access to Packt's next-gen Reader* Key Features Learn how to develop and program Windows malware applications using hands-on examples Explore methods to bypass security mechanisms and make malware undetectable on compromised systems Understand the tactics and tricks of real adversaries and APTs and apply their experience in your operations Book DescriptionMalware Development for Ethical Hackers is a comprehensive guide to the dark side of cybersecurity within an ethical context. This book takes you on a journey through the intricate world of malware development, shedding light on the techniques and strategies employed by cybercriminals. As you progress, you’ll focus on the ethical considerations that ethical hackers must uphold. You’ll also gain practical experience in creating and implementing popular techniques encountered in real-world malicious applications, such as Carbanak, Carberp, Stuxnet, Conti, Babuk, and BlackCat ransomware. This book will also equip you with the knowledge and skills you need to understand and effectively combat malicious software. By the end of this book, you'll know the secrets behind malware development, having explored the intricate details of programming, evasion techniques, persistence mechanisms, and more. *Email sign-up and proof of purchase requiredWhat you will learn Familiarize yourself with the logic of real malware developers for cybersecurity Get to grips with the development of malware over the years using examples Understand the process of reconstructing APT attacks and their techniques Design methods to bypass security mechanisms for your red team scenarios Explore over 80 working examples of malware Get to grips with the close relationship between mathematics and modern malware Who this book is for This book is for penetration testers, exploit developers, ethical hackers, red teamers, and offensive security researchers. Anyone interested in cybersecurity and ethical hacking will also find this book helpful. Familiarity with core ethical hacking and cybersecurity concepts will help you understand the topics discussed in this book more easily.

Unlock the full potential of Palo Alto Networks firewalls with expert insights and hands-on strategies for mastering next-gen security. Free with your book: DRM-free PDF version + access to Packt's next-gen Reader* Key Features Master Palo Alto Networks firewalls with hands-on labs and expert guidance Stay up to date with the latest features, including cloud and security enhancements Learn how to set up and leverage Strata Cloud Manager Purchase of the print or Kindle book includes a free PDF eBook Book DescriptionMastering Palo Alto Networks is the ultimate guide for anyone looking to become proficient in configuring and managing Palo Alto firewalls. Written by a seasoned security consultant and author with 25 years of expertise in network security, this book provides a comprehensive approach to mastering Palo Alto Networks’ firewalls. If you’ve struggled with managing firewall policies, setting up VPNs, or integrating cloud security, this book will provide clear solutions. You’ll get to grips with the fundamentals, and go through the entire process step by step—from initial setup to advanced configurations, gaining a solid understanding of both on-premise and cloud-based security solutions. Packed with practical examples and expert tips, chapters show you how to deploy and optimize firewall policies, secure your network, and troubleshoot issues effectively. With a focus on real-world applications, this guide covers essential topics like traffic management, threat prevention, VPN setup, and integration with Prisma Access for cloud security. By the end of this book, you’ll have the confidence and expertise to manage even the most complex network security environments, making this a must-have resource for anyone working with Palo Alto Networks. *Email sign-up and proof of purchase required.What you will learn Set up and configure Palo Alto firewalls from scratch Manage firewall policies for secure network traffic Implement VPNs and remote access solutions Optimize firewall performance and security settings Use threat prevention and traffic filtering features Troubleshoot common firewall issues effectively Integrate Palo Alto firewalls with cloud services Configure Strata Cloud Manager for network security management Who this book is for This book is perfect for network security professionals, IT administrators, and engineers looking to master Palo Alto firewalls. Whether you’re new to network security or aiming to deepen your expertise, this guide will help you overcome configuration challenges and optimize security. Basic networking knowledge is required, but no prior experience with Palo Alto is necessary.

Master identity solutions and strategies and prepare to achieve Microsoft Identity and Access Administrator SC-300 certification Purchase of this book unlocks access to web-based exam prep resources such as mock exams, flashcards, and exam tips Key Features Gain invaluable insights into SC-300 certification content from industry experts Strengthen your foundations and master all crucial concepts required for exam success Rigorous mock exams reflect the real exam environment, boosting your confidence and readiness Purchase of this book unlocks access to web-based exam prep resources including mock exams, flashcards, exam tips Book DescriptionSC-300 exam content has undergone significant changes, and this second edition aligns with the revised exam objectives. This updated edition gives you access to online exam prep resources such as chapter-wise practice questions, mock exams, interactive flashcards, and expert exam tips, providing you with all the tools you need for thorough exam preparation. You’ll get to grips with the creation, configuration, and management of Microsoft Entra identities, as well as understand the planning, implementation, and management of Microsoft Entra user authentication processes. You’ll learn to deploy and use new Global Secure Access features, design cloud application strategies, and manage application access and policies by using Microsoft Cloud App Security. You’ll also gain experience in configuring Privileged Identity Management for users and guests, working with the Permissions Creep Index, and mitigating associated risks. By the end of this book, you’ll have mastered the skills essential for securing Microsoft environments and be able to pass the SC-300 exam on your first attempt.What you will learn Implement an identity management solution using Microsoft Entra ID Manage identity with MFA, conditional access and identity protection Design, implement, and monitor the integration single sign-on (SSO) Deploy the new Global Secure Access features Add apps to your identity and access solution with app registration Design and implement identity governance for your identity solution Who this book is for This book is for cloud security engineers, Microsoft 365 administrators, Microsoft 365 users, Microsoft 365 identity administrators, and anyone who wants to learn identity and access management and gain SC-300 certification. A basic understanding of the fundamental services within Microsoft 365 and Azure Active Directory is needed before getting started with this book.

Become a Security Copilot expert and harness the power of AI to stay ahead in the evolving landscape of cyber defense Key Features Explore the Security Copilot ecosystem and learn to design effective prompts, promptbooks, and custom plugins Apply your knowledge with real-world case studies that demonstrate Security Copilot in action Transform your security operations with next-generation defense capabilities and automation Access interactive learning paths and GitHub-based examples to build practical expertise Book Description Be at the forefront of cybersecurity innovation with Microsoft Security Copilot, where advanced AI tackles the intricate challenges of digital defense. This book unveils Security Copilot’s powerful features, from AI-powered analytics revolutionizing security operations to comprehensive orchestration tools streamlining incident response and threat management. Through real-world case studies and frontline stories, you’ll learn how to truly harness AI advancements and unlock the full potential of Security Copilot within the expansive Microsoft ecosystem. Designed for security professionals navigating increasingly sophisticated cyber threats, this book equips you with the skills to accelerate threat detection and investigation, refine your security processes, and optimize cyber defense strategies. By the end of this book, you’ll have become a Security Copilot ninja, confidently crafting effective prompts, designing promptbooks, creating custom plugins, and integrating logic apps for enhanced automation. What you will learn Navigate and use the complete range of features in Microsoft Security Copilot Unlock the full potential of Security Copilot's diverse plugin ecosystem Strengthen your prompt engineering skills by designing impactful and precise prompts Create and optimize promptbooks to streamline security workflows Build and customize plugins to meet your organization's specific needs See how AI is transforming threat detection and response for the new era of cyber defense Understand Security Copilot's pricing model for cost-effective solutions Who this book is for This book is for cybersecurity professionals at all experience levels, from beginners seeking foundational knowledge to seasoned experts looking to stay ahead of the curve. While readers with basic cybersecurity knowledge will find the content approachable, experienced practitioners will gain deep insights into advanced features and real-world applications.

Written by a Microsoft security expert, this practical guide helps you harness PowerShell's offensive and defensive capabilities to strengthen your organization's security. Purchase of the print or Kindle book includes a free PDF eBook Key Features Master PowerShell for security—configure, audit, monitor, exploit, and bypass defenses Gain insights from a Microsoft expert and creator of PowerShell tools EventList and JEAnalyzer Build stealthy techniques to evade controls while improving detection and response Learn practical techniques from real-world case studies to enhance your security operations Book DescriptionTake your cybersecurity skills to the next level with this comprehensive PowerShell security guide! Whether you're on the red or blue team, you'll gain a deep understanding of PowerShell's security capabilities and how to apply them. With years of hands-on experience, the author brings real-world use cases to demonstrate PowerShell’s critical role in offensive and defensive security. After covering PowerShell basics and scripting fundamentals, you'll explore PowerShell Remoting and remote management technologies. You'll learn to configure and analyze Windows event logs, identifying crucial logs and IDs for effective monitoring. The book delves into PowerShell's interaction with system components, Active Directory, and Azure AD, including stealth execution methods. You’ll uncover authentication protocols, enumeration, credential theft, and exploitation, providing strategies to mitigate these risks. A dedicated red and blue team cookbook offers practical security tasks. Finally, you'll delve into mitigations such as Just Enough Administration, AMSI, application control, and code signing, emphasizing configuration, risks, exploitation, bypasses, and best practices. By the end of this book, you’ll confidently apply PowerShell for cybersecurity, from detection to defense, staying ahead of cyber threats.What you will learn Leverage PowerShell, its mitigation techniques, and detect attacks Fortify your environment and systems against threats Get unique insights into event logs and IDs in relation to PowerShell and detect attacks Configure PSRemoting and learn about risks, bypasses, and best practices Use PowerShell for system access, exploitation, and hijacking Red and blue team introduction to Active Directory and Azure AD security Discover PowerShell security measures for attacks that go deeper than simple commands Explore JEA to restrict what commands can be executed Who this book is for This book is for security professionals, penetration testers, system administrators, red and blue team members, and cybersecurity enthusiasts aiming to enhance their security operations using PowerShell. Whether you're experienced or new to the field, it offers valuable insights and practical techniques to leverage PowerShell for various security tasks. A basic understanding of PowerShell and cybersecurity fundamentals is recommended. Familiarity with concepts such as Active Directory, as well as programming languages like C and Assembly, can be beneficial.

Learn to build, test, and optimize high-fidelity security detections with hands-on labs, real-world scenarios, and industry frameworks like MITRE ATT&CK to master detection engineering and boost your career. Key Features Master the core principles of detection engineering, from development to validation Follow practical tutorials and real-world examples to build and test detections effectively Boost your career using cutting-edge, open-source tools and community-driven content Book DescriptionThreat validation is the backbone of every strong security detection strategy—it ensures your detection pipeline is effective, reliable, and resilient against real-world threats. This comprehensive guide is designed for those new to detection validation, offering clear, actionable frameworks to help you assess, test, and refine your security detections with confidence. Covering the entire detection lifecycle, from development to validation, this book provides real-world examples, hands-on tutorials, and practical projects to solidify your skills. Beyond just technical know-how, this book empowers you to build a career in detection engineering, equipping you with the essential expertise to thrive in today’s cybersecurity landscape. By the end of this book, you'll have the tools and knowledge to fortify your organization’s defenses, enhance detection accuracy, and stay ahead of cyber threats. What you will learn Boost your career as a detection engineer Use industry tools to test and refine your security detections Create effective detections to catch sophisticated threats. Build a detection engineering test lab Make the most of the detection engineering life cycle Harness threat intelligence for detection with open-source intelligence and assessments Understand the principles and concepts that form the foundation of detection engineering Identify critical data sources and overcome integration challenges Who this book is for This book is for SOC analysts, threat hunters, security engineers, and cybersecurity professionals looking to master detection engineering. Ideal for those seeking to build, test, and optimize high-fidelity security detections.

Build a modern security intelligence program with Sumo Logic that combines DevSecOps practices, Cloud SIEM insights, and automation to detect, investigate, and respond faster while ensuring compliance Free with your book: DRM-free PDF version + access to Packt's next-gen Reader* Key Features Master essential skills for security monitoring and analytics using Sumo Logic Perform advanced threat hunting using Cloud SIEM in Sumo Logic Get up to speed quickly and easily with this practical guide for security analysts Purchase of the print or Kindle book includes a free PDF eBook Book Description Modernize your security operations with Sumo Logic’s Continuous Intelligence Platform that delivers real-time detection, analysis, and response to threats, and find out how it enables security teams to unify monitoring, apply advanced analytics, and strengthen defenses across diverse environments. Step by step, this guide takes you through configuring Sumo Logic to ingest and visualize log data, running versatile queries, and using Security Apps to meet compliance and audit demands. You’ll learn how to take full advantage of Cloud SIEM by creating enriched records, building correlation rules, proactively threat hunting, and tuning signals to reduce false positives. Beyond traditional SIEM use cases, discover how Sumo Logic supports modern DevSecOps practices that embed security into the development lifecycle without compromising delivery speed and features such as entity inventory, third-party integrations, and best practices that enhance investigation and detection accuracy. Finally, you’ll prepare for the future of security intelligence, where automation, machine learning, and AI-driven insights reshape threat defense, ensuring you’re ready to transform your security operations with Sumo Logic Cloud SIEM. *Email sign-up and proof of purchase required What you will learn Discover why advanced security intelligence matters and how to achieve it with Sumo Logic Explore the Sumo Logic platform to perform security monitoring and analytics Understand Sumo Logic Cloud SIEM and modernize your security operations Leverage Sumo Logic's cloud-native SIEM for threat detection and threat hunting Implement best practices and techniques to make full use of what Sumo Logic offers Adapt to the future of security intelligence Who this book is for The book covers everything from basics to best practices so that you can make the most of Sumo Logic. It equips you with the practical knowledge that transforms how you develop and implement cybersecurity intelligence solutions.

Develop the SOC analysis, triage, and investigation skills needed to succeed as a SOC analyst with the help of hands-on labs, exercises, and scenario-based training Key Features Master SIEM and learn to investigate, triage, and move beyond automation via SOAR Explore an operational SOC from the inside-out and develop a coherent career path Understand the role of the SOC in delivering business value through the CIA triad to the enterprise Get With Your Book: PDF Copy, AI Assistant, and Next-Gen Reader Free Book DescriptionAs cyberattacks continue to disrupt modern enterprises, organizations urgently need vigilant security operations center (SOC) analysts who can detect and stop threats fast. With modern SIEMs and ingestion strategies, much of the necessary data is already within easy reach. This book provides you with the daily tactics, techniques, and procedures of a SOC analyst and shows how to exceed expectations in a modern SOC. The book builds a solid foundation in security operations, preparing you for the SOC analyst role and other positions within the SOC. With this base in place, you’ll advance into key SOC roles and blue team principles, such as detection and engineering. You’ll be able to clearly articulate your future as a SOC analyst in an interview as well as talk about your career path to impress prospective employers. You’ll get to grips with advanced threat actors, including advanced persistent threats (APTs) that wield considerable resources in campaigning against an organization. The chapters cover important concepts, such as governance, risk, and compliance (GRC), blue and red team tools, network security, web app security, and job search skills. By the end of this book, you’ll be able to demonstrate competency and acquire a SOC analyst position with an additional career outlook moving forward.What you will learn Explore security operations and see how it fits into an overall business Discover the key functions and real-world duties of a SOC analyst Understand and master the tools of the trade, including SIEM Develop a home lab with an operational SIEM and EDR solution Create a compelling portfolio to impress prospective employers Perfect your interviewing skills and land a SOC analyst job Who this book is for This guide is for anyone interested in becoming a SOC analyst and entering the field of cybersecurity supporting a security operations center or managed security services provider (MSSP). Basic networking and computer skills, such as the skills covered in CompTIA A+ or Network+, will be needed to grasp the topics covered with ease.

Build threat modeling skills with practical advanced techniques to enhance risk analysis, optimize security measures, and stay ahead of emerging threats in the complex cybersecurity landscape Free with your book: DRM-free PDF version + access to Packt's next-gen Reader* Key Features Identify and mitigate security threats across software, cloud, mobile, IoT, and supply chains using STRIDE, PASTA, and MITRE ATT&CK Learn from real-world case studies showing practical threat modeling applications across industries Build threat modeling programs with the right team, tools, SDLC integration, and continuous improvement Book DescriptionThreat modeling has become a cornerstone of modern cybersecurity, yet it is often overlooked, leaving security gaps that attackers can exploit. With the rise in system complexity, cloud adoption, AI-driven threats, and stricter compliance requirements, security teams need a structured approach to proactively spot and stop risks before attackers do. This book delivers exactly that, offering actionable insights for applying industry best practices and emerging technologies to secure systems. It breaks down the fundamentals of threat modeling and walks you through key frameworks and tools such as STRIDE, MITRE ATT&CK, PyTM, and Attack Paths, helping you choose the right model and create a roadmap tailored to your business. You'll learn how to use leading threat modeling tools, identify and prioritize potential threats, and integrate these practices into the software development life cycle to detect risks early. The book also examines how AI can enhance analysis and streamline security decision-making for faster, stronger defenses. By the end, you'll have everything you need to build systems that anticipate and withstand evolving threats, keeping your organization secure in an ever-changing digital landscape. *Email sign-up and proof of purchase requiredWhat you will learn Create foundational threat modeling artifacts like Data Flow Diagrams and security architecture diagrams to visualize system threats Understand the relationship between vulnerabilities (exploitable weaknesses) and threats (sources of harm) Analyze real-world case studies to see how threat modeling is applied in industry incidents Evaluate and compare popular threat modeling tools, both open source and commercial Explore advanced topics, including threat modeling for cloud environments and integrating with DevSecOps Who this book is for This book is for cybersecurity professionals, security consultants, penetration testers, and compliance managers seeking to integrate threat modeling into their assessment methodologies and client engagements. It’s also ideal for software architects, DevOps engineers, risk managers, and organizational leaders responsible for identifying, assessing, and mitigating security risks in their technological environments. Whether you’re new to threat modeling or looking to enhance your existing expertise, this book helps you with foundational knowledge as well as advanced techniques.

A practical guide to modern cybersecurity using Microsoft tools, covering step-by-step setup, Zero Trust AI integration, and security framework alignment Free with your book: DRM-free PDF version + access to Packt's next-gen Reader* Key Features Deploy Microsoft Sentinel with end-to-end guidance, including CI/CD automation and scalable architecture Integrate Security Copilot with Defender XDR to enable AI-driven threat detection and response Implement Zero-Trust strategies and align with modern DevSecOps and cybersecurity frameworks Purchase of the print or Kindle book includes a free PDF eBook Book DescriptionIn the evolving cybersecurity landscape, the integration of Microsoft Defender XDR and Security Copilot presents a game-changing approach to modern threat detection and response. With this book, you’ll understand how these tools, in conjunction with Microsoft’s extensive ecosystem, enable organizations to outpace emerging threats. Starting with core XDR concepts, security frameworks, and Microsoft’s competitive advantages in cybersecurity, you’ll master the foundational aspects of deploying Microsoft Sentinel, configuring security infrastructure, and optimizing security operations using AI-driven tools. Advanced topics, including Zero-Trust strategies, DevSecOps integration, and partner programs, prepare you for increasingly sophisticated scenarios in Microsoft cloud security. You’ll also explore practical deployment workflows, covering cost analysis, role-based access configurations, and fast-tracked Sentinel deployment using CI/CD pipelines. By the end of this book, you’ll have gained insights into security automation, threat detection, and AI integration with Security Copilot for optimized operations and have the confidence to implement and manage Microsoft Defender XDR and Sentinel in complex environments, driving scalable and secure solutions. *Email sign-up and proof of purchase requiredWhat you will learn Deploy Microsoft Sentinel with RBAC, governance, and financial planning Align security programs with Zero Trust and global frameworks Automate assessments with ScubaGear, Maester, and Azure DevOps Build secure Sentinel foundations with Entra ID, PIM, and management groups Onboard customers and partners via Azure Lighthouse and GDAP Master the Sentinel workflow backbone: KQL, detections, automation, MITRE ATT&CK Accelerate rollouts using FastTrack deployment and CI/CD pipelines Harness Security Copilot for AI-assisted detection and investigation Who this book is for This book is for you if you have a solid understanding of Microsoft security products and Azure and are now looking to expand your expertise by incorporating Microsoft Sentinel. Security experts using alternative SIEM tools who want to adopt Microsoft Sentinel as an additional or replacement service will also find this book useful.