Skip to main content

Active Cyber Defense Cycle

Active Cyber Defense Cycle

Robert M. Lee

ISBN: 978-1-119-21519-6

Jun 2019

336 pages

Select type: Paperback


Product not available for purchase


Countering flexible and persistent adversaries requires empowered defenders

The Active Cyber Defense Cycle empowers cyber defenders to unify their cyber security efforts into a single holistic strategy. Written by a renowned cyber defense expert, this book draws on the author's military and intelligence career complemented with his time in private industry and teaching at the SANS Institute, to provide a technology-agnostic model for countering advanced adversaries. By linking identification, response, and analysis, organizations of any size can better utilize their personnel to stay several steps ahead of increasingly determined adversaries. The Active Cyber Defense Cycle details a cohesive security operations approach that pulls together threat intelligence, network security monitoring, incident response, and threat and environmental manipulation. Analysis of each incident is incorporated into the next cycle, to help you build an ever-stronger system of prevention and defense. The author provides hands-on labs with packet captures, malware samples, and incident response data—enabling readers to train and test their skills with real-world tools.

Traditional cyber security models focus on only one or two core activities. Silos form between otherwise great teams and hinders long-term success. This book shows you how to bring your teams together and treat security as a process while leveraging an active defense to identify and respond to threats.

  • Unify existing security teams into a holistic strategy
  • Analyze incidents to continually evolve security within the organization
  • Integrate intelligence, response, monitoring, and threat analysis
  • Take a security operations focus towards hunting for threats in the environment

By going beyond individual silos to a larger, synergistic network of interlocking defenses, you transform cyber security from a disjointed architecture into a true learning system. Each part of the cycle informs the whole, leaving you better equipped, better informed, and better positioned to keep the network secure. The Active Cyber Defense Cycle details a model for holistic cyber security, and provides practical tools to ease implementation.