Published on Security Management (http://www.securitymanagement.com)
Hacking: The Next Generation
By Nitesh Dhanjani et al; Reviewed by Don Fergus, CISSP



    
Print Edition Only: 
No
Beyond Print?: 
No
Weight: 
-99
Teaser: 
A multiauthor volume that teaches how hacking has evolved to include sophisticated tools and methods that can compromise an individual or an enterprise.


 


***** Hacking: The Next Generation. By Nitesh Dhanjani et al; published by O’Reilly Media, www.oreilly.com [1] (Web); 304 pages; $39.99.


 


While many of the IT security texts that have appeared over the years focus on the same topics—buffer overflows, brute force password attacks, and other fundamentals—Hacking: The Next Generation acknowledges that attack vectors have shifted towards Web 2.0, the Cloud, and social networks, and that hacker sophistication has progressed in many cases faster than advances in countermeasures.


 


Providing a plethora of scripts, source code, tool listings, and case studies, the authors address a wide range of attacks and even how several can be used together. The text addresses the most current testing methodologies—from creating Perl, Python, and PHP scripts to leveraging many existing tools. The book does leave out some of the newest tool suites—such as BackTrack and Samurai—but keeping current is difficult with this evolving subject. In addition, while in most cases, the authors’ advice is fairly prescriptive, some “filler” text on social engineering techniques could have been omitted without losing value.


 


An important topic covered by the authors is the existence of “blended threats,” wherein particular vulnerabilities by themselves do not appear to pose much risk, but when combined together, they represent a serious danger. It is precisely these blended threats that are growing in popularity among cybercriminals and must be understood by security professionals.


 


While much of the information in the text can be gathered from various other sources, most organizations must be able to defend against all possible attacks and so having all of this information readily available in one place is of great benefit.


 


If you want to learn how criminal techniques have evolved to include sophisticated tools and methods that can compromise an individual or an enterprise, this book is for you.


 




Reviewer: Don Fergus, CISSP (Certified Information Systems Security Professional), is vice president and chief security officer at Intekras, Inc., which provides information assurance and cyber risk management services to public and private sector organizations. He is a member of the ASIS International Information Technology Security Council.


 


Author: 
Nitesh Dhanjani et al; Reviewed by Don Fergus, CISSP
Related Resources: 
Detail Image: 
Dhanjani_Rios_Hardin copy.gif
Thumbnail: 
Comments


    

    




  
Security Management is the award-winning publication of ASIS International, the preeminent international

organization for security professionals, with more than 38,000 members worldwide.


ASIS International, Inc. Worldwide Headquarters, 1625 Prince Street, Alexandria, Virginia 22314-2818 U.S.A.

703.519.6200 | fax 703.519.6299 | www.asisonline.org


ASIS


© 2013 Security Management

This site is protected by copyright and trade mark laws under U.S. and International law.

No part of this work may be reproduced without the written permission of Security Management.








    

    
Source URL: http://www.securitymanagement.com/article/hacking-next-generation-007578

    
Links:
[1] http://www.oreilly.com