Reviews – Help Net Security

Practical Purple Teaming is a guide to building stronger collaboration between offensive and defensive security teams. The book focuses on how to design and run effective purple team exercises that improve detection and response and strengthen trust between teams. About the author Alfie Champion is a Senior Security Analyst at GitHub who has fostered and developed purple team functions over the last decade, both with internal teams and while consulting. Champion has delivered talks and … More → The post Review: Practical Purple Teaming appeared first on Help Net Security.

Adversarial AI Attacks, Mitigations, and Defense Strategies shows how AI systems can be attacked and how defenders can prepare. It’s essentially a walkthrough of offensive and defensive approaches to AI security. About the author John Sotiropoulos is the Head Of AI Security at Kainos. A co-lead of the OWASP Top 10 for LLM Applications and OWASP AI Exchange, John leads alignment with other standards organizations and national cybersecurity agencies. He is also the OWASP lead … More → The post Review: Adversarial AI Attacks, Mitigations, and Defense Strategies appeared first on Help Net Security.

Data Engineering for Cybersecurity sets out to bridge a gap many security teams encounter: knowing what to do with the flood of logs, events, and telemetry they collect. About the author James Bonifield has a decade of experience analyzing malicious activity, implementing data pipelines, and training others in the security industry. He has built enterprise-scale log solutions, automated detection workflows, and led analyst teams investigating major cyber threat actors. Inside the book The book is … More → The post Review: Data Engineering for Cybersecurity appeared first on Help Net Security.

From Day Zero to Zero Day is a practical guide for cybersecurity pros who want to move beyond reading about vulnerabilities and start finding them. It gives a methodical look at how real vulnerability research is done. About the author Eugene Lim is a security researcher and white hat hacker. In 2019, he won the Most Valuable Hacker award at the H1-213 live hacking event in Los Angeles organized by Hackerone, the US Air Force, … More → The post Review: From Day Zero to Zero Day appeared first on Help Net Security.

CISA Certified Information Systems Auditor Practice Tests offers practical, domain-by-domain prep for the CISA exam, with hundreds of questions covering key objectives and real-world systems audit skills. About the authors Peter H. Gregory is a best-selling cybersecurity author, educator, keynote speaker, board advisor, and mentor. Mike Chapple is a teaching professor at the University of Notre Dame, cybersecurity author, trainer, and certification expert. Inside the book This book contains over 700 multiple-choice questions designed to … More → The post Review: CISA Certified Information Systems Auditor Practice Tests appeared first on Help Net Security.

For all the excitement around LLMs, practical, engineering-focused guidance remains surprisingly hard to find. LLM Engineer’s Handbook aims to fill that gap. About the authors Paul Iusztin is a Senior AI Engineer and founder of Decoding ML, a channel for content on learning how to design, code, and deploy production-grade ML. Maxime Labonne is the Head of Post-Training at Liquid AI, and He holds a Ph.D. in Machine Learning from the Polytechnic Institute of Paris. … More → The post Review: LLM Engineer’s Handbook appeared first on Help Net Security.

Over the years, the number of services we use has exploded, and so has the need to protect our credentials. Back in what I like to call “the age of innocence,” we scribbled passwords on paper or reused “password123” across five different accounts. Let’s be honest: those days are over. Whether we like it or not, password managers have become essential to good cybersecurity hygiene and one of the first lines of defense against unauthorized … More → The post Review: Passwork 7.0, self-hosted password manager for business appeared first on Help Net Security.

Attack Surface Management (ASM) has become one of those buzzwords that gets used a lot but rarely explained in detail. The authors of this book offer a practical guide that aims to change that. About the authors Ron Eddings is the Executive Producer at Hacker Valley Media. Melody Kaufmann is a freelance cybersecurity writer, and holds a Master’s in Information Security. Inside the book Organizations are dealing with environments that are always changing. These include … More → The post Review: Attack Surface Management appeared first on Help Net Security.

Redefining Hacking takes a look at how red teaming and bug bounty hunting are changing, especially now that AI is becoming a bigger part of the job. About the authors Omar Santos is a Distinguished Engineer at Cisco focusing on AI security, research, incident response, and vulnerability disclosure. Savannah Lazzara is a Security Engineer at Amazon, and co-lead of Red Team Village. Wesley Thurner is a Principal Security Engineer at Intuit. Inside the book The … More → The post Review: Redefining Hacking appeared first on Help Net Security.

Kali Linux has long been the go-to operating system for penetration testers and security professionals, and Learning Kali Linux, 2nd Edition by Ric Messier aims to guide readers through its core tools and use cases. This updated edition introduces new material on digital forensics and reverse engineering, while keeping its focus on practical, hands-on learning. It’s written for people who have at least some familiarity with Linux or command-line environments, but it doesn’t assume deep … More → The post Review: Learning Kali Linux, 2nd Edition appeared first on Help Net Security.