Identity Theft. Corporate Espionage. National secrets compromised. Can anyone promise security in our digital world?The man who introduced cryptography to the boardroom says no. But in this fascinating read, he shows us how to come closer by developing security measures in terms of context, tools, and strategy. Security is a process, not a product – one that system administrators and corporate executives alike must understand to survive.This edition updated with new information about post-9/11 security.

    This book reducesthe investigative workload of computer security incident response teams(CSIRT) by posturing organizations for incident response success.Firewalls can fail. Intrusion-detection systems can be bypassed. Networkmonitors can be overloaded. These are the alarming but true facts aboutnetwork security. In fact, too often, security administrators' tools can serve asgateways into the very networks they are defending.Now, a novel approach to network monitoring seeks to overcome theselimitations by providing dynamic information about the vulnerability of allparts of a network. Called network security monitoring (NSM), it draws on acombination of auditing, vulnerability assessment, intrusion detection andprevention, and incident response for the most comprehensive approach tonetwork security yet. By focusing on case studies and the application of opensourcetools, the author helps readers gain hands-on knowledge of how tobetter defend networks and how to mitigate damage from security incidents.

    :-)

    So, why does conventional wisdom insist that software engineers focus primarily on the design and development of large-scale computing systems?In this collection of essays and articles, key members of Google's Site Reliability Team explain how and why their commitment to the entire lifecycle has enabled the company to successfully build, deploy, monitor, and maintain some of the largest software systems in the world. You'll learn the principles and practices that enable Google engineers to make systems more scalable, reliable, and efficient--lessons directly applicable to your organization.This book is divided into four sections: Introduction--Learn what site reliability engineering is and why it differs from conventional IT industry practicesPrinciples--Examine the patterns, behaviors, and areas of concern that influence the work of a site reliability engineer (SRE)Practices--Understand the theory and practice of an SRE's day-to-day work: building and operating large distributed computing systemsManagement--Explore Google's best practices for training, communication, and meetings that your organization can use

    Moms in particular will welcome this trend.  A full 60% wish they had a flexible work option. But companies see advantages too in the way remote work increases their talent pool, reduces turnover, lessens their real estate footprint, and improves the ability to conduct business across multiple time zones, to name just a few advantages.  In Remote, inconoclastic authors Fried and Hansson will convince readers that letting all or part of work teams function remotely is a great idea--and they're going to show precisely how a remote work setup can be accomplished.

    It is designed to ensure a flexible, coordinated and integrated system for the effective governance and management of IT-enabled services."ITIL Foundation" is the first ITIL 4 publication and the latest evolution of the most widely-adopted guidance for ITSM. Its audience ranges from IT and business students taking their first steps in service management to seasoned professionals familiar with earlier versions of ITIL and other sources of industry best practice.The guidance provided in this publication can be adopted and adapted for all types of organizations and services. To show how the concepts of ITIL can be practically applied to an organization's activities, ITIL Foundation follows the exploits of a fictional company on its ITIL journey.

    He describes a broad range of agile product management practices, including making agile product discovery work, taking advantage of emergent requirements, creating the minimal marketable product, leveraging early customer feedback, and working closely with the development team. Benefitting from Pichler's extensive experience, you'll learn how Scrum product ownership differs from traditional product management and how to avoid and overcome the common challenges that Scrum product owners face. Coverage includesUnderstanding the product owner's role: what product owners do, how they do it, and the surprising implicationsEnvisioning the product: creating a compelling product vision to galvanize and guide the team and stakeholdersGrooming the product backlog: managing the product backlog effectively even for the most complex productsPlanning the release: bringing clarity to scheduling, budgeting, and functionality decisionsCollaborating in sprint meetings: understanding the product owner's role in sprint meetings, including the dos and don'tsTransitioning into product ownership: succeeding as a product owner and establishing the role in the enterprise This book is an indispensable resource for anyone who works as a product owner, or expects to do so, as well as executives and coaches interested in establishing agile product management.

    And through CODE, we see how this ingenuity and our very human compulsion to communicate have driven the technological innovations of the past two centuries. Using everyday objects and familiar language systems such as Braille and Morse code, author Charles Petzold weaves an illuminating narrative for anyone who’s ever wondered about the secret inner life of computers and other smart machines. It’s a cleverly illustrated and eminently comprehensible story—and along the way, you’ll discover you’ve gained a real context for understanding today’s world of PCs, digital media, and the Internet. No matter what your level of technical savvy, CODE will charm you—and perhaps even awaken the technophile within.

    Aiming to tell the dark secrets of computer arithmetic, this title is suitable for library developers, compiler writers, and lovers of elegant hacks.

    Dobbs Jolt Award Finalist since Bruce Schneier's Secrets and Lies and Applied Cryptography!Adam Shostack is responsible for security development lifecycle threat modeling at Microsoft and is one of a handful of threat modeling experts in the world. Now, he is sharing his considerable expertise into this unique book. With pages of specific actionable advice, he details how to build better security into the design of systems, software, or services from the outset. You'll explore various threat modeling approaches, find out how to test your designs against threats, and learn effective ways to address threats that have been validated at Microsoft and other top companies.Systems security managers, you'll find tools and a framework for structured thinking about what can go wrong. Software developers, you'll appreciate the jargon-free and accessible introduction to this essential skill. Security professionals, you'll learn to discern changing threats and discover the easiest ways to adopt a structured approach to threat modeling.Provides a unique how-to for security and software developers who need to design secure products and systems and test their designs Explains how to threat model and explores various threat modeling approaches, such as asset-centric, attacker-centric and software-centric Provides effective approaches and techniques that have been proven at Microsoft and elsewhere Offers actionable how-to advice not tied to any specific software, operating system, or programming language Authored by a Microsoft professional who is one of the most prominent threat modeling experts in the world As more software is delivered on the Internet or operates on Internet-connected devices, the design of secure software is absolutely critical. Make sure you're ready with Threat Modeling: Designing for Security.

    This third edition has been updated toreflect current best practices andthe abundance of changes introduced by the latest version of thelanguage, Python 2.5.Whether you're a novice or an advancedpractitioner, you'll find thisrefreshed book more than lives up to its reputation. "ProgrammingPython," 3rd Edition, teaches you the rightway to code. It explains Python language syntax and programmingtechniques in a clear and concisemanner, with numerous examples that illustrate both correct usage andcommon idioms. By reading thiscomprehensive guide, you'll learn how to apply Python in real-worldproblem domains such as: GUI programmingInternet scriptingParallel processingDatabase managementNetworked applications"Programming Python," Third Edition coverseach of thesetarget domainsgradually, beginning with in-depth discussions of core concepts andthen progressing toward completeprograms. Large examples do appear, but only after you've learnedenough to understand their techniques andcode.Along the way, you'll also learn how to use the Python language inrealistically scaled programs--concepts such as Object-Oriented Programming (OOP) and code reuseare recurring side themes throughout thistext. If you're interested in Python programming, then this O'Reillyclassic needs to be within arm's reach. Thewealth of practical advice, snippets of code, and patterns of programdesign can all be put into use on adaily basis--making your life easier and more productive.Reviews of the second edition:.".".about as comprehensive as any book can be.""--Dr. Dobb's Journal""If the language had manuals, they would undoubtedlybe the texts from O'Reilly...'Learning Python' and 'Programming Python'are definitive treatments.""--SD Times

    By using objects early to solve interesting problems and defining objects later in the course, Building Java Programs develops programming knowledge for a broad audience. Introduction to Java Programming, Primitive Data and Definite Loops, Introduction to Parameters and Objects, Conditional Execution, Program Logic and Indefinite Loops, File Processing, Arrays, Defining Classes, Inheritance and Interfaces, ArrayLists, Java Collections Framework, Recursion, Searching and Sorting, Graphical User Interfaces. For all readers interested in introductory programming.

    Recognized and respected throughout the world as the most influential leaders in the data warehousing industry, Ralph Kimball and the Kimball Group have written articles covering more than 250 topics that define the field of data warehousing. For the first time, the Kimball Group's incomparable advice, design tips, and best practices have been gathered in this remarkable collection of articles, which spans a decade of data warehousing innovation.Each group of articles is introduced with original commentaries that explain their role in the overall lifecycle methodology developed by the Kimball Group. These practical, hands-on articles are fully updated to reflect current practices and terminology and cover the complete lifecycle--including project planning, requirements gathering, dimensional modeling, ETL, and business intelligence and analytics.This easily referenced collection is nothing less than vital if you are involved with data warehousing or business intelligence in any capacity.

    It presents a learning journey, not definitive guidance. It describes the experiences of a development team with no prior CQRS proficiency in building, deploying (to Windows Azure), and maintaining a sample real-world, complex, enterprise system to showcase various CQRS and ES concepts, challenges, and techniques.The development team did not work in isolation; we actively sought input from industry experts and from a wide group of advisors to ensure that the guidance is both detailed and practical.The CQRS pattern and event sourcing are not mere simplistic solutions to the problems associated with large-scale, distributed systems. By providing you with both a working application and written guidance, we expect you’ll be well prepared to embark on your own CQRS journey.

    The Web is awash in Ruby code that is now virtually impossible to change or extend. This text helps you solve that problem by using powerful real-world object-oriented design techniques, which it thoroughly explains using simple and practical Ruby examples. Sandi Metz has distilled a lifetime of conversations and presentations about object-oriented design into a set of Ruby-focused practices for crafting manageable, extensible, and pleasing code. She shows you how to build new applications that can survive success and repair existing applications that have become impossible to change. Each technique is illustrated with extended examples, all downloadable from the companion Web site, poodr.info. The first title to focus squarely on object-oriented Ruby application design, Practical Object-Oriented Design in Ruby will guide you to superior outcomes, whatever your previous Ruby experience. Novice Ruby programmers will find specific rules to live by; intermediate Ruby programmers will find valuable principles they can flexibly interpret and apply; and advanced Ruby programmers will find a common language they can use to lead development and guide their colleagues. This guide will help you Understand how object-oriented programming can help you craft Ruby code that is easier to maintain and upgrade Decide what belongs in a single Ruby class Avoid entangling objects that should be kept separate Define flexible interfaces among objects Reduce programming overhead costs with duck typing Successfully apply inheritance Build objects via composition Design cost-effective tests Solve common problems associated with poorly designed Ruby code