Accelerate security detection development with AI-enabled technical solutions using threat-informed defense Key Features Create automated CI/CD pipelines for testing and implementing threat detection use cases Apply implementation strategies to optimize the adoption of automated work streams Use a variety of enterprise-grade tools and APIs to bolster your detection program Purchase of the print or Kindle book includes a free PDF eBook Book DescriptionToday's global enterprise security programs grapple with constantly evolving threats. Even though the industry has released abundant security tools, most of which are equipped with APIs for integrations, they lack a rapid detection development work stream. This book arms you with the skills you need to automate the development, testing, and monitoring of detection-based use cases. You’ll start with the technical architecture, exploring where automation is conducive throughout the detection use case lifecycle. With the help of hands-on labs, you’ll learn how to utilize threat-informed defense artifacts and then progress to creating advanced AI-powered CI/CD pipelines to bolster your Detection as Code practices. Along the way, you'll develop custom code for EDRs, WAFs, SIEMs, CSPMs, RASPs, and NIDS. The book will also guide you in developing KPIs for program monitoring and cover collaboration mechanisms to operate the team with DevSecOps principles. Finally, you'll be able to customize a Detection as Code program that fits your organization's needs. By the end of the book, you'll have gained the expertise to automate nearly the entire use case development lifecycle for any enterprise.What you will learn Understand the architecture of Detection as Code implementations Develop custom test functions using Python and Terraform Leverage common tools like GitHub and Python 3.x to create detection-focused CI/CD pipelines Integrate cutting-edge technology and operational patterns to further refine program efficacy Apply monitoring techniques to continuously assess use case health Create, structure, and commit detections to a code repository Who this book is for This book is for security engineers and analysts responsible for the day-to-day tasks of developing and implementing new detections at scale. If you’re working with existing programs focused on threat detection, you’ll also find this book helpful. Prior knowledge of DevSecOps, hands-on experience with any programming or scripting languages, and familiarity with common security practices and tools are recommended for an optimal learning experience.

Learn how to use modern monitoring tools for building network observability solutions that enhance operations and promote an effective automation strategy, with step-by-step guidance and practical examples Key Features Craft a dynamic observability stack with real-world, practical applications Build intuitive dashboards and alerts by collecting and normalizing diverse network data Leverage observability data to strengthen automation strategies for network operations Purchase of the print or Kindle book includes a free PDF eBook Book DescriptionAs modern IT services and software architectures such as microservices rely increasingly on network performance, the relevance of networks has never been greater. Network observability has emerged as a critical evolution of traditional monitoring, providing the deep visibility needed to manage today’s complex, dynamic environments. In Modern Network Observability, authors David Flores, Christian Adell, and Josh VanDeraa share their extensive experience to guide you through building and deploying a flexible observability stack using open-source tools. This book begins by addressing the limitations of monolithic monitoring solutions, showing you how to transform them into a composable, flexible observability stack. Through practical implementations, you’ll learn how to collect, normalize, and analyze network data from diverse sources, build intuitive dashboards, and set up actionable alerts that help you stay ahead of potential issues. Later, you’ll cover advanced topics, such as integrating observability data into your network automation strategy, ensuring your network operations align with business objectives. By the end of this book, you'll be able to proactively manage your network, minimize downtime, and ensure resilient, efficient, and future-proof operations.What you will learn Collect and normalize data from various sources using Telegraf and Logstash Enrich operational data with crucial context from a Source of Truth such as Nautobot Visualize data and create insightful dashboards with Grafana Automate alerts and responses for your network operations strategy using Prefect Understand when to build or buy an observability stack, with tips and best practices Explore practical machine learning techniques to enhance observability data value Who this book is for This book is for all network engineering roles such as network analysts, administrators, architects, security personnel, support staff, and managers working in both on-premises and cloud environments who are tasked with implementing or using network monitoring solutions. Basic programming knowledge in Python and Go, familiarity with networking concepts, and a fundamental understanding of Docker containers for lab scenarios will be required.

Go on a journey through the threat detection engineering lifecycle while enriching your skill set and protecting your organization Key Features Gain a comprehensive understanding of threat validation Leverage open-source tools to test security detections Harness open-source content to supplement detection and testing Book DescriptionThreat validation is an indispensable component of every security detection program, ensuring a healthy detection pipeline. This comprehensive detection engineering guide will serve as an introduction for those who are new to detection validation, providing valuable guidelines to swiftly bring you up to speed. The book will show you how to apply the supplied frameworks to assess, test, and validate your detection program. It covers the entire life cycle of a detection, from creation to validation, with the help of real-world examples. Featuring hands-on tutorials and projects, this guide will enable you to confidently validate the detections in your security program. This book serves as your guide to building a career in detection engineering, highlighting the essential skills and knowledge vital for detection engineers in today's landscape. By the end of this book, you’ll have developed the skills necessary to test your security detection program and strengthen your organization’s security measures.What you will learn Understand the detection engineering process Build a detection engineering test lab Learn how to maintain detections as code Understand how threat intelligence can be used to drive detection development Prove the effectiveness of detection capabilities to business leadership Learn how to limit attackers' ability to inflict damage by detecting any malicious activity early Who this book is for This book is for security analysts and engineers seeking to improve their organization’s security posture by mastering the detection engineering lifecycle. To get started with this book, you’ll need a basic understanding of cybersecurity concepts, along with some experience with detection and alert capabilities.

Software engineering requires specialized knowledge of a broad spectrum of topics, including the construction of software and the platforms, applications, and environments in which the software operates as well as an understanding of the people who build and use the software. Offering an authoritative perspective, the two volumes of the Encyclopedia of Software Engineering cover the entire multidisciplinary scope of this important field. More than 200 expert contributors and reviewers from industry and academia across 21 countries provide easy-to-read entries that cover software requirements, design, construction, testing, maintenance, configuration management, quality control, and software engineering management tools and methods. Editor Phillip A. Laplante uses the most universally recognized definition of the areas of relevance to software engineering, the Software Engineering Body of Knowledge (SWEBOK®), as a template for organizing the material. Also available in an electronic format, this encyclopedia supplies software engineering students, IT professionals, researchers, managers, and scholars with unrivaled coverage of the topics that encompass this ever-changing field. Also Available Online This Taylor & Francis encyclopedia is also available through online subscription, offering a variety of extra benefits for researchers, students, and librarians, including: Citation tracking and alerts Active reference linking Saved searches and marked lists HTML and PDF format options Contact Taylor and Francis for more information or to inquire about subscription options and print/online combination packages. US: (Tel) 1.888.318.2367; (E-mail) e-reference@taylorandfrancis.com International: (Tel) +44 (0) 20 7017 6062; (E-mail) online.sales@tandf.co.uk

Today, software engineers need to know not only how to program effectively but also how to develop proper engineering practices to make their codebase sustainable and healthy. This book emphasizes this difference between programming and software engineering. How can software engineers manage a living codebase that evolves and responds to changing requirements and demands over the length of its life? Based on their experience at Google, software engineers Titus Winters and Hyrum Wright, along with technical writer Tom Manshreck, present a candid and insightful look at how some of the world’s leading practitioners construct and maintain software. This book covers Google’s unique engineering culture, processes, and tools and how these aspects contribute to the effectiveness of an engineering organization. You’ll explore three fundamental principles that software organizations should keep in mind when designing, architecting, writing, and maintaining code: How time affects the sustainability of software and how to make your code resilient over time How scale affects the viability of software practices within an engineering organization What trade-offs a typical engineer needs to make when evaluating design and development decisions

Your one stop guide to automating infrastructure security using DevOps and DevSecOps Key FeaturesSecure and automate techniques to protect web, mobile or cloud servicesAutomate secure code inspection in C++, Java, Python, and JavaScriptIntegrate security testing with automation frameworks like fuzz, BDD, Selenium and Robot FrameworkBook Description Security automation is the automatic handling of software security assessments tasks. This book helps you to build your security automation framework to scan for vulnerabilities without human intervention. This book will teach you to adopt security automation techniques to continuously improve your entire software development and security testing. You will learn to use open source tools and techniques to integrate security testing tools directly into your CI/CD framework. With this book, you will see how to implement security inspection at every layer, such as secure code inspection, fuzz testing, Rest API, privacy, infrastructure security, and web UI testing. With the help of practical examples, this book will teach you to implement the combination of automation and Security in DevOps. You will learn about the integration of security testing results for an overall security status for projects. By the end of this book, you will be confident implementing automation security in all layers of your software development stages and will be able to build your own in-house security automation platform throughout your mobile and cloud releases. What you will learnAutomate secure code inspection with open source tools and effective secure code scanning suggestionsApply security testing tools and automation frameworks to identify security vulnerabilities in web, mobile and cloud servicesIntegrate security testing tools such as OWASP ZAP, NMAP, SSLyze, SQLMap, and OpenSCAPImplement automation testing techniques with Selenium, JMeter, Robot Framework, Gauntlt, BDD, DDT, and Python unittestExecute security testing of a Rest API Implement web application security with open source tools and script templates for CI/CD integrationIntegrate various types of security testing tool results from a single project into one dashboardWho this book is for The book is for software developers, architects, testers and QA engineers who are looking to leverage automated security testing techniques.

Welcome to the forefront of knowledge with Cybellium, your trusted partner in mastering the cutting-edge fields of IT, Artificial Intelligence, Cyber Security, Business, Economics and Science. Designed for professionals, students, and enthusiasts alike, our comprehensive books empower you to stay ahead in a rapidly evolving digital world. * Expert Insights: Our books provide deep, actionable insights that bridge the gap between theory and practical application. * Up-to-Date Content: Stay current with the latest advancements, trends, and best practices in IT, Al, Cybersecurity, Business, Economics and Science. Each guide is regularly updated to reflect the newest developments and challenges. * Comprehensive Coverage: Whether you're a beginner or an advanced learner, Cybellium books cover a wide range of topics, from foundational principles to specialized knowledge, tailored to your level of expertise. Become part of a global network of learners and professionals who trust Cybellium to guide their educational journey. www.cybellium.com

Master the art of designing, developing, and operating secure infrastructures on Google Cloud Key Features Prepare for the certification exam with clear explanations, real-world examples, and self-assessment questions Review Google Cloud security best practices for building a secure and compliant cloud environment Explore advanced concepts like Security Command Center, BeyondCorp Zero Trust, and container security Book DescriptionGoogle Cloud security offers powerful controls to assist organizations in establishing secure and compliant cloud environments. With this book, you’ll gain in-depth knowledge of the Professional Cloud Security Engineer certification exam objectives, including Google Cloud security best practices, identity and access management (IAM), network security, data security, and security operations. The chapters go beyond the exam essentials, helping you explore advanced topics such as Google Cloud Security Command Center, the BeyondCorp Zero Trust architecture, and container security. With step-by-step explanations, practical examples, and practice exams to help you improve your skills for the exam, you'll be able to efficiently review and apply key concepts of the shared security responsibility model. Finally, you’ll get to grips with securing access, organizing cloud resources, network and data security, and logging and monitoring. By the end of this book, you'll be proficient in designing, developing, and operating security controls on Google Cloud and gain insights into emerging concepts for future exams.What you will learn Understand how Google secures infrastructure with shared responsibility Use resource hierarchy for access segregation and implementing policies Utilize Google Cloud Identity for authentication and authorizations Build secure networks with advanced network features Encrypt/decrypt data using Cloud KMS and secure sensitive data Gain visibility and extend security with Google's logging and monitoring capabilities Who this book is forThis book is for IT professionals, cybersecurity specialists, system administrators, and tech enthusiasts aspiring to strengthen their understanding of Google Cloud security and elevate their career trajectory. Earning this certification not only validates your expertise but also makes you part of an elite group of GCP security engineers, opening doors to opportunities that can significantly advance your career. Prior knowledge of the foundational concepts of Google Cloud or GCP Associate Engineer Certification is strongly recommended.

Designed for professionals, students, and enthusiasts alike, our comprehensive books empower you to stay ahead in a rapidly evolving digital world. * Expert Insights: Our books provide deep, actionable insights that bridge the gap between theory and practical application. * Up-to-Date Content: Stay current with the latest advancements, trends, and best practices in IT, Al, Cybersecurity, Business, Economics and Science. Each guide is regularly updated to reflect the newest developments and challenges. * Comprehensive Coverage: Whether you're a beginner or an advanced learner, Cybellium books cover a wide range of topics, from foundational principles to specialized knowledge, tailored to your level of expertise. Become part of a global network of learners and professionals who trust Cybellium to guide their educational journey. www.cybellium.com