Anton Chuvakin

Smart machines and AI pose huge future risks that derive from malicious humans using or abusing them to achieve their goals. Here, we focus on identifying and reducing those risks. (Maverick research deliberately exposes unconventional thinking and may not agree with Gartner's official positions.)

Content-aware data loss prevention is increasingly accepted as a standard part of security architecture, even as the market rebalances between enterprise, channel and DLP-lite solutions. This research provides a foundational analysis of the value and composition of E-DLP.

Distributed denial of service attacks have risen in complexity, bandwidth and number of occurrences targeting enterprises. Organizations must architect their defenses with both cloud and on-premises defenses along with integrating DDoS responses into the current incident response process.

This Blueprint defines a DDoS defense architecture for enterprises with a mission-critical website or e-commerce site and that have multiple ISPs connected into their data centers and corporate centers, and that use public IaaS.

Identity theft and other confidential information theft have now topped the charts as the leading cybercrime. In particular, credit card data is preferred by cybercriminals. Is your payment processing secure and compliant? The new Fourth Edition of PCI Compliance has been revised to follow the new PCI DSS standard version 3.0, which is the official version beginning in January 2014. Also new to the Fourth Edition: additional case studies and clear guidelines and instructions for maintaining PCI… Show more

Identity theft and other confidential information theft have now topped the charts as the leading cybercrime. In particular, credit card data is preferred by cybercriminals. Is your payment processing secure and compliant? The new Fourth Edition of PCI Compliance has been revised to follow the new PCI DSS standard version 3.0, which is the official version beginning in January 2014. Also new to the Fourth Edition: additional case studies and clear guidelines and instructions for maintaining PCI compliance globally, including coverage of technologies such as NFC, P2PE, CNP/Mobile, and EMV. This is the first book to address the recent updates to PCI DSS. The real-world scenarios and hands-on guidance are also new approaches to this topic. All-new case studies and fraud studies have been added to the Fourth Edition.

Each chapter has how-to guidance to walk you through implementing concepts, and real-world scenarios to help you relate to the information and better grasp how it impacts your data. This book provides the information that you need in order to understand the current PCI Data Security standards and how to effectively implement security on network infrastructure in order to be compliant with the credit card industry guidelines, and help you protect sensitive and personally-identifiable information.

* Completely updated to follow the most current PCI DSS standard, version 3.0
* Packed with help to develop and implement an effective strategy to keep infrastructure compliant and secure
* Includes coverage of new and emerging technologies such as NFC, P2PE, CNP/Mobile, and EMV
* Both authors have broad information security backgrounds, including extensive PCI DSS experience Show less

Identity theft and other confidential information theft have now topped the charts as the leading cybercrime. In particular, credit card data is preferred by cybercriminals. Is your payment processing secure and compliant? The new Fourth Edition of PCI Compliance has been revised to follow the new PCI DSS standard version 3.0, which is the official version beginning in January 2014. Also new to the Fourth Edition: additional case studies and clear guidelines and instructions for maintaining PCI… Show more

Identity theft and other confidential information theft have now topped the charts as the leading cybercrime. In particular, credit card data is preferred by cybercriminals. Is your payment processing secure and compliant? The new Fourth Edition of PCI Compliance has been revised to follow the new PCI DSS standard version 3.0, which is the official version beginning in January 2014. Also new to the Fourth Edition: additional case studies and clear guidelines and instructions for maintaining PCI compliance globally, including coverage of technologies such as NFC, P2PE, CNP/Mobile, and EMV. This is the first book to address the recent updates to PCI DSS. The real-world scenarios and hands-on guidance are also new approaches to this topic. All-new case studies and fraud studies have been added to the Fourth Edition.

Each chapter has how-to guidance to walk you through implementing concepts, and real-world scenarios to help you relate to the information and better grasp how it impacts your data. This book provides the information that you need in order to understand the current PCI Data Security standards and how to effectively implement security on network infrastructure in order to be compliant with the credit card industry guidelines, and help you protect sensitive and personally-identifiable information.

* Completely updated to follow the most current PCI DSS standard, version 3.0
* Packed with help to develop and implement an effective strategy to keep infrastructure compliant and secure
* Includes coverage of new and emerging technologies such as NFC, P2PE, CNP/Mobile, and EMV
* Both authors have broad information security backgrounds, including extensive PCI DSS experience Show less

Effectively analyzing large volumes of diverse logs can pose many challenges. Logging and Log Management helps to simplify this complex process using practical guidance and real-world examples. Packed with information you need to know for system, network and security logging. Log management and log analysis methods are covered in detail, including approaches to creating useful logs on systems and applications, log searching and log review.

Comprehensive coverage of log management… Show more

Effectively analyzing large volumes of diverse logs can pose many challenges. Logging and Log Management helps to simplify this complex process using practical guidance and real-world examples. Packed with information you need to know for system, network and security logging. Log management and log analysis methods are covered in detail, including approaches to creating useful logs on systems and applications, log searching and log review.

Comprehensive coverage of log management including analysis, visualization, reporting and more
Includes information on different uses for logs -- from system operations to regulatory compliance
Features case Studies on syslog-ng and actual real-world situations where logs came in handy in incident response
Provides practical guidance in the areas of report, log analysis system selection, planning a log analysis system and log data normalization and correlation Show less

The credit card industry established the PCI Data Security Standards to provide a minimum standard for how vendors should protect data to ensure it is not stolen by fraudsters. PCI Compliance, 3e, provides the information readers need to understand the current PCI Data Security standards, which have recently been updated to version 2.0, and how to effectively implement security within your company to be compliant with the credit card industry guidelines and protect sensitive and personally… Show more

The credit card industry established the PCI Data Security Standards to provide a minimum standard for how vendors should protect data to ensure it is not stolen by fraudsters. PCI Compliance, 3e, provides the information readers need to understand the current PCI Data Security standards, which have recently been updated to version 2.0, and how to effectively implement security within your company to be compliant with the credit card industry guidelines and protect sensitive and personally identifiable information. Security breaches continue to occur on a regular basis, affecting millions of customers and costing companies millions of dollars in fines and reparations. That doesn't include the effects such security breaches have on the reputation of the companies that suffer attacks. PCI Compliance, 3e, helps readers avoid costly breaches and inefficient compliance initiatives to keep their infrastructure secure.

*Provides a clear explanation of PCI.

*Provides practical case studies, fraud studies, and analysis of PCI.

*The first book to address version 2.0 updates to the PCI DSS, security strategy to keep your infrastructure PCI compliant. Show less

The Cloud Security Rules explains the different aspects of cloud security to business leaders, CxO's, IT-managers and decision makers. The security principles are the same as before while the implementation and the risks involved are dramatically changed. The book is co-authored by some of the most recognized security specialists and bloggers in the world. The authors are gathered from USA, Europe and Africa, sharing their great knowledge of implementing and securing the cloud. This book is… Show more

The Cloud Security Rules explains the different aspects of cloud security to business leaders, CxO's, IT-managers and decision makers. The security principles are the same as before while the implementation and the risks involved are dramatically changed. The book is co-authored by some of the most recognized security specialists and bloggers in the world. The authors are gathered from USA, Europe and Africa, sharing their great knowledge of implementing and securing the cloud. This book is made to help it easier for you to choose the right cloud supplier as well as setting up and running your critical services in the cloud. Questions you will find answers about include: - Do I have to accept that standard SLA? - What should an SLA include? - What standards should I be paying attention to, if any? - How do I treat mobile workers, and how do they fit into the cloud? - Do I really need to care about logging? - Many more! Since the cloud computing is global, you risk using service providers in other countries than your own - even if you only operate in your own country. The Cloud Security Rules aims at helping you understand the risks involved, and help you determine the best strategy for your organization.
Show less

See http://www.pcicompliancebook.info for additional details

See http://www.chuvakin.org/sw