Klicka på en bild för att gå till Google Book Search.
|
Laddar... The Art of Attack: Attacker Mindset for Security Professionalsav Maxie Reynolds
Ingen/inga Det finns inga diskussioner på LibraryThing om den här boken.  scottjpearson | Sep 18, 2023 |  inga recensioner | lägg till en recension
"Take on the perspective of an attacker with this insightful new resource for ethical hackers, pentesters, and social engineers In The Art of Attack: Attacker Mindset for Security Professionals, experienced physical pentester and social engineer Maxie Reynolds untangles the threads of a useful, sometimes dangerous, mentality. The book shows ethical hackers, social engineers, and pentesters what an attacker mindset is and how to use it to their advantage. Adopting this mindset will result in the improvement of security, offensively and defensively, by allowing you to see your environment objectively through the eyes of an attacker. The book shows you the laws of the mindset and the techniques attackers use, from persistence to "start with the end" strategies and non-linear thinking, that make them so dangerous. You'll discover: A variety of attacker strategies, including approaches, processes, reconnaissance, privilege escalation, redundant access, and escape techniques The unique tells and signs of an attack and how to avoid becoming a victim of one What the science of psychology tells us about amygdala hijacking and other tendencies that you need to protect against Perfect for red teams, social engineers, pentesters, and ethical hackers seeking to fortify and harden their systems and the systems of their clients, The Art of Attack is an invaluable resource for anyone in the technology security space seeking a one-stop resource that puts them in the mind of an attacker."--Publisher. Inga biblioteksbeskrivningar kunde hittas. |
Pågående diskussionerIngen/ingaPopulära omslag 
 Google Books — Laddar...GenrerMelvil Decimal System (DDC)005.8Information Computer Science; Knowledge and Systems Computer programming, programs, data, security Computer SecurityKlassifikation enligt LCBetygMedelbetyg: (5)
Är det här du? |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
2
I work in IT, and I wanted to read this book to better anticipate cyberattacks. It did not meet that goal, lamentably, but it taught me much more about how to think about social factors that go into an attack. It taught me how to recognize when a human tries to gain secretive information. By itself, this first step can teach how to protect oneself through later actions.
Many of the examples here are from the physical world. They talk about infiltrating something like a business or an office… or talking someone into divulging information… or how acting and security relate intimately. This book does not talk in detail about attack vectors in cyberspace, though, aside from gaining reconnaissance information. Many cybersecurity professionals – and more importantly, many organizations – do not adequately address the human side of an attack well. Reynolds introduces us specific ways to master this mindset in ourselves so that we can better defend ourselves, our workplaces, and our careers.
Although it did not fulfill my initial desires, this book taught me a lot. It began a daily habit of looking for ways that others might take advantage of vulnerabilities I present. As a main drawback, however, it overuses acronyms and jargon. She uses terms like “AMS” (Attacker Mindset) and “EA” (Ethical Attacker) way too much. She should just use the actual words so that I, as a reader, don’t have to mentally “look up” what those words mean.
As described in the subtitle, this book’s intended audience is security professionals. That’s somewhat of a misnomer. It should also be read by organizational leaders and other prime targets of attackers. Today, many of us cannot hide behind security professionals to anticipate our needs and teach us how to behave. We need to carefully apprehend the attacker mindset ourselves. This book provides an excellent way to do so. I still seek to read another book or two on technical details of cybersecurity, but Reynolds has masterfully taught me the often-overlooked psychology. (