Using sample charts, graphics, case studies, and war stories, Yankee Group Security Expert Andrew Jaquith demonstrates exactly how to establish effective metrics based on your organization's unique requirements. You'll discover how to quantify hard-to-measure security activities, compile and analyze all relevant data, identify strengths and weaknesses, set cost-effective priorities for improvement, and craft compelling messages for senior management. Security Metrics successfully bridges management's quantitative viewpoint with the nuts-and-bolts approach typically taken by security professionals. It brings together expert solutions drawn from Jaquith's extensive consulting work in the software, aerospace, and financial services industries, including new metrics presented nowhere else. You'll learn how to: - Replace nonstop crisis response with a systematic approach to security improvement - Understand the differences between "good" and "bad" metrics - Measure coverage and control, vulnerability management, password quality, patch latency, benchmark scoring, and business-adjusted risk - Quantify the effectiveness of security acquisition, implementation, and other program activities - Organize, aggregate, and analyze your data to bring out key insights - Use visualization to understand and communicate security issues more clearly - Capture valuable data from firewalls and antivirus logs, third-party auditor reports, and other resources - Implement balanced scorecards that present compact, holistic views of organizational security effectiveness Whether you're an engineer or consultant responsible for security and reporting to management-or an executive who needs better information for decision-making-Security Metrics is the resource you have been searching for. Andrew Jaquith, program manager for Yankee Group's Security Solutions and Services Decision Service, advises enterprise clients on prioritizing and managing security resources. He also helps security vendors develop product, service, and go-to-market strategies for reaching enterprise customers. He co-founded @stake, Inc., a security consulting pioneer acquired by Symantec Corporation in 2004. His application security and metrics research has been featured in CIO, CSO, InformationWeek, IEEE Security and Privacy, and The Economist. Foreword Preface Acknowledgments About the Author Chapter 1 Introduction: Escaping the Hamster Wheel of Pain Chapter 2 Defining Security Metrics Chapter 3 Diagnosing Problems and Measuring Technical Security Chapter 4 Measuring Program Effectiveness Chapter 5 Analysis Techniques Chapter 6 Visualization Chapter 7 Automating Metrics Calculations Chapter 8 Designing Security Scorecards Index

    And this book will teach you all you need to know to be immediately productive with MySQL. By working through 30 highly focused hands-on lessons, your MySQL Crash Course will be both easier and more effective than you'd have thought possible. Learn how to: Retrieve and sort data Filter data using comparisons, regular expressions, full text search, and much more Join relational data Create and alter tables Insert, update, and delete data Leverage the power of stored procedures and triggers Use views and Cursors Manage transactional processing Create user accounts and manage security via access control Ben Forta is Macromedia's Senior Technical Evangelist, and has almost 20 years of experience in the computer industry in product development, support, training, and product marketing. Ben is the author of the best-selling Sams Teach Yourself SQL in 10 Minutes (now in its third edition, and translated into over a dozen languages), ColdFusion Web Application Construction Kit, and Advanced ColdFusion Development (both published by Que Publishing), Sams Teach Yourself Regular Expressions in 10 Minutes, as well as books on SQL, Flash, JSP, HomeSite, WAP, Windows 2000, and other subjects.

    Discover the “hidden gold” in Python’s standard library and start writing clean and Pythonic code today. Who Should Read This Book: If you’re wondering which lesser known parts in Python you should know about, you’ll get a roadmap with this book. Discover cool (yet practical!) Python tricks and blow your coworkers’ minds in your next code review. If you’ve got experience with legacy versions of Python, the book will get you up to speed with modern patterns and features introduced in Python 3 and backported to Python 2. If you’ve worked with other programming languages and you want to get up to speed with Python, you’ll pick up the idioms and practical tips you need to become a confident and effective Pythonista. If you want to make Python your own and learn how to write clean and Pythonic code, you’ll discover best practices and little-known tricks to round out your knowledge. What Python Developers Say About The Book: "I kept thinking that I wished I had access to a book like this when I started learning Python many years ago." — Mariatta Wijaya, Python Core Developer"This book makes you write better Python code!" — Bob Belderbos, Software Developer at Oracle"Far from being just a shallow collection of snippets, this book will leave the attentive reader with a deeper understanding of the inner workings of Python as well as an appreciation for its beauty." — Ben Felder, Pythonista"It's like having a seasoned tutor explaining, well, tricks!" — Daniel Meyer, Sr. Desktop Administrator at Tesla Inc.

    Are You Ready To Learn Python Easily? Learning Python Programming in 7 days is possible, although it might not look like it

    This full-color guide will have you blazing through the web, staying entertained with the latest apps and games, watching your favorite TV shows and movies, and, of course, reading magazines, newspapers, and books to indulge all your interests. Whether this is your first tablet or you're upgrading from another device, you'll get to know your Kindle Fire HD and rekindle your love of reading with "Kindle Fire HD For Dummies"!Covers the Kindle Fire HD and original Kindle FireHelps you navigate the interface, customize your settings, get connected, and take advantage of Amazon CloudShows you how to work with the built-in apps and find new ones to to try out from the Amazon AppstoreExplains how to fill your Kindle Fire with cool stuff - from movies and music to videos, photos, apps, e-books, and moreWalks you through using Amazon's incredibly smooth Amazon Silk web browser to find anything you need online and keep in touch with e-mail, Skype, Facebook, and TwitterLight 'er up and unleash the fun with "Kindle Fire HD For Dummies"!

    As an AI researcher with 25 years of experience, professor Mike Wooldridge has learned to be obsessively cautious about such claims, while still promoting an intense optimism about the future of the field. There have been genuine scientific breakthroughs that have made AI systems possible in the past decade that the founders of the field would have hailed as miraculous. Driverless cars and automated translation tools are just two examples of AI technologies that have become a practical, everyday reality in the past few years, and which will have a huge impact on our world.While the dream of conscious machines remains, Professor Wooldridge believes, a distant prospect, the floodgates for AI have opened. Wooldridge's A Brief History of Artificial Intelligence is an exciting romp through the history of this groundbreaking field--a one-stop-shop for AI's past, present, and world-changing future.

    Martin helped bring Agile principles to tens of thousands of Java and C++ programmers. Now .NET programmers have a definitive guide to agile methods with this completely updated volume from Robert C. Martin and Micah Martin, Agile Principles, Patterns, and Practices in C#. This book presents a series of case studies illustrating the fundamentals of Agile development and Agile design, and moves quickly from UML models to real C# code. The introductory chapters lay out the basics of the agile movement, while the later chapters show proven techniques in action. The book includes many source code examples that are also available for download from the authors' Web site.Readers will come away from this book understandingAgile principles, and the fourteen practices of Extreme Programming Spiking, splitting, velocity, and planning iterations and releases Test-driven development, test-first design, and acceptance testing Refactoring with unit testing Pair programming Agile design and design smells The five types of UML diagrams and how to use them effectively Object-oriented package design and design patterns How to put all of it together for a real-world project Whether you are a C# programmer or a Visual Basic or Java programmer learning C#, a software development manager, or a business analyst, Agile Principles, Patterns, and Practices in C# is the first book you should read to understand agile software and how it applies to programming in the .NET Framework.

    The text is divided into four parts: circuits, electronics, digital systems, and electromagnetics. Although it delves in depth into each of these topics, the text represents more than your basic survey of the basics of electrical engineering. A solid understanding of the fundamental principles on which modern electrical engineering is based is also provided. This edition includes a chapter on circuit analysis software SPICE, with a detailed discussion of the PC version known as PSPICE (from MicroSim Corp.). Numerous drill exercises have been added to this new edition, reinforcing ideas presented in the examples. There are over 1,000 end-of-chapter problems. This text is suitable for a variety of electrical engineering courses. It can be used as a text for an introduction to electrical engineering for both majors and non-majors or both, or can be split and the various chapters utilized for an introduction to circuits course, a first electronics course, or for a course on digital electronics and logic design.

    Out of Control chronicles the dawn of a new era in which the machines and systems that drive our economy are so complex and autonomous as to be indistinguishable from living things.

    The book is a complete revision of the commands section of Sobell's Practical Guide to Linux - a proven best-seller. The book is Linux distribution and release agnostic. It will appeal to users of ALL Linux distributions. Superior examples make this book the the best option on the market! System administrators, software developers, quality assurance engineers and others working on a Linux system need to work from the command line in order to be effective. Linux is famous for its huge number of command line utility programs, and the programs themselves are famous for their large numbers of options, switches, and configuration files. But the truth is that users will only use a limited (but still significant) number of these utilities on a recurring basis, and then only with a subset of the most important and useful options, switches and configuration files. This book cuts through all the noise and shows them which utilities are most useful, and which options most important. And it contains examples, lot's and lot's of examples. programmability. Utilities are designed, by default, to work wtih other utilities within shell programs as a way of automating system tasks. This book contains a superb introduction to Linux shell programming. And since shell programmers need to write their programs in text editors, this book covers the two most popular ones: vi and emacs.

    What many users don't realize is that the deceptively simple components that make Google so easy to use are the same features that generously unlock security flaws for the malicious hacker. Vulnerabilities in website security can be discovered through Google hacking, techniques applied to the search engine by computer criminals, identity thieves, and even terrorists to uncover secure information. This book beats Google hackers to the punch, equipping web administrators with penetration testing applications to ensure their site is invulnerable to a hacker's search. Penetration Testing with Google Hacks explores the explosive growth of a technique known as "Google Hacking." When the modern security landscape includes such heady topics as "blind SQL injection" and "integer overflows," it's refreshing to see such a deceptively simple tool bent to achieve such amazing results; this is hacking in the purest sense of the word. Readers will learn how to torque Google to detect SQL injection points and login portals, execute port scans and CGI scans, fingerprint web servers, locate incredible information caches such as firewall and IDS logs, password databases, SQL dumps and much more - all without sending a single packet to the target Borrowing the techniques pioneered by malicious "Google hackers," this talk aims to show security practitioners how to properly protect clients from this often overlooked and dangerous form of informationleakage. *First book about Google targeting IT professionals and security leaks through web browsing. *Author Johnny Long, the authority on Google hacking, will be speaking about "Google Hacking" at the Black Hat 2004 Briefing. His presentation on penetrating security flaws with Google is expected to create a lot of buzz and exposure for the topic. *Johnny Long's Web site hosts the largest repository of Google security exposures and is the most popular destination for security professionals who want to learn about the dark side of Google.

    By “reverse engineering the fastest growing company in the history of the world,” author Jeff Jarvis, proprietor of Buzzmachine.com, one of the Web’s most widely respected media blogs, offers indispensible strategies for solving the toughest new problems facing businesses today. With a new afterword from the author, What Would Google Do? is the business book that every leader or potential leader in every industry must read.

    Not only will you learn about the enterprise class features in the 9.2 release, you’ll also discover that PostgeSQL is more than just a database system—it’s also an impressive application platform.With numerous examples throughout this book, you’ll learn how to achieve tasks that are difficult or impossible in other databases. If you’re an existing PostgreSQL user, you’ll pick up gems you may have missed along the way.Learn basic administration tasks, such as role management, database creation, backup, and restoreApply the psql command-line utility and the pgAdmin graphical administration toolExplore PostgreSQL tables, constraints, and indexesLearn powerful SQL constructs not generally found in other databasesUse several different languages to write database functionsTune your queries to run as fast as your hardware will allowQuery external and variegated data sources with Foreign Data WrappersLearn how to replicate data, using built-in replication features

    The algorithms you'll use most often as a programmer have already been discovered, tested, and proven. If you want to take a hard pass on Knuth's brilliant but impenetrable theories and the dense multi-page proofs you'll find in most textbooks, this is the book for you. This fully-illustrated and engaging guide makes it easy for you to learn how to use algorithms effectively in your own programs.Grokking Algorithms is a disarming take on a core computer science topic. In it, you'll learn how to apply common algorithms to the practical problems you face in day-to-day life as a programmer. You'll start with problems like sorting and searching. As you build up your skills in thinking algorithmically, you'll tackle more complex concerns such as data compression or artificial intelligence. Whether you're writing business software, video games, mobile apps, or system utilities, you'll learn algorithmic techniques for solving problems that you thought were out of your grasp. For example, you'll be able to:Write a spell checker using graph algorithmsUnderstand how data compression works using Huffman codingIdentify problems that take too long to solve with naive algorithms, and attack them with algorithms that give you an approximate answer insteadEach carefully-presented example includes helpful diagrams and fully-annotated code samples in Python. By the end of this book, you will know some of the most widely applicable algorithms as well as how and when to use them.