Using sample charts, graphics, case studies, and war stories, Yankee Group Security Expert Andrew Jaquith demonstrates exactly how to establish effective metrics based on your organization's unique requirements. You'll discover how to quantify hard-to-measure security activities, compile and analyze all relevant data, identify strengths and weaknesses, set cost-effective priorities for improvement, and craft compelling messages for senior management. Security Metrics successfully bridges management's quantitative viewpoint with the nuts-and-bolts approach typically taken by security professionals. It brings together expert solutions drawn from Jaquith's extensive consulting work in the software, aerospace, and financial services industries, including new metrics presented nowhere else. You'll learn how to: - Replace nonstop crisis response with a systematic approach to security improvement - Understand the differences between "good" and "bad" metrics - Measure coverage and control, vulnerability management, password quality, patch latency, benchmark scoring, and business-adjusted risk - Quantify the effectiveness of security acquisition, implementation, and other program activities - Organize, aggregate, and analyze your data to bring out key insights - Use visualization to understand and communicate security issues more clearly - Capture valuable data from firewalls and antivirus logs, third-party auditor reports, and other resources - Implement balanced scorecards that present compact, holistic views of organizational security effectiveness Whether you're an engineer or consultant responsible for security and reporting to management-or an executive who needs better information for decision-making-Security Metrics is the resource you have been searching for. Andrew Jaquith, program manager for Yankee Group's Security Solutions and Services Decision Service, advises enterprise clients on prioritizing and managing security resources. He also helps security vendors develop product, service, and go-to-market strategies for reaching enterprise customers. He co-founded @stake, Inc., a security consulting pioneer acquired by Symantec Corporation in 2004. His application security and metrics research has been featured in CIO, CSO, InformationWeek, IEEE Security and Privacy, and The Economist. Foreword Preface Acknowledgments About the Author Chapter 1 Introduction: Escaping the Hamster Wheel of Pain Chapter 2 Defining Security Metrics Chapter 3 Diagnosing Problems and Measuring Technical Security Chapter 4 Measuring Program Effectiveness Chapter 5 Analysis Techniques Chapter 6 Visualization Chapter 7 Automating Metrics Calculations Chapter 8 Designing Security Scorecards Index

    

    It's not just a technical book or just a businessguide. Data is ubiquitous and it doesn't pay much attention toborders, so we've calibrated our coverage to follow it wherever itgoes.In the first edition of Big Data Now, the O'Reilly team tracked thebirth and early development of data tools and data science. Now, withthis second edition, we're seeing what happens when big data grows up:how it's being applied, where it's playing a role, and theconsequences -- good and bad alike -- of data's ascendance.We've organized the second edition of Big Data Now into five areas:Getting Up to Speed With Big Data -- Essential information on thestructures and definitions of big data.Big Data Tools, Techniques, and Strategies -- Expert guidance forturning big data theories into big data products.The Application of Big Data -- Examples of big data in action,including a look at the downside of data.What to Watch for in Big Data -- Thoughts on how big data will evolveand the role it will play across industries and domains.Big Data and Health Care -- A special section exploring thepossibilities that arise when data and health care come together.

    Due to their monopoly position in web browsers, and the fact web browsers have spread from PCs to phones, tablets and TVs; their status will continue to grow and grow. Despite their success, many software engineers are apprehensive about JavaScript and HTML. This apprehensiveness is not completely unfounded; both JavaScript and HTML were rushed in their early years, and driven by commercial rather than engineering interests. As a result, many dubious features crept into these languages. Due to backwards compatibility concerns, most of these features still remain. In addition, many software engineers have used these languages without ever learning them. JavaScript and HTML have low barriers to entry, and this, along with their similarity to other languages, led many software engineers to conclude that there really was nothing much to learn. If you have not used JavaScript and HTML for a number of years, or if you are a programmer or software engineer using other languages, you may be surprised at what they now offer. Browser based web applications are now capable of matching or exceeding the sophistication and scale of traditional desktop applications. In order to create complex web applications however, it is essential to learn these languages. This book takes the point of view that once you have a strong grasp of the fundamentals, the details will take care of themselves. It will not present you with long lists of APIs, or intricate details of every attribute, these can be found in reference manuals. It will focus on the details of each language that are fundamental to understanding how they work. This book will guide you through the process of developing a web application using HTML5, Javascript, jQuery and CSS. It contains the following content: 1. An introduction to the HTML5 markup language, and how it differs from HTML4 and XHTML. 2. An introduction to JavaScript, including an in-depth look at its use of objects and functions, along with the design patterns that support the development of robust web applications. 3. An introduction to jQuery selection, traversal, manipulation and events. 4. An in-depth look at the Web storage and IndexedDB APIs for client side data storage. 5. A guide to implementing offline web applications with the Application Cache API. 6. An introduction to the ways JavaScript can interact with the users file-system using the FileReader API. 7. The use of Web Workers in a web application to execute algorithms on background threads. 8. An introduction to AJAX, and the jQuery API supporting AJAX. 9. An introduction to Server Sent Events and Web Sockets. All subjects are introduced in the context of a sample web application. This book is intended for anyone with at least a superficial knowledge of HTML and programming.

    In this new edition, the authors explain how SQL Server 2008 R2 provides a collection of powerful new tools that extend the power of its BI toolset to Excel and SharePoint users and they show how to use SQL Server to build a successful data warehouse that supports the business intelligence requirements that are common to most organizations. Covering the complete suite of data warehousing and BI tools that are part of SQL Server 2008 R2, as well as Microsoft Office, the authors walk you through a full project lifecycle, including design, development, deployment and maintenance.Features more than 50 percent new and revised material that covers the rich new feature set of the SQL Server 2008 R2 release, as well as the Office 2010 release Includes brand new content that focuses on PowerPivot for Excel and SharePoint, Master Data Services, and discusses updated capabilities of SQL Server Analysis, Integration, and Reporting Services Shares detailed case examples that clearly illustrate how to best apply the techniques described in the book The accompanying Web site contains all code samples as well as the sample database used throughout the case studies The Microsoft Data Warehouse Toolkit, Second Edition provides you with the knowledge of how and when to use BI tools such as Analysis Services and Integration Services to accomplish your most essential data warehousing tasks.

    The programs contained in the book are not artificial, but are actual programs ae tools which have proved valuable in the production of other programs.Modern programming techniques such as structured programming and top-down design are emphasized and applied to every program. The programs are presented in a structured language called Ratfor ("Rational Fortran") which can be easily understood by anyone familiar with Fortran or PL/I, Algol, PASCAL, or similar languages. (Ratfor translates readily into Fortran or PL/I. One of the tools presented is a preprocessor to translate Ratfor into Fortran). All of the programs are complete and have been tested directly from the text. The programs are available in machine-readable form from Addison-Wesley.Software Tools is ideal for use in a "software engineering" course, for a second course in programming, or as a supplement in any programming course. All programmers, professional and student, will find the book invaluable as a source of proven, useful programs for reading and study. Numerous exercises are provided to test comprehension and to extend the concepts presented in the text.

    It provides all of JavaScript's functionality wrapped in a cleaner, more succinct syntax. In the first book on this exciting new language, CoffeeScript guru Trevor Burnham shows you how to hold onto all the power and flexibility of JavaScript while writing clearer, cleaner, and safer code.CoffeeScript: Accelerated JavaScript Development offers a thorough introduction to this new language, starting from the basics. You'll learn to use time-saving features like list comprehensions and splats, organize your code into modules with extensible classes, and deploy your work to multiple environments. Each chapter is example-driven and includes challenging exercises to push your CoffeeScript know-how further. Through the course of the book, you'll build a fast-paced multiplayer word game-writing both the client (with jQuery) and server (with Node.js) in CoffeeScript. And because the two languages are so deeply intertwined, you'll deepen your understanding of JavaScript along the way. CoffeeScript makes it easier than ever to write powerful, standards-compliant JavaScript code. CoffeeScript: Accelerated JavaScript Development lets you start doing it today.

    With laws getting stricter by the day and making it more and more difficult to properly protect your personal information, you need the most up-to-date information and tools available and that's what you will find in Incognito Toolkit! Don't let snoopers, investigators, and scammers look over your shoulder or track you while you work and play on the internet! Learn about the tools that will help you use the internet anonymously, privately, and securely to protect assets, avoid social stigmas, and make you safer. This book is full of information that large corporations, scammers, and nosy governments don't want you to find! You won't find a collection of techniques and creative methods like this anywhere else! Covered in Incognito Toolkit: - Making truly anonymous online purchases - Shortcomings of Bitcoin - Encrypting communications - Encryption for online file storage solutions - Locking down and monitoring your hardware - Browser Fingerprinting - Using TOR and VPNs - Creative Text and File Steganography Techniques - Critical Techniques for Publishing Anonymously - Cleaning photo and video metadata - Dealing with tracking cookies Updated December 4th, 2013 with new information about credit card skimmers, TOR hardware devices, and more! Scroll up and click the "Look Inside" feature on the top left hand side of the page!

    The book's conceptual presentation focuses on ADTs and the analysis of algorithms for efficiency, with a particular concentration on performance and running time. The second edition contains a new chapter that examines advanced data structures such as red black trees, top down splay trees, treaps, k-d trees, and pairing heaps among others. All code examples now conform to ANSI C and coverage of the formal proofs underpinning several key data structures has been strengthened.

    Using the concise, scenario-driven style pioneered in Scott Meyers' best-selling Effective C++, Matt Galloway brings together 52 Objective-C best practices, tips, shortcuts, and realistic code examples that are available nowhere else. Through real-world examples, Galloway uncovers little-known Objective-C quirks, pitfalls, and intricacies that powerfully impact code behavior and performance. You'll learn how to choose the most efficient and effective way to accomplish key tasks when multiple options exist, and how to write code that's easier to understand, maintain, and improve. Galloway goes far beyond the core language, helping you integrate and leverage key Foundation framework classes and modern system libraries, such as Grand Central Dispatch. Coverage includes Optimizing interactions and relationships between Objective-C objects Mastering interface and API design: writing classes that feel "right at home" Using protocols and categories to write maintainable, bug-resistant code Avoiding memory leaks that can still occur even with Automatic Reference Counting (ARC) Writing modular, powerful code with Blocks and Grand Central Dispatch Leveraging differences between Objective-C protocols and multiple inheritance in other languages Improving code by more effectively using arrays, dictionaries, and sets Uncovering surprising power in the Cocoa and Cocoa Touch frameworks

    Product Condition: No Defects.

    Why wade through a 600-page book when you can begin working productively in a matter of minutes? It's an ideal primer for Mac and PC users of the Internet who need to know a little bit about UNIX on the systems they visit.This book is the most effective introduction to UNIX in print. The fourth edition covers the highlights of the Linux operating system. It's a handy book for someone just starting with UNIX or Linux, as well as someone who encounters a UNIX system on the Internet. And it now includes a quick-reference card.Topics covered include: Linux operating system highlightsLogging in and logging outWindow systems (especially X/Motif)Managing UNIX files and directoriesSending and receiving mailRedirecting input/outputPipes and filtersBackground processingBasic network commandsv

    With this concise book, you will learn how to use the latest version of this W3C standard to retrieve and manipulate the increasing amount of public and private data available via SPARQL endpoints. Several open source and commercial tools already support SPARQL, and this introduction gets you started right away.Begin with how to write and run simple SPARQL 1.1 queries, then dive into the language's powerful features and capabilities for manipulating the data you retrieve. Learn what you need to know to add to, update, and delete data in RDF datasets, and give web applications access to this data.Understand SPARQL’s connection with RDF, the semantic web, and related specificationsQuery and combine data from local and remote sourcesCopy, convert, and create new RDF dataLearn how datatype metadata, standardized functions, and extension functions contribute to your queriesIncorporate SPARQL queries into web-based applications

    This update to the bestselling first edition dives in to cover the exciting new features of the latest release of the Android mobile platform.Providing in-depth coverage of how to build mobile applications using the next major release of the Android SDK, this invaluable resource takes a hands-on approach to discussing Android with a series of projects, each of which introduces a new feature and highlights techniques and best practices to get the most out of Android.The Android SDK is a powerful, flexible, open source platform for mobile devices Shares helpful techniques and best practices to maximize the capabilities of Android Explains the possibilities of Android through the use of a series of detailed projects Demonstrates how to create real-world mobile applications for Android phones Includes coverage of the latest version of Android Providing concise and compelling examples, Professional Android Application Development is an updated guide aimed at helping you create mobile applications for mobile devices running the latest version of Android.

    You’ll quickly discover the many advantages of the language, including access to all the great tools and libraries of the .NET platform.Reap the benefits of functional programming for your next project, whether you’re writing concurrent code, or building data- or math-intensive applications. With this comprehensive book, former F# team member Chris Smith gives you a head start on the fundamentals and walks you through advanced concepts of the F# language.Learn F#’s unique characteristics for building applicationsGain a solid understanding of F#’s core syntax, including object-oriented and imperative stylesMake your object-oriented code better by applying functional programming patternsUse advanced functional techniques, such as tail-recursion and computation expressionsTake advantage of multi-core processors with asynchronous workflows and parallel programmingUse new type providers for interacting with web services and information-rich environmentsLearn how well F# works as a scripting language