- ホーム
- > 洋書
- > 英文書
- > Computer / General
Full Description
Combine the offensive capabilities of Kali Linux with the defensive strength of a security operations center to enhance cybersecurity for business and training purposes
Key Features
Gain practical experience in defensive security methods
Learn the correct process for acquiring, installing, and configuring a robust SOC from home
Create training scenarios for junior technicians and analysts using real-world cybersecurity utilities
Purchase of the print or Kindle book includes a free PDF eBook
Book DescriptionIntroduction to Kali Purple combines red team tools from the Kali Linux OS and blue team tools commonly found within a security operations center (SOC) for an all-in-one approach to cybersecurity. This book takes you from an overview of today's cybersecurity services and their evolution to building a solid understanding of how Kali Purple can enhance training and support proof-of-concept scenarios for your technicians and analysts.
After getting to grips with the basics, you'll learn how to develop a cyber defense system for Small Office Home Office (SOHO ) services. This is demonstrated through the installation and configuration of supporting tools such as virtual machines, the Java SDK, Elastic, and related software. You'll then explore Kali Purple's compatibility with the Malcolm suite of tools, including Arkime, CyberChef, Suricata, and Zeek. As you progress, the book introduces advanced features, such as security incident response with StrangeBee's Cortex and TheHive and threat and intelligence feeds. Finally, you'll delve into digital forensics and explore tools for social engineering and exploit development.
By the end of this book, you'll have a clear and practical understanding of how this powerful suite of tools can be implemented in real-world scenarios.What you will learn
Set up and configure a fully functional miniature security operations center
Explore and implement the government-created Malcolm suite of tools
Understand traffic and log analysis using Arkime and CyberChef
Compare and contrast intrusion detection and prevention systems
Explore incident response methods through Cortex, TheHive, and threat intelligence feed integration
Leverage purple team techniques for social engineering and exploit development
Who this book is forThis book is for entry-level cybersecurity professionals eager to explore a functional defensive environment. Cybersecurity analysts, SOC analysts, and junior penetration testers seeking to better understand their targets will find this content particularly useful. If you're looking for a proper training mechanism for proof-of-concept scenarios, this book has you covered. While not a prerequisite, a solid foundation of offensive and defensive cybersecurity terms, along with basic experience using any Linux operating system, will make following along easier.
Contents
Table of Contents
An Introduction to Cybersecurity
Kali Linux and the Elk Stack
Installing the Kali Purple Linux Environment
Configuring the ELK Stack
Sending Data to the ELK Stack
Traffic and Log Analysis
Intrusion Detection and Prevention Systems
Security Incident and Response
Digital Forensics
Integrating the Red Team and External Tools
Autopilot, Python, and NIST Control
