Information Security

Salesforce, the world's leading CRM platform, is trusted by thousands of businesses to manage their sales, marketing, and customer service operations. Recognizing the critical importance of security, Salesforce has built an extensive array of security features into its platform. These features span various aspects of security, including user authentication and authorization, data encryption and privacy, network security, and secure development practices. Salesforce also invests heavily in continuous security improvements, regularly releasing updates and enhancements to help organizations ...

"Conquer the CISSP Exam: Your Guide to Success as a Certified Information Systems Security Professional" is your comprehensive resource for mastering the Certified Information Systems Security Professional (CISSP) exam. This guide offers a deep dive into each of the eight CISSP domains, providing clear explanations and practical insights to ensure you understand and can apply key concepts. Covering topics such as Security and Risk Management, Asset Security, Security Engineering, Communications and Network Security, Identity and Access Management, Security Assessment and Testing, Security ...

Unlock the secrets to mastering the NIST 800 risk management process in record time with this powerful 2-in-1 bundle! Introducing Information Systems Security NIST 800 2-in-1, featuring both RMF ISSO Foundation Guide and RMF ISSO: NIST 800-53. This comprehensive series is your ultimate roadmap to success, designed to simplify the complexities of NIST 800-53 security controls and show you the actionable steps required throughout the RMF process.

Embark on a journey towards securing excellence in information security with "Securing Excellence: A Guide to ISO 27001:2022 Information Security Standards." This comprehensive guide serves as your roadmap to success, offering leaders a simplified approach to understanding and implementing ISO 27001 and Information Security Management System (ISMS) requirements. Comprehensive Coverage: Dive into the latest edition of ISO 27001:2022 and gain a comprehensive understanding of information security standards and requirements. From risk assessment to control implementation, this guide covers all ...

Edward Snowden, the man who risked everything to expose the US government’s system of mass surveillance, reveals for the first time the story of his life, including how he helped to build that system and what motivated him to try to bring it down.

One of the least understood countries in the world, North Korea has long been known for its repressive regime. Yet it is far from being an impenetrable black box. Media flows covertly into the country, and fault lines are appearing in the government's sealed informational borders. Drawing on deeply personal interviews with North Korean defectors from all walks of life, ranging from propaganda artists to diplomats, Jieun Baek tells the story of North Korea's information underground.

It’s easy to find descriptions of what threat intelligence is. But it’s harder to learn how to use it to truly make your organization safe from cybercriminals. How can threat intelligence strengthen all the teams in a cybersecurity organization? This audiobook answers this question. It reviews the kinds of threat intelligence that are useful to security teams and how each team can use that intelligence to solve problems and address challenges.

As information security professionals, risk evaluation and mitigation are the key parts of our job. Dealing with risk is the theme of our roles, be it as firewall engineers, auditors, penetration testers, management, etc. The key functions of the Security and Risk Management domain are risk analysis and mitigation as well as ensuring the best organizational structure for a robust information security system is in place. In this area of expertise, it’s the quality of the people that can make or break an organization. By “quality of the people”, we mean knowledgeable and experienced ...

Are you ready to revolutionize your organization’s approach to cybersecurity and learn GRC? In a world where threats evolve faster than ever, achieving robust Governance, Risk Management, and Compliance (GRC) is no longer optional—it’s essential. Yet, countless organizations struggle to bridge the gap between lofty compliance standards and practical implementation. Imagine having a proven roadmap that transforms the complexities of cybersecurity frameworks into a clear, actionable plan tailored to your organization’s unique needs while giving you a practical understanding of GRC. ...

We live in the age of disinformation - of organized deception. Spy agencies pour vast resources into hacking, leaking, and forging data, often with the goal of weakening the very foundation of liberal democracy: trust in facts. Thomas Rid, a renowned expert on technology and national security, was one of the first to sound the alarm, even before the 2016 election. But this is not new. The story of modern disinformation begins with the clash between communism and capitalism after the Russian Revolution.

In The DevSecOps Playbook: Deliver Continuous Security at Speed, the chief information and information security officer at Wiley, Sean D. Mack, delivers an insightful and practical discussion of how to keep your business secure. You'll learn how to leverage the classic triad of people, process, and technology to build strong cybersecurity infrastructure and practices. You'll also discover the shared responsibility model at the core of DevSecOps as you explore the principles and best practices that make up contemporary frameworks.

Are You Ready to Master the CompTIA Security+ and Elevate Your IT Security Career? In an era where digital threats loom large and cybersecurity skills are in high demand, simply understanding the basics isn’t enough. SysAdmins and IT professionals face a constant challenge: staying ahead of evolving cyber threats while effectively managing complex security protocols. Navigating the intricate landscape of IT security can be overwhelming. Are you equipped to protect sensitive data against sophisticated cyber-attacks? Can you confidently implement and manage robust security systems? Failing ...

The Pentester BluePrint: Starting a Career as an Ethical Hacker offers listeners a chance to delve deeply into the world of the ethical, or "white-hat" hacker. Accomplished pentester and author Phillip L. Wylie and cybersecurity researcher Kim Crawley walk you through the basic and advanced topics necessary to understand how to make a career out of finding vulnerabilities in systems, networks, and applications.

Hardening AWS" is a comprehensive guidebook that provides AWS customers with practical advice and best practices for securing their cloud infrastructure. The book covers various topics related to AWS security, including identity and access management, network security, instance security, data security, application security, incident response, disaster recovery, compliance, and governance.

In this updated edition, the authors show you how zero trust lets you focus on building strong authentication, authorization, and encryption throughout, while providing compartmentalized access and better operational agility. You'll learn the architecture of a zero trust network, including how to build one using currently available technology.

In the relentless cyber war, understanding that every individual and organization is a target is crucial. In this book, I offer a groundbreaking perspective on cybersecurity risk management, addressing a core issue: despite increased legislation and frameworks, massive breaches continue. Why? The problem often lies in ineffective or non-existent risk assessment and management, resulting in an ineffective cybersecurity program. Enter Heuristic Risk Management (HRM), a method I developed that is simple, intuitive, and highly effective. HRM cuts through the complexity of quantitative ...

Fundamentals, Networking, Threats, Attacks, Systems and many more - How to Prepare and Succeed. This book is a comprehensive guide to answering core cybersecurity questions that may arise during job interviews for a cybersecurity engineer or consultant position. It covers essential concepts and terminology expected to be known and understood by candidates, helping them become more confident in describing and demonstrating their knowledge during interviews. With this book, readers can verify their knowledge before their interview, identify areas they need to strengthen, and gain a solid ...

ISO 27001:2022 Explained – A Comprehensive Clause-by-Clause Guide Achieving ISO 27001:2022 compliance is essential for protecting your organization’s sensitive information and ensuring data security. This comprehensive guide takes you through the entire ISO 27001 framework with step-by-step instructions, real-world examples, and practical tools to help you build and maintain a robust Information Security Management System (ISMS).What’s Inside: Clause-by-Clause Breakdown: Each chapter offers a clear explanation of every ISO 27001 clause and how to implement it effectively. From Context...

This book is the second book in the "A Hacker, I Am" series, it is not your normal cybersecurity book, it's not meant to be read from front to back chapter by chapter, you open it up and pick which chapter piques your interest the most and read that one first. Then choose your next one and read that and continue the process until you have finally read all of them. By all means though if you want to stick to the old fashioned method of reading a book, knock yourself out and read it from the front to the back, hey you bought the book you should be able to read it however you want too. The ...

Dive into the world of ethical hacking and cybersecurity with Shimon Brathwaite's enlightening guide, "How to Make a Living Hacking Computers." This book demystifies the path to becoming a professional hacker - not one who breaks into systems with malicious intent, but a skilled expert who is hired to find vulnerabilities and strengthen the security of digital infrastructures. Brathwaite, with his extensive experience in the field, offers a comprehensive look into the various aspects of ethical hacking. Whether you're a complete novice curious about the field or a tech enthusiast looking to...