Computer Incident and Product Vulnerability Handling (Net... and over one million other books are available for Amazon Kindle. Learn more
Buy New
$35.08
Qty:1
  • List Price: $49.99
  • Save: $14.91 (30%)
Only 3 left in stock (more on the way).
Ships from and sold by Amazon.com.
Gift-wrap available.
Add to Cart
Want it Tuesday, April 22? Order within and choose One-Day Shipping at checkout. Details
Trade in your item
Get a $5.38
Gift Card.
Have one to sell?
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more

Computer Incident Response and Product Security (Networking Technology: Security) Paperback

ISBN-13: 978-1587052644 ISBN-10: 1587052644 Edition: 1st

See all 2 formats and editions Hide other formats and editions
Amazon Price New from Used from Collectible from
Kindle
"Please retry"
Paperback
"Please retry"
$35.08
$23.98 $28.00

Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student



Frequently Bought Together

Computer Incident Response and Product Security (Networking Technology: Security) + Security Policies and Procedures: Principles and Practices
Price for both: $149.31

Buy the selected items together

Customers Who Bought This Item Also Bought

NO_CONTENT_IN_FEATURE

certification
Certification Central
Ace your tech certification test with resources from Certification Central. Get guides for a full range of certifications--from CCNA and SQL server to PMP and Network+. Explore more.

Product Details

  • Series: Networking Technology: Security
  • Paperback: 256 pages
  • Publisher: Cisco Press; 1 edition (December 16, 2010)
  • Language: English
  • ISBN-10: 1587052644
  • ISBN-13: 978-1587052644
  • Product Dimensions: 0.5 x 7.2 x 8.8 inches
  • Shipping Weight: 15.2 ounces (View shipping rates and policies)
  • Average Customer Review: 4.0 out of 5 stars  See all reviews (4 customer reviews)
  • Amazon Best Sellers Rank: #1,364,908 in Books (See Top 100 in Books)

Editorial Reviews

About the Author

Damir Rajnovic finished his education in Croatia where, in 1993, he started his career in computer security. He started at the Croatian News Agency Hina, then moved on to the Ministry of Foreign Affairs, and finally to the Ministry of Science and Technology. During that time, Damir became involved with the Forum of Incident Response Teams (FIRST) and established the Croatian Academic and Research Network Computer Incident Response Team (CARNet CERT), which, until recently, was not only handling computer incidents for CARNet but was also acting as the Croatian national CERT. Damir then moved to the United Kingdom to work in EuroCERT which was a project that aimed to coordinate CERTs within the European region. After EuroCERT, Damir moved to the Cisco Product Security Incident Response Team (Cisco PSIRT), where he is still working. Cisco PSIRT is the focal point for managing security vulnerabilities in all Cisco products.

 

Damir remains active in FIRST, where he created Vendor SIG, and currently serves as liaison officer to the International Organization for Standardization (ISO) and International Telecommunication Union (ITU). Damir was an invited lecturer for the MSc Information Technology Security course at Westminster University, London. He was one of the core people who dreamed up and formed the Industry Consortium for the Advancement of Security on the Internet (ICASI).

 

His nonsecurity-related work includes working as a sound engineer on Radio 101 (http://www.radio101.hr) while living in Zagreb, Croatia. Damir lives with his family in Didcot, UK.

 


More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

4.0 out of 5 stars
Share your thoughts with other customers

Most Helpful Customer Reviews

7 of 9 people found the following review helpful By Richard Bejtlich on March 31, 2011
Format: Paperback
When I first learned that Cisco Press was publishing a book about product security (Computer Incident Response and Product Security, or CIRAPS), I was excited to see what they might create. Cisco's Product Security Incident Response Team (PSIRT) is one of the best in the industry, with a long history and mature processes. Furthermore, no published book currently provides extensive coverage for companies trying to design, build, and run their own PSIRT. Rather than focusing on this topic and thoroughly examining it, however, CIRAPS spends only 100 pages out of a 215 page book talking about PSIRT issues. While there are parts of CIRAPS that I found interesting, I don't think they justify reading the whole book.

I'll keep this review short by first listing CIRAPS' strengths. I liked the section on managing encryption keys in ch 2. This is the kind of practical issue that is critical to CIRT or PSIRT operations, but not given enough coverage (aside from Michael Lucas' excellent book on PGP/GPG). I enjoyed the discussion in ch 3 on handling time zones and working hours. The first half of the book also discussed considerations for hiring the right kind of people into your CIRT, another subject not well-covered elsewhere.

I found the following to be weaknesses of CIRAPS. Ch 3 had little to nothing to say about detecting computer security incidents, aside from recommending honeypots and baselining traffic. These are completely inadequate in the modern threat environment, and were really inadequate for the last 15 years. I got the sense that the CIRT described in CIRAPS is the kind of group that receives calls for help from users and IT teams, interviews the reporter, and then makes recommendations. That is one sort of CIRT, but it's more of an incident help desk.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
2 of 2 people found the following review helpful By Ben Rothke on January 24, 2011
Format: Paperback
When someone calls 911 in a panic to report an emergency, within seconds the dispatcher knows where the call is coming from, and help is often only moments away.

When it comes to computer security incidents, often companies are not as resilient in their ability to quickly respond. Take for instance the TJX Cos. data breach, where insecure wireless networks were compromised for months, revealing millions of personal records, before they were pinpointed and finally secured. Once made aware of the issue, it took TJX an additional few months until the situation was in completely in control and secured.

In Computer Incident Response and Product Security, author Damir Rajnovic provides the reader with an excellent and practical guide to the fundamentals of building and running a security incident response team. The book is focused on getting the reader up to speed as quick as possible and is packed with valuable real-world and firsthand guidance.

Be it a IRT (Incident Response Team), CIRT (Computer Incident Response Team), CERT (Computer Emergency Response Team), or CSIRT (Computer Security Incident Response Team); whatever the term used, companies desperately need a process and team to formally respond to computer security incidents. The simple equation is that to the degree the incident is quickly identified, handled and ameliorated; is to the extent that the damage is contained and limited.

At just over 200 pages, the books 13 chapters provides an excellent foundation on which to start a CIRT. The book is divided into two parts. Chapters 1-6 form part 1, Computer Security Incidents, with part 2 being on Product Security.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
Format: Paperback
The book is pitched at a manager who does not have a deep computing background. It explains numerous aspects of running a computer security team. There is very little jargon or indepth discussion of how a cracker might mount a successful intrusion. Instead you can see what computer security groups already exist, and how to contact them for assistance. The descriptions in Chapter 6 of major security groups shows a global distribution, albeit with an American emphasis. You should not hesitate to avail yourself of this global security backup. Likely, those in a security group might have already encountered a similar attack and can suggest countermeasures. Remember that for a mass attack by a cracker, your company is probably not the only victim, and a security group often will have a larger picture of the attack.

Of course, your team might have first taken precautions in securing your network and its machines. Here, the book suggests how to do a survey and analysis of your computing environment before any attack. This proactive approach lets you and your team calmly prepare for a perhaps inevitable attack.

Some issues like whether to publicly disclose that your company has been under attack can be difficult to decide. Your firm might be in an industry where it has an obligation to disclose if, say, a cracker has copied your customer [personal] data. But what if there is no legal obligation. Should you still disclose? Never a pleasant thing to decide! So the book gives you incentive to absorb its advice and try to prevent such an occurrence.

The references at the end of each chapter take you into more detailed technical discussions. Useful if you need extra information.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Product Images from Customers

Search
ARRAY(0xa362a3e4)

What Other Items Do Customers Buy After Viewing This Item?