The expert advice and defense strategies from the world-renowned Hacking Exposed team shows IT security pros how to bolster their system’s security and defeat the tools and tactics of cyber-criminals. Case studies expose the hacker’s latest devious methods and illustrate field-tested remedies. Readers will learn how to block infrastructure hacks, minimize advanced persistent threats, neutralize malicious code, secure web and database applications, protect mobile devices, and fortify UNIX networks. The book contains all-new visual maps and a comprehensive countermeasures cookbook.

This edition features coverage of a few brand new areas of critical importance:

  • The growing attacks surrounding APTs, or Advanced Persistent Threats
  • Embedded hacking is exposed in a whole new section
  • An entire section is dedicated to database hacking
  • Mobile devices are covered in an entirely new chapter
  • A dedicated chapter on countermeasures takes an expansive role

“Our new reality is zero-day, APT, and state-sponsored attacks. Today, more than ever, security professionals need to get into the hacker’s mind, methods, and toolbox to successfully deter such relentless assaults. This edition brings readers abreast with the latest attack vectors and arms them for these continually evolving threats.” – Brett Wahlin, CSO, Sony Network Entertainment.

Stuart McClure, CISSP, CNE, CCSE, is widely recognized for his extensive and in-depth knowledge of security architectures, platforms, and products. He is one of the industry’s leading authorities in information security today. He is the CEO of Cylance Inc., a new stealth security startup company. A well-published and acclaimed security visionary, McClure authored many security books. He was founder, president, and CTO of Foundstone, ran the worldwide AVERT team at McAfee, and held leadership positions at Ernst & Young, InfoWorld, and a number of government agencies.

Joel Scambray, CISSP, is Managing Principal with Citigal as well as Co-Founder of Consciere LLC. He was previously chief strategy officer for Leviathan Security Group, an information security consultancy. He was a senior director at Microsoft Corporation, where he led Microsoft’s online services security efforts for three years before joining the Windows platform and services division to focus on security technology architecture. Before joining Microsoft, Joel co-founded security software and services startup Foundstone, Inc., and helped lead it to acquisition by McAfee. He has spoken widely on information security at forums including Black Hat, I-4, and The Asia Europe Meeting (ASEM).

George Kurtz, CISSP, is co-founder and CEO of CrowdStrike, a cutting-edge big data security technology company focused on helping enterprises and governments protect their most sensitive intellectual property and national security information. He is also an internationally recognized security expert, author, entrepreneur, and speaker with almost twenty years of experience in the security space. He has served as McAfee’s Worldwide Chief Technology Officer and was Chief Executive Officer and co-founder of Foundstone, Inc., which was acquired by McAfee in October 2004.

Chapter 6 is excerpted below.

Want to learn more?? The InfoSec Institute Ethical Hacking course goes in-depth into the techniques used by malicious, black hat hackers with attention getting lectures and hands-on lab exercises. While these hacking skills can be used for malicious purposes, this class teaches you how to use the same hacking techniques to perform a white-hat, ethical hack, on your organization. You leave with the ability to quantitatively assess and measure threats to information assets; and discover where your organization is most vulnerable to black hat hackers. Some features of this course include:

  • Dual Certification - CEH and CPT
  • 5 days of Intensive Hands-On Labs
  • Expert Instruction
  • CTF exercises in the evening
  • Most up-to-date proprietary courseware available