Book picks similar to
AWS Security Best Practices (AWS Whitepaper) by Amazon Web Services
aws
tech
computer-security
cybersecurity
Microservices on AWS (AWS Whitepaper)
AWS Whitepapers - 2017
This approach includes scaling organizations that deliver software and services. Using a microservices approach, software is composed of small independent services that communicate over well-defined APIs. These services are owned by small self-contained teams. In this whitepaper, we summarize the common characteristics of microservices, talk about the main challenges of building microservices, and describe how product teams can leverage Amazon Web Services (AWS) to overcome those challenges. This documentation is offered for free here as a Kindle book, or you can read it in PDF format at https://aws.amazon.com/whitepapers/.
Architecting for the AWS Cloud: Best Practices (AWS Whitepaper)
Amazon We Services - 2016
It discusses cloud concepts and highlights various design patterns and best practices. This documentation is offered for free here as a Kindle book, or you can read it in PDF format at https://aws.amazon.com/whitepapers/.
Managing Risk and Information Security: Protect to Enable
Malcolm Harkins - 2012
Because almost every aspect of an enterprise is now dependent on technology, the focus of IT security must shift from locking down assets to enabling the business while managing and surviving risk. This compact book discusses business risk from a broader perspective, including privacy and regulatory considerations. It describes the increasing number of threats and vulnerabilities, but also offers strategies for developing solutions. These include discussions of how enterprises can take advantage of new and emerging technologiessuch as social media and the huge proliferation of Internet-enabled deviceswhile minimizing risk. With ApressOpen, content is freely available through multiple online distribution channels and electronic formats with the goal of disseminating professionally edited and technically reviewed content to the worldwide community. Here are some of the responses from reviewers of this exceptional work: Managing Risk and Information Security is a perceptive, balanced, and often thought-provoking exploration of evolving information risk and security challenges within a business context. Harkins clearly connects the needed, but often-overlooked linkage and dialog between the business and technical worlds and offers actionable strategies. The book contains eye-opening security insights that are easily understood, even by the curious layman. Fred Wettling, Bechtel Fellow, IS&T Ethics & Compliance Officer, Bechtel As disruptive technology innovations and escalating cyber threats continue to create enormous information security challenges, Managing Risk and Information Security: Protect to Enable provides a much-needed perspective. This book compels information security professionals to think differently about concepts of risk management in order to be more effective. The specific and practical guidance offers a fast-track formula for developing information security strategies which are lock-step with business priorities. Laura Robinson, Principal, Robinson Insight Chair, Security for Business Innovation Council (SBIC) Program Director, Executive Security Action Forum (ESAF) The mandate of the information security function is being completely rewritten. Unfortunately most heads of security havent picked up on the change, impeding their companies agility and ability to innovate. This book makes the case for why security needs to change, and shows how to get started. It will be regarded as marking the turning point in information security for years to come. Dr. Jeremy Bergsman, Practice Manager, CEB The world we are responsible to protect is changing dramatically and at an accelerating pace. Technology is pervasive in virtually every aspect of our lives. Clouds, virtualization and mobile are redefining computing and they are just the beginning of what is to come. Your security perimeter is defined by wherever your information and people happen to be.
The Anatomy of the Swipe: Making Money Move
Ahmed Siddiqui - 2020
Yet, not many people understand how payment systems in the US work. Those that do "get it" are unlocking multi-billion dollar opportunities. If you've ever wondered what happens when you actually swipe/dip/tap your credit card or debit card then The Anatomy of the Swipe breaks down the details in the simplest manner possible. Here are some questions answered within these pages:How does money move from my credit card to my favorite coffee shop? How can I build a neo-bank? How can I build my own debit or credit card? How can I accept card based payments? The Anatomy of the Swipe speaks to software developers and entrepreneurs who are looking at implementing card-based payments for the first time, merchants who want to be able to accept payments for a website or store, or those who want to issue their own debit/credit card. This book walks beginners through modern innovations created because of card-based payments, as well as the motivations and revenue models of each party in the payments ecosystem.
Zero Day: The Threat In Cyberspace
Robert O'Harrow Jr. - 2013
For more than a year, Washington Post reporter Robert O'Harrow has explored the threats proliferating in our digital universe. This eBook is a compilation of that reporting. With chapters built around real people, including hackers, security researchers and corporate executives, this book will help regular people, lawmakers and businesses better understand the mind-bending challenge of keeping the internet safe from hackers and security breaches -- and all out war.
Building Cloud Apps with Microsoft Azure: Best Practices for DevOps, Data Storage, High Availability, and More (Developer Reference)
Scott Guthrie - 2014
The patterns apply to the development process as well as to architecture and coding practices. The content is based on a presentation developed by Scott Guthrie and delivered by him at the Norwegian Developers Conference (NDC) in June of 2013 (part 1, part 2), and at Microsoft Tech Ed Australia in September 2013 (part 1, part 2). Many others updated and augmented the content while transitioning it from video to written form. Who should read this book Developers who are curious about developing for the cloud, are considering a move to the cloud, or are new to cloud development will find here a concise overview of the most important concepts and practices they need to know. The concepts are illustrated with concrete examples, and each chapter includes links to other resources that provide more in-depth information. The examples and the links to additional resources are for Microsoft frameworks and services, but the principles illustrated apply to other web development frameworks and cloud environments as well. Developers who are already developing for the cloud may find ideas here that will help make them more successful. Each chapter in the series can be read independently, so you can pick and choose topics that you're interested in. Anyone who watched Scott Guthrie's "Building Real World Cloud Apps with Windows Azure" presentation and wants more details and updated information will find that here. Assumptions This ebook expects that you have experience developing web applications by using Visual Studio and ASP.NET. Familiarity with C# would be helpful in places.
Applied Cryptography: Protocols, Algorithms, and Source Code in C
Bruce Schneier - 1993
… The book the National Security Agency wanted never to be published." –Wired Magazine "…monumental… fascinating… comprehensive… the definitive work on cryptography for computer programmers…" –Dr. Dobb's Journal"…easily ranks as one of the most authoritative in its field." —PC Magazine"…the bible of code hackers." –The Millennium Whole Earth CatalogThis new edition of the cryptography classic provides you with a comprehensive survey of modern cryptography. The book details how programmers and electronic communications professionals can use cryptography—the technique of enciphering and deciphering messages-to maintain the privacy of computer data. It describes dozens of cryptography algorithms, gives practical advice on how to implement them into cryptographic software, and shows how they can be used to solve security problems. Covering the latest developments in practical cryptographic techniques, this new edition shows programmers who design computer applications, networks, and storage systems how they can build security into their software and systems. What's new in the Second Edition? * New information on the Clipper Chip, including ways to defeat the key escrow mechanism * New encryption algorithms, including algorithms from the former Soviet Union and South Africa, and the RC4 stream cipher * The latest protocols for digital signatures, authentication, secure elections, digital cash, and more * More detailed information on key management and cryptographic implementations
The Devil's Blade
Amy Cross - 2018
Her pictures show figures that shouldn't be there, figures that hint at the church's true nature. But by the time she understands what she's uncovered, it might be too late for Kate to escape.Meanwhile, as she gets closer to the enigmatic John Dagwood, Kate comes to question her new friend's collection of medieval surgical equipment. Is Dagwood really just a man with a love of history, or is he involved with the same forces that lurk somewhere beneath the church? The Devil's Blade - originally published as The Devil's Photographer - is a horror story about one woman's fight to avoid being used as part of a cult's terrible plan.
The LogStash Book
James Turnbull - 2013
We're going to do that by introducing you to Example.com, where you're going to start a new job as one of its SysAdmins. The first project you'll be in charge of is developing its new log management solution. We'll teach you how to:* Install and deploy LogStash.* Ship events from a LogStash Shipper to a central LogStash server.* Filter incoming events using a variety of techniques.* Output those events to a selection of useful destinations.* Use LogStash's Web interface and alternative interfaces like Kibana.* Scale out your LogStash implementation as your environment grows.* Quickly and easily extend LogStash to deliver additional functionality you might need.By the end of the book you should have a functional and effective log management solution that you can deploy into your own environment.
Real World Java EE Patterns--Rethinking Best Practices
Adam Bien - 2009
:-)
CISSP for Dummies [With CDROM]
Lawrence C. Miller - 2002
The topics covered in the exam include: network security, security management, systems development, cryptography, disaster recovery, law, and physical security. CISSP For Dummies, 3rd Edition is the bestselling guide that covers the CISSP exam and helps prepare those wanting to take this security exam. The 3rd Edition features 200 additional pages of new content to provide thorough coverage and reflect changes to the exam. Written by security experts and well-known Dummies authors, Peter Gregory and Larry Miller, this book is the perfect, no-nonsense guide to the CISSP certification, offering test-taking tips, resources, and self-assessment tools.Fully updated with 200 pages of new content for more thorough coverage and to reflect all exam changesSecurity experts Peter Gregory and Larry Miller bring practical real-world security expertiseCD-ROM includes hundreds of randomly generated test questions for readers to practice taking the test with both timed and untimed versions"CISSP For Dummies, 3rd Edition" can lead you down the rough road to certification successNote: CD-ROM/DVD and other supplementary materials are not included as part of eBook file.
Professional Test Driven Development with C#: Developing Real World Applications with Tdd
James Bender - 2011
This hands-on guide provides invaluable insight for creating successful test-driven development processes. With source code and examples featured in both C# and .NET, the book walks you through the TDD methodology and shows how it is applied to a real-world application. You'll witness the application built from scratch and details each step that is involved in the development, as well as any problems that were encountered and the solutions that were applied.Clarifies the motivation behind test-driven development (TDD), what it is, and how it works Reviews the various steps involved in developing an application and the testing that is involved prior to implementing the functionality Discusses unit testing and refactoring Professional Test-Driven Development with C# shows you how to create great TDD processes right away.
Writing Secure Code
Michael Howard - 2001
You need to assume it will run in the most hostile environments imaginable -- and design, code, and test accordingly. Writing Secure Code, Second Edition shows you how. This edition draws on the lessons learned and taught throughout Microsoft during the firm s massive 2002 Windows Security Push. It s a huge upgrade to the respected First Edition, with new coverage across the board. Michael Howard and David LeBlanc first help you define what security means to your customers -- and implement a three-pronged strategy for securing design, defaults, and deployment. There s especially useful coverage of threat modeling -- decomposing your application, identifying threats, ranking them, and mitigating them. Then, it s on to in-depth coverage of today s key security issues from the developer s standpoint. Everyone knows buffer overruns are bad: Here s a full chapter on avoiding them. You ll learn how to establish appropriate access controls and default to running with least privilege. There s detailed coverage of overcoming attacks on cryptography (for example, avoiding poor random numbers and bit-flipping attacks). You ll learn countermeasures for virtually every form of user input attack, from malicious database updates to cross-site scripting. We ve just scratched the surface: There are authoritative techniques for securing sockets and RPC, protecting against DOS attacks, building safer .NET applications, reviewing and testing code, adding privacy features, and even writing high-quality security documentation. Following these techniques won t just improve security -- it ll dramatically improve robustness and reliability, too. Bill CamardaBill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2000 and Upgrading & Fixing Networks For Dummies®, Second Edition.
Geekonomics: The Real Cost of Insecure Software
David Rice - 2007
It explains why low-quality software is continually distributed, why consumers willingly purchase unreliable software, why governments leave the industry alone, and what can be done to improve matters.
Ghost in the Wires: My Adventures as the World's Most Wanted Hacker
Kevin D. Mitnick - 2011
While other nerds were fumbling with password possibilities, this adept break-artist was penetrating the digital secrets of Sun Microsystems, Digital Equipment Corporation, Nokia, Motorola, Pacific Bell, and other mammoth enterprises. His Ghost in the Wires memoir paints an action portrait of a plucky loner motivated by a passion for trickery, not material game. (P.S. Mitnick's capers have already been the subject of two books and a movie. This first-person account is the most comprehensive to date.)