What do you think?
Rate this book
Defensive Security Handbook: Best Practices for Securing Infrastructure
Despite the increase of high-profile hacks, record-breaking data leaks, and ransomware attacks, many organizations don't have the budget for an information security (InfoSec) program. If you're forced to protect yourself by improvising on the job, this pragmatic guide provides a security-101 handbook with steps, tools, processes, and ideas to help you drive maximum-security improvement at little or no cost.
Each chapter in this book provides step-by-step instructions for dealing with issues such as breaches and disasters, compliance, network infrastructure, password management, vulnerability scanning, penetration testing, and more. Network engineers, system administrators, and security professionals will learn how to use frameworks, tools, and techniques to build and improve their cybersecurity programs.
This book will help
Plan and design incident response, disaster recovery, compliance, and physical securityLearn and apply basic penetration-testing concepts through purple teamingConduct vulnerability management using automated processes and toolsUse IDS, IPS, SOC, logging, and monitoringBolster Microsoft and Unix systems, network infrastructure, and password managementUse segmentation practices and designs to compartmentalize your networkReduce exploitable errors by developing code securely
Each chapter in this book provides step-by-step instructions for dealing with issues such as breaches and disasters, compliance, network infrastructure, password management, vulnerability scanning, penetration testing, and more. Network engineers, system administrators, and security professionals will learn how to use frameworks, tools, and techniques to build and improve their cybersecurity programs.
This book will help
Plan and design incident response, disaster recovery, compliance, and physical securityLearn and apply basic penetration-testing concepts through purple teamingConduct vulnerability management using automated processes and toolsUse IDS, IPS, SOC, logging, and monitoringBolster Microsoft and Unix systems, network infrastructure, and password managementUse segmentation practices and designs to compartmentalize your networkReduce exploitable errors by developing code securely
598 pages, Kindle Edition
Published June 26, 2024
93 people are currently reading
290 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 23 of 23 reviews
August 7, 2019
This is a not bad overview of the variety of things you should do to secure your technology infrastructure. If you've been down in the weeds trying to pass the CISSP for example, this comes up for air and is pretty high level. Of course that is the disadvantage as well: Examples don't go very deep, and the breakdown of concepts can be a little too generic.
But in 2019 (the book was apparently written in 2016 and published in 2017) the book is dated, and was dated in 2017:
* Very little mention of cloud vendors like AWS;
* Very little mention of true Internet-scale solutions. So we get, for instance, Snort but not AWS services or ThreatStack which provide similar functionality at high volumes;
* Very behind on the software-development life cycle, even for 2017: For instance, no mention of contemporary continuous integration, and nothing about how this can now be a cloud-based service.
The author would probably say: Well this is about securing your infrastructure; but that train has left the building; everyone is at least hybrid (infrastructure split between on-prem and some kind of cloud, be it private or public).
The book also does things that are just irritating. It classes Ruby with Python and Perl because it's an interpreted language with flexible typing systems (p. 181). True enough. But Rubyists know that, and that is why they have some of the most deeply ingrained habits of testing. Automated testing is said to be "more complex and time-consuming to set up compared to static testing" (p. 184; I guess, but the book also acknowledges that static testing doesn't really work) but then doesn't mention things like JUnit, RSpec, etc. So the high level means you can't get a taste of the mainstream tools that make automated testing easier.
Finally, the chapter on Purple Teaming (ch. 18) is kind of phoned-in with largish screen shots that don't provide a lot of information. There's even a bit that says you can download Rawr by typing "git pull link-to-git-repo" -- what? Was there value? It was nice to read some distinctions across various terminologies and there's some nice advice here and there but . . . there sure is an opportunity for something similar that somehow digs into more interesting examples.
But in 2019 (the book was apparently written in 2016 and published in 2017) the book is dated, and was dated in 2017:
* Very little mention of cloud vendors like AWS;
* Very little mention of true Internet-scale solutions. So we get, for instance, Snort but not AWS services or ThreatStack which provide similar functionality at high volumes;
* Very behind on the software-development life cycle, even for 2017: For instance, no mention of contemporary continuous integration, and nothing about how this can now be a cloud-based service.
The author would probably say: Well this is about securing your infrastructure; but that train has left the building; everyone is at least hybrid (infrastructure split between on-prem and some kind of cloud, be it private or public).
The book also does things that are just irritating. It classes Ruby with Python and Perl because it's an interpreted language with flexible typing systems (p. 181). True enough. But Rubyists know that, and that is why they have some of the most deeply ingrained habits of testing. Automated testing is said to be "more complex and time-consuming to set up compared to static testing" (p. 184; I guess, but the book also acknowledges that static testing doesn't really work) but then doesn't mention things like JUnit, RSpec, etc. So the high level means you can't get a taste of the mainstream tools that make automated testing easier.
Finally, the chapter on Purple Teaming (ch. 18) is kind of phoned-in with largish screen shots that don't provide a lot of information. There's even a bit that says you can download Rawr by typing "git pull link-to-git-repo" -- what? Was there value? It was nice to read some distinctions across various terminologies and there's some nice advice here and there but . . . there sure is an opportunity for something similar that somehow digs into more interesting examples.
Read
August 12, 2020Good book to read through and see all the relevant information in a single place. Someone beginning in defensive security may find it useful too, but will probably look up other sources for the important topics: I found some of the details a bit random.
December 22, 2018
This book only covers the high-level stuff a blue-team or security engineer should know, but it's not a comprehensive reference at all.
July 14, 2017
I still can't tell the audience for this book.
This felt like some type of introduction to a broad set of infosec domains but it muddled brief solutioning with design and principles. It just read like a miss to me throughout.
It didn't got very deep so the interdependencies of what was covered seemed poorly addressed, perhaps due to the focus moving too quickly. A reader may gain some terminology from this but I wouldn't expect anyone who works in any area of information security to gain useful applications for their job. My feeling was that the book didn't engage a the issue of risk and how principle-based defensive information security controls can and should be employed to address it nor how the layering of those controls requires that decisions at one layer must affect subsequent decisions at other layers; the examples felt disconnected without demonstrating potential impact to the overall organizational information system.
All-in-all, I was disappointed but I know it can be difficult to deliver on such a vast field as infosec although I don't know what pressure, if any, can affect that delivery from a publishing perspective.
This felt like some type of introduction to a broad set of infosec domains but it muddled brief solutioning with design and principles. It just read like a miss to me throughout.
It didn't got very deep so the interdependencies of what was covered seemed poorly addressed, perhaps due to the focus moving too quickly. A reader may gain some terminology from this but I wouldn't expect anyone who works in any area of information security to gain useful applications for their job. My feeling was that the book didn't engage a the issue of risk and how principle-based defensive information security controls can and should be employed to address it nor how the layering of those controls requires that decisions at one layer must affect subsequent decisions at other layers; the examples felt disconnected without demonstrating potential impact to the overall organizational information system.
All-in-all, I was disappointed but I know it can be difficult to deliver on such a vast field as infosec although I don't know what pressure, if any, can affect that delivery from a publishing perspective.
May 14, 2022
A very shallow book that covers the entirety of defensive security. This is not really a criticism, just that in trying to cover all parts of defensive security it cannot be very in-depth about any particular subject. It does provide the topics which you can then continue researching and can act as a quick reference and perhaps that is where it's real value is. I did come out learning something from this, and if I was starting in cyber security without any knowledge at all it would be full of new learning topics.
Unfortunately it does not stay at the high-level description of the various techniques and aspects that you need in order to create a comprehensive security program. It goes from describing processes and policies and then explaining how to use UNIX specific tools complete with code snippets. Additionally I am a bit disappointed that it doesn't really point towards where you can learn more about a particular subject so I have to go digging around for books and learning materials on SIEM for example instead of having a list of recommended further reading.
Overall an alright book that is good to skim through to ensure you are aware of all of the many different aspects of defensive security
Unfortunately it does not stay at the high-level description of the various techniques and aspects that you need in order to create a comprehensive security program. It goes from describing processes and policies and then explaining how to use UNIX specific tools complete with code snippets. Additionally I am a bit disappointed that it doesn't really point towards where you can learn more about a particular subject so I have to go digging around for books and learning materials on SIEM for example instead of having a list of recommended further reading.
Overall an alright book that is good to skim through to ensure you are aware of all of the many different aspects of defensive security
November 29, 2019
I liked this book. I'm new to system administration, and I don't have a security background. I found the overview helpful.
If you're considering reading it, be warned that the book is not very detailed. It's more interested in giving a broad overview than going into detail about a particular technique. For example, the book mentions SELinux, but only in passing, and does not give examples of how to configure it.
One particular chapter, Purple Teaming, was not well written. It begins with a definition of open-source intelligence that is totally impenetrable.
However, the book makes up for its lack of detail by giving you an idea of how all of these pieces fit together, and giving you advice about how to sell a security change to management. I definitely think I'll be referencing this book again.
At 239 pages, it's a very approachable and helpful beginners book. Five stars.
If you're considering reading it, be warned that the book is not very detailed. It's more interested in giving a broad overview than going into detail about a particular technique. For example, the book mentions SELinux, but only in passing, and does not give examples of how to configure it.
One particular chapter, Purple Teaming, was not well written. It begins with a definition of open-source intelligence that is totally impenetrable.
However, the book makes up for its lack of detail by giving you an idea of how all of these pieces fit together, and giving you advice about how to sell a security change to management. I definitely think I'll be referencing this book again.
At 239 pages, it's a very approachable and helpful beginners book. Five stars.
May 5, 2019
I agree with other reviewers that the target audience for this is confusing to me. It varies wildly between being very broad and very specific. I still found it useful for introducing key terms and linking out to further references. It's probably most useful for individuals who have never worked in an organization with a security team, and who are interested in learning basic best practices, security team responsibilities and processes, etc.
February 21, 2020
This book is a great introduction to defensive security topics, I got to read this right before my first internship and it helped get me in right mindset. It was highly recommended to me and I continue to recommend it to others. I still reference this book from time to time and will probably buy the second edition if/when it comes out.
January 17, 2019
Decent overview of information security topics. A good starting point that has recommendations on how to progress in different areas. It will make you aware of a topic, point you in a direction to learn more if you wish to, and then move onto the next topic.
March 30, 2021
This book gave me a new outlook at how companies could and should manage information.
The only downside is that once you've read it you realise that companies really miss the mark when trying to be more secure..
The only downside is that once you've read it you realise that companies really miss the mark when trying to be more secure..
March 30, 2023
Buen libro. Puede ser leído por cualquier persona ya que no es muy técnico aunque ofrece ejemplos o términos que si son mas avanzados. Personalmente siento que el libro es una enumeración de objetivos a seguir con una breve explicación de como cumplir dicho objetivo.
September 4, 2017
Great overview/introductory resource.
September 9, 2019
Read for work and its a great primer on creating a security program.
May 6, 2020
Very helpful to understand and use security best practices
June 10, 2020
Common sense and practical. This is a must read. I haven't gotten around to purchasing it just yet but it's on the top of most of suggestions.
January 16, 2021
Great book for beginners. Keep it nearby.
January 21, 2021
Excellent book for those interested in computing security.
January 30, 2022
V
This entire review has been hidden because of spoilers.
July 10, 2022
great book. quick read and cover the fundamentals of infosec. will be a good refresher.
December 12, 2017
What a crappy book!! What a waste of money and time!
I am not sure what this book is trying to be?
It seems to be a book targeted towards CISOs/CIOs with little sprinkle of actual stuff here and there.
I didn't get anything out of this book. Extremely disappointed!
Still waiting for a good book on "Defensive Security".
I am not sure what this book is trying to be?
It seems to be a book targeted towards CISOs/CIOs with little sprinkle of actual stuff here and there.
I didn't get anything out of this book. Extremely disappointed!
Still waiting for a good book on "Defensive Security".
May 7, 2017
I feel bad for giving someone such a poor rating, but given the poor treatment of the topic, I feel compelled.
The book is very high-level (not even basic 101), it contained less value than simple google searches, it gave poor advice, and was riddled with grammatical issues. A great example of each of the above points can be seen in the Author’s treatment of DNSSEC:
"DNSSEC
DNS Security Extensions is a set of extensions to DNS that provide the resolvers origin authentication of DNS data. We recommend that you do not implement this. It has extremely high risks for the small amount that may be gained. Not only is there risk of taking down all of the DNS infrastructure, but it can provide attackers with a reliable source of dDoS amplification using the large secure DNS packets."
That is literally all the (poor) treatment DNSSEC gets.
I would suggest the publisher evaluate the price of the book; at $2.99 I would have much less expectation, and could have considered 2 stars.
The book is very high-level (not even basic 101), it contained less value than simple google searches, it gave poor advice, and was riddled with grammatical issues. A great example of each of the above points can be seen in the Author’s treatment of DNSSEC:
"DNSSEC
DNS Security Extensions is a set of extensions to DNS that provide the resolvers origin authentication of DNS data. We recommend that you do not implement this. It has extremely high risks for the small amount that may be gained. Not only is there risk of taking down all of the DNS infrastructure, but it can provide attackers with a reliable source of dDoS amplification using the large secure DNS packets."
That is literally all the (poor) treatment DNSSEC gets.
I would suggest the publisher evaluate the price of the book; at $2.99 I would have much less expectation, and could have considered 2 stars.
January 10, 2020
As long as you understand that this book is really a primer/starter for defensive security, it's really good. I would recommend it to anyone just getting started on IT security
April 5, 2017
The authors of this book try to cover a lot of ground! From developing a security program to hardening endpoints. I would sooner classify this as a 'Risk Management' than a "Network Architecture" book.
That said there is value to be found within these pages.
That said there is value to be found within these pages.
Displaying 1 - 23 of 23 reviews