Hack I.T.--Security Through Penetration Testing ─ Security Through Penetration Testing

Useful for security personnel (and hackers too?) this book offers a framework for penetration, and step-by-step instruction on the process. After introducing penetration testing and outlining its role in network security planning, the book describes the roles and responsibilities of a penetration testing professional, the motivations and strategies of hackers, potential system vulnerabilities, and avenues of attack. A companion CD-ROM contains security tools. The authors work for a security firm. Annotation c. Book News, Inc., Portland, OR (booknews.com)

T.J. Klevinsky is part of Ernst & Young?s Security and Technology Solutions practice, where he coordinates attack and penetration exercises for Fortune 500 corporations worldwide. He is also an instructor for the Ernst & Young?s Extreme Hacking course. Additionally, T.J. is an instructor with SANS, where he teaches the course Contemporary Hacking Tools and Penetration Testing, a survey of recent security related software tools.

Scott Laliberte, CISSP, CISM, MBA, is a leader of Protiviti’s Global Information Security Practice. He has extensive experience in the areas of information systems security, network operations, incident response, and e-commerce, and has served clients in many industries, including healthcare, life sciences, financial services, manufacturing, and other industries. Scott has led many security engagements, including attack and penetration studies, Web application security reviews, systems vulnerability assessments, wireless security reviews, and security systems implementation. In addition, he has led a number of incident response projects, which help organizations identify, stop, and recover from security incidents and attacks. He has spoken on information security topics for a variety of audiences and industries, including MIS Training Institute (MISTI), National Association of Financial Services Auditors (NAFSA), ISACA, IIA, and HCCA. He has been quoted as a security expert in theFinancial Times, Securities Industries News, and elsewhere, and has authored numerous information security articles for a variety of publications.

Ajay Gupta, CISSP, founder and president of Gsecurity, is an expert on cyber security, secure architecture, and information privacy. Gsecurity provides cyber security and data privacy services to federal, state, and local governments, as well as commercial clients in the educational, financial, and health-care sectors.