Amazon Exclusive: A Letter from Timothy “Thor” Mullen, Author of Thor’s Microsoft Security Bible, “Defensive Security”
Timothy "Thor" Mullen
As a kid, I used to take things apart so I could figure out how they worked. I thought it made perfect sense: to figure something out, just break it down into its components and it will all be clear. As it turned out, it wasn’t until I had to put something back together again that I actually learned something about its function and form.
I think it was one of my earliest experiences of being proved wrong when I thought I had it all figured out, and that lesson has served me well ever since. It’s really amazing how much more I learn when I tell myself that I’m not nearly as clever as I think I am, and how true subject matter expertise is as much a factor of realizing how much one doesn’t know as it is the collection of little bits of knowledge in any particular area.
As it relates to information security, I find the same mindset draws me to the design of defensive security measures as opposed to the more popular “break it” mentality that is so pervasive today. I simply find it more fulfilling and satisfying. It’s also more valuable. This may not make me very popular with all my hacker friends, but breaking security really isn’t all that hard. Just about anyone can come up with some attack technique they think is super cool and pretend it represents real security risks, but the truth is that they are a dime a dozen. I’m not knocking the research business and the conferences about how to hack and attack, I just don’t personally find much value in it.
As such, you’ll find that my writings are all about defense. It works, and it provides tangible value to an industry that clearly continues to suffer from security issues. If you are all about attacking and trying to break things, then you probably won’t find my books too interesting. But if you like having the skills to thwart everyone else’s attacks, then I hope that my work is of some value to you.
In either case, I am grateful for the opportunity to contribute in an area in which I feel that I add value, and hope you enjoy the material you find here.
"Mullen presents realistic business scenarios with tips on products, tools, and methods to create an autonomous web traffic monitor, analyze and block traffic based on geolocation, set up a secure external web proxy, cover remote desktop protocol security, and create and maintain service users."--Reference and Research Book News, August 2013 "This book presents a fascinating collections of practical and immediately implementable Microsoft security techniques, processes, and methodologies uniquely illustrated through real-world process examples. The author enriches the reader with detailed technical information on security processes for all major Microsoft applications in simple readable form…Top security professionals as well as many younger aspirants in the security sector should find this book extremely informative and useful."--Security Management, December 2012, page 83 "I was looking for the standard security bible (change this setting or that setting), and I did ultimately get that. Thor’s chosen delivery method does walk through the changing of settings, but does it in such a subtle way as to not make the content boring. This is a book that when you begin, you think ‘huh?’ But once you complete it, you think ‘Ah ha!’ Generally, security bibles can be dull, but given the author’s humor, vast knowledge of securing Windows Server 2008, and his ability to explain the topics to even a novice, makes this work shine. Anyone working in a Windows Server environment is doing themselves a disservice by not reading this book. The included video content was refreshing, as the author continues his dialogue with you. He walks through setting up Chapter 1 and Chapter 7 on the fly, so any mistakes you will see. It was nice to hear his voice, since, if you’re like me, it makes it easier when reading. TMSB is a great book, and for all you Windows 2008 Server Administrators out there, I’d run, not walk, to get this book!"--EthicalHacker.net "This book is aimed at technical, security and non-security professionals alike, used to bolster their security knowledge and to allow them to harden services that are often reliant on general OS hardening and firewalls. The book offers detailed descriptions on how to provide secure infrastructure services, such as SQL, as a least- privileged account, and therefore offers system engineers a guide to bolstering their system’s security posture as much as is possible."--Best Systems Administration Book in InfoSecReviews Book Awards
See all Editorial Reviews