We trust you will benefit from the following information security resources.
Today, creating a truly secure IT infrastructure requires access to highly specialized knowledge, intelligence, and expertise in order to stay at least one step ahead of the evolving risks. Because Praetorian is an authority on information security, your business can leverage our subject matter expertise to solve these challenging business problems. To that end, we invite you to enjoy the following information security resources.
Now enterprise IT leaders can maximize budgets and outcomes by focusing on the five fundamental data-driven strategies detailed in this report.
Praetorian spent countless hours analyzing data from 75 companies, 100 penetration tests, and 450 real-world attacks to discover the "Top 5 Attack Vectors" used to compromise the networks of today's leading organizations. Now enterprise IT leaders can maximize budgets and outcomes by focusing on the five fundamental data-driven strategies detailed in this report.
Report Press Coverage:
Attacker’s Playbook Top 5 Is High On Passwords, Low On Malware - Dark Reading
Attackers don’t need vulnerabilities when the basics work just as well - CSO Online
Software exploits overrated - it’s the humans you need to be watching - The Register
Results from this 12-page report reveal that 8 out of 10 mobile apps from leading megabanks, regional banks, and credit unions contain security weaknesses.
Praetorian has identified build and configuration weaknesses in the overwhelming majority of mobile banking apps available on the App Store and Google Marketplace. While cursory, the results of the analysis indicate a need for continued improvement in mobile application security as the critical underpinnings of society become increasingly dependent on mobile technology.
Report Press Coverage:
Weak Security In Most Mobile Banking Apps - Dark Reading
Daily Open Source Infrastructure Report - U.S. Dept. of Homeland Security
How To Dodge 7 Mobile Banking Threats - NASDAQ
Are mobile apps dangerous to your wealth? - MSN Money
Threat of the Week: Mobile Banking App Flaws - Credit Union Times
Praetorian Study Reveals 8 out of 10 Mobile Banking Apps Have Security Flaws - PaymentWeek
Creator and Project Lead: Josh Abraham
Developers: Anthony Weems, Coleton Pierson
A scalable, on-demand, cost-effective, and secure password cracking solution. Coupled with advanced reporting, organizations can finally measure password complexity and policy effectiveness to illuminate potential exposures due to weak passwords.
Press Coverage during the Black Hat 2013 Launch:
New Free Service Cracks Weak Passwords - Dark Reading
Praetorian Launches Cloud-based Password Cracking Service - SecurityWeek
Tools for Heavy-Duty Attacks Get a Little Too Easy - SlashDot
Favorite Thing Out of This Year's Black Hat? - Ask Slashdot
Contributing Author: Nathan Sportsman
A fully updated edition of the world's bestselling computer security book
Hacking Exposed 7: Network Security Secrets and Solutions is filled with all-new information on today's most devastating attacks and proven countermeasures. The book covers: advanced persistent threats; infrastructure hacks; industrial automation and embedded devices; wireless security; the new SCADA protocol hacks; Microsoft Windows Server 2010; Web 2.0; Ubuntu Linux; hardware; Cisco; RFID; malware; and more! The 7th Edition also features a new “5 Deployments” approach for the first time that provides five key actions for every countermeasure—focused on five areas of expertise: 1. Network Security, 2. Server Security, 3. Mobile Security, 4. Endpoint Security, 5. Web Security
Hacking Exposed 7 applies the authors' internationally recognized and highly sought-after computer security methodologies, technical rigor, and from-the-trenches experience to making computer technology usage and deployments safer and more secure for businesses and consumers. It uncovers new, cutting-edge computer security issues.
"If there was en Encyclopedia Britannica of computer security, it would be Hacking Exposed."
Marty Roesch, creator of the Snort tool
Bruce Schneier, CTO, Counterpane Internet Security, Inc.
"Real security is proven by trying to break it, and few sources will show you how to do that better than Hacking Exposed."
Thomas Ptacek, Researcher at Arbor Networks
Contributing Author: Nathan Sportsman
The tenth anniversary edition of the world's bestselling computer security book! The original Hacking Exposed authors rejoin forces on this new edition to offer completely up-to-date coverage of today's most devastating hacks and how to prevent them. Using their proven methodology, the authors reveal how to locate and patch system vulnerabilities.
The book includes new coverage of ISO images, wireless and RFID attacks, Web 2.0 vulnerabilities, anonymous hacking tools, Ubuntu, Windows Server 2008, mobile devices, and more. Hacking Exposed 6 applies the authors' internationally renowned computer security methodologies, technical rigor, and "from-the-trenches" experience to make computer technology usage and deployments safer and more secure for businesses and consumers.
"A cross between a spy novel and a tech manual."
Mark A. Kellner, Washington Times
"The seminal book on white-hat hacking and countermeasures... Should be required reading for anyone with a server or a network to secure."
Bill Machrone, PC Magazine
"A must-read for anyone in security... One of the best security books available."
Tony Bradley, CISSP, About.com
Authors: Chris Prosise and Kevin Mandia
A strong system of defenses will save your systems from falling victim to published and otherwise uninventive attacks, but even the most heavily defended system can be cracked under the right conditions. Incident Response aims to teach you how to determine when an attack has occurred or is underway--they're often hard to spot--and show you what to do about it. Authors Kevin Mandia and Chris Prosise favor a tools- and procedures-centric approach to the subject, thereby distinguishing this book from others that catalog particular attacks and methods for dealing with each one. The approach is more generic, and therefore better suited to dealing with newly emerging attack techniques.
Anti-attack procedures are presented with the goal of identifying, apprehending, and successfully prosecuting attackers. The advice on carefully preserving volatile information, such as the list of processes active at the time of an attack, is easy to follow. The book is quick to endorse tools, the functionalities of which are described so as to inspire creative applications. Information on bad-guy behavior is top quality as well, giving readers knowledge of how to interpret logs and other observed phenomena. Mandia and Prosise don't--and can't--offer a foolproof guide to catching crackers in the act, but they do offer a great "best practices" guide to active surveillance.
Topics covered: Monitoring computer systems for evidence of malicious activity, and reacting to such activity when it's detected. With coverage of Windows and Unix systems as well as non-platform-specific resources like Web services and routers, the book covers the fundamentals of incident response, processes for gathering evidence of an attack, and tools for making forensic work easier.