CISO's Guide to Penetration Testing: A Framework to Plan, Manage, and Maximize Benefits

— —

James S. Tiller

CISO's Guide to Penetration Testing

A Framework to Plan, Manage, and Maximize Benefits

James S. Tiller

$116

Paperback

Not in-store but you can order this
How long will it take?

Availability Information

We source books from suppliers in Australia and overseas. For books we don't currently have in stock, the time it takes to get them from our suppliers can vary widely - from a few days to a few months - so we check each book with each supplier to determine the expected time it will take to be supplied to us.

We then advise you accordingly. If the time taken to get any book is too long for you, you can let us know and we will cancel or adjust your order, and refund as required.

To find out the anticipated arrival time for specific items prior to ordering, please contact us by phone or email:

Phone +61 2 9264 3111, or 1800 4 BOOKS (1800 4 26657) if outside Sydney:
option 1 Abbey's Bookshop (Crime, History, Science, Kids & more) • info@abbeys.com.au
option 2 Language Book Centre (ESL & Foreign Languages) • language@abbeys.com.au
option 3 Galaxy Bookshop (Sci-fi, Fantasy, Romance, Graphic Novels) • sf@galaxybooks.com.au

QTY:

English

CRC Press
30 June 2020

Economics; Security services

CISO's Guide to Penetration Testing: A Framework to Plan, Manage, and Maximize Benefits details the methodologies, framework, and unwritten conventions penetration tests should cover to provide the most value to your organization and your customers. Discussing the process from both a consultative and technical perspective, it provides an overview of the common tools and exploits used by attackers along with the rationale for why they are used.

From the first meeting to accepting the deliverables and knowing what to do with the results, James Tiller explains what to expect from all phases of the testing life cycle. He describes how to set test expectations and how to identify a good test from a bad one. He introduces the business characteristics of testing, the imposed and inherent limitations, and describes how to deal with those limitations.

The book outlines a framework for protecting confidential information and security professionals during testing. It covers social engineering and explains how to tune the plethora of options to best use this investigative tool within your own environment.

Ideal for senior security management and anyone else responsible for ensuring a sound security posture, this reference depicts a wide range of possible attack scenarios. It illustrates the complete cycle of attack from the hacker’s perspective and presents a comprehensive framework to help you meet the objectives of penetration testing—including deliverables and the final report.

By: James S. Tiller
Imprint: CRC Press
Country of Publication: United Kingdom
Dimensions: Height: 234mm, Width: 156mm,
Weight: 585g
ISBN: 9780367382001
ISBN 10: 0367382008
Pages: 389
Publication Date: 30 June 2020
Audience: Professional and scholarly , Undergraduate
Format: Paperback
Publisher's Status: Active

Hacking and Security. Hacking Impacts. Black and White. Information Security. The Hacker. The Security Consultant. Business Justification. The Business of Security. Expectations. Timing is Everything. Reasoning. Consultative Approach. Ethics. Logistics. Methodology. Reconnaissance. Vulnerability Assessment. Testing. Tools and Technology. Exposures. Top 25 Tools. Scenarios. Conclusion.

James S. Tiller is the Vice-President of Security Professional Services, North American BT Global Services.

Reviews for CISO's Guide to Penetration Testing: A Framework to Plan, Manage, and Maximize Benefits

Staying in front of the bad guys and sometimes protecting yourself from the brain-dead acts in corporate environments are keys to successful security measures. Tiller teaches on the simplicity of security, breaking it down from smoke and mirrors to time-proven measures.... I have enjoyed reading Tiller's books in the past; his approach and ability to break down what is sometimes made to look like a complicated structure allows for not only a better understanding but a framework that is able to stand the test of time. -- Jeffrey Schmidt, Global Head Business Continuity, Security, and Governance, BT Global Services