Security automation essentials : streamlined enterprise security management & monitoring with SCAP / Greg Witte [and three others].

Format:

Book

Author/Creator:

Witte, Greg, author.

Cook, Melanie, author.

Kerr, Matt, author.

Shaffer, Shane, author.

Contributor:

Books24x7, Inc.

Language:

English

Subjects (All):

Computer networks--Security measures--Standards.

Computer networks.

Computer security--Management.

Computer security.

SCAP (Computer network protocol).

Physical Description:

1 online resource (1 v.) : ill.

Edition:

1st edition

Other Title:

Streamlined enterprise security management and monitoring with Security Content Automation Protocol

Place of Publication:

New York : McGraw-Hill, [2012]

Language Note:

English

System Details:

text file

Summary:

Master the latest digital security automation technologies Achieve a unified view of security across your IT infrastructure using the cutting-edge techniques contained in this authoritative volume. Security Automation Essentials: Streamlined Enterprise Security Management & Monitoring with SCAP lays out comprehensive technical, administrative, and operational strategies for security management. Discover how to define baseline requirements, automatically confirm patches and updates, identify vulnerabilities, write customized auditing content, and evaluate compliance across your enterprise. Throughout, the authors provide detailed case studies and tips on selecting appropriate security components. Understand SCAP (Security Content Automation Protocol) technologies and standards Track compliance using benchmarks and scoring systems Build machine-readable configuration checks using XCCDF, OVAL, and OCIL Perform vulnerability assessments and find misconfiguration Maximize product interoperability through the use of standard enumeration Assess and monitor residual risk using CVSS values Use SCAP editors and XML to create and debug automated checks Accurately assess threats using software assurance automation

Contents:

Intro

Security Automation Essentials

About the Authors

About the Technical Editor

Contents at a Glance

Contents

Foreword

Acknowledgments

Introduction

Why This Book?

Who Should Read This Book

What This Book Covers

How to Use This Book

How Is This Book Organized?

Part I: Security Automation Essentials

Chapter 1: The Security Management Problem

Security Management Challenges

The Number and Variety of Systems and Software to Secure

The Need for Continuous Security Management

The Need for a Comprehensive Picture of Enterprise Security

The Need for Standardization in Security

Security Requirements from Regulations and Other Sources

The Security Automation Solution

Security Automation Basics

Knowledge About Individual Security Elements

Using Checklists to Achieve Compliance

The Evolution of Security Automation Technologies and Standards

Enumeration Standards

Language Standards

Risk Measurement Standards

Chapter 2: What Is SCAP?

The History of SCAP

The Parts of SCAP

Component Specifications

How the SCAP Component Specifications Fit Together

The SCAP Protocol

SCAP Content

The Value of SCAP

Inventorying Installed Software

Identifying Security Issues

Monitoring the Security State

Security Measures and Metrics

Quantifying Risk

Fostering Common Terminology

Part II: Using SCAP

Chapter 3: SCAP Checklist and Check Languages

Extensible Checklist Configuration Description Format

Data Model and Syntax

Benchmark

Items

Profile

TestResult

Open Vulnerability and Assesment Language

Data Model

Generator

Definition

Test

Object

State

Variables

OVAL Results

Open Checklist Interactive Language

OCIL Data Model

Questions

Question_Test_Action Elements

Questionnaires.

Putting It All Together

Chapter 4: Asset Management

Asset Identification

Literal and Synthetic Identifiers

Correlation

AI Elements

Helper Elements

Asset Reporting Format

Relationship Terms

ARF Example

Assessment Summary Results

System-Ident Model

Chapter 5: Enumerations

Automation Enumerations and Their Purposes

Enumerations Included in SCAP

Common Configuration Enumeration

CCE History

The Purpose of CCE

CCE Entries

CCE Submission Process

CC E and the National Vulnerability Database

Common Platform Enumeration

The New CPE 2.3 Stack

Common Vulnerability and Exposures

The Birth of CVE

CVE Editorial Board

CVE Identifiers

Common Vulnerability Scoring System

Other Related Enumerations and Expressions

Common Weakness Enumeration

Common Attack Pattern Enumeration and Classification

Common Malware Enumeration

Common Event Expression

Distributed Audit Service

Common Remediation Enumeration

Chapter 6: SCAP Vulnerability Measurement

CVSS History

CVSS Use Cases

Vulnerability Characteristics

CVSS Scoring

Base Scoring

Temporal Scores

Environmental Scores

Base, Temporal, Environmental Vectors

CVSS Equations

Your Mileage May Vary

Common Vulnerability Reporting Framework (CVRF)

Common Misuse Scoring System (CMSS)

Common Configuration Scoring System

Vulnerability Management in the Enterprise

Part III: Putting It All Together

Chapter 7: Building Automated Security Content

Working with Files

XML Editors

Content Maintenance Tools

Enhanced SCAP Editor (eSCAPe)

The eSCAPe Wizards

Opening and Navigating an SCAP Data Stream

Example: Finding Malware with SCAP

Example: Creating Content to Check for Malicious File

Using the Regex Validator Tool.

Using the Merge OVAL Documents Tool

Some Useful Tips for Creating Content

Explain Yourself

Make Sure It Works

Version Your Artifacts

Reuse of Artifacts

Content Correctness

Least Version Principle

Design for People

Follow the Rules of the Road

Minimize Extension Depth

Granularity

Customization

Performance

Regular Expressions

Chapter 8: Putting Security Automation to Work in the Enterprise

How Organizations Are Using Security Automation

Automated Hardware and Software Inventory

Security Configuration Management (SCM)

OpenSCAP Security Automation Software in Linux Distributions

Use of Security Automation to Track Management and Operational Security

Security Automation to Discover Malicious Software

Continuous Monitoring by Integrating Security Systems

Device Health Monitoring

Building a Healthy and Resilient Cyber Ecosystem

Chapter 9: Conclusion

The Road Ahead

Appendix: XCCDF, OVAL, OCIL, and Supporting Enumerations Usage

Index.

Notes:

Includes index.

Digitized and made available by: Books24x7.com.

Description based on print version record.

ISBN:

9786613770240

9781280998638

1280998636

9780071772525

0071772529

OCLC:

811552094