With more than 600 security tools in its arsenal, the Kali Linux distribution can be overwhelming. Experienced and aspiring security professionals alike may find it challenging to select the most appropriate tool for conducting a given test. This practical book covers Kalis expansive security capabilities and helps you identify the tools you need to conduct a wide range of security tests and penetration tests. Youll also explore the vulnerabilities that make those tests necessary.Author Ric Messier takes you through the foundations of Kali Linux and explains methods for conducting tests on networks, web applications, wireless security, password vulnerability, and more. Youll discover different techniques for extending Kali tools and creating your own toolset.Learn tools for stress testing network stacks and applicationsPerform network reconnaissance to determine whats available to attackersExecute penetration tests using automated exploit tools such as MetasploitUse cracking tools to see if passwords meet complexity requirementsTest wireless capabilities by injecting frames and cracking passwordsAssess web application vulnerabilities with automated or proxy-based toolsCreate advanced attack techniques by extending Kali tools or developing your ownUse Kali Linux to generate reports once testing is complete
Large language models (LLMs) are not just shaping the trajectory of AI, they're also unveiling a new era of security challenges. This practical book takes you straight to the heart of these threats. Author Steve Wilson, chief product officer at Exabeam, focuses exclusively on LLMs, eschewing generalized AI security to delve into the unique characteristics and vulnerabilities inherent in these models. Complete with collective wisdom gained from the creation of the OWASP Top 10 for LLMs list--a feat accomplished by more than 400 industry experts--this guide delivers real-world guidance and practical strategies to help developers and security teams grapple with the realities of LLM applications. Whether you're architecting a new application or adding AI features to an existing one, this book is your go-to resource for mastering the security landscape of the next frontier in AI. You'll learn: Why LLMs present unique security challenges How to navigate the many risk conditions associated with using LLM technology The threat landscape pertaining to LLMs and the critical trust boundaries that must be maintained How to identify the top risks and vulnerabilities associated with LLMs Methods for deploying defenses to protect against attacks on top vulnerabilities Ways to actively manage critical trust boundaries on your systems to ensure secure execution and risk minimization
Learn how to use Go's strengths to develop services that are scalable and resilient even in an unpredictable environment. With this book's expanded second edition, Go developers will explore the composition and construction of cloud native applications, from lower-level Go features and mid-level patterns to high-level architectural considerations. Each chapter in this new edition builds on the lessons of the previous chapter, taking intermediate to advanced developers through Go to construct a simple but fully featured distributed key-value store. You'll learn about Go generics, dependability and reliability, memory leaks, and message-oriented middleware. New chapters on security and distributed state delve into critical aspects of developing secure distributed cloud native applications. With this book you will: Learn the features that make Go an ideal language for building cloud native software Understand how Go solves the challenges of designing scalable distributed services Design and implement a reliable cloud native service by leveraging Go's lower-level features such as channels and goroutines Apply patterns, abstractions, and tooling to effectively build and manage complex distributed systems Overcome stumbling blocks when using Go to build and manage a cloud native service
Looking to leverage artificial intelligence in your products? This comprehensive book provides a clear and actionable framework to help product managers build AI-powered products that meet the needs of users and drive business growth. Author Marily Nika guides you through the most popular use cases that AI can solve and describes the technologies you can leverage for each use case. With this book, you'll quickly learn the tools and skill set you need throughout the AI product life cycle, and you'll understand how to create effective roadmaps for the products you're building. By the end of the book, AI product managers will be well-versed in AI and machine learning basics and will learn how to make the right trade-offs, identify the right use cases, and work effectively with research and engineering teams. This guide will help you: Build a framework that identifies opportunities for leveraging AI in products Understand the use cases that AI can help you solve Create a team with the skills and expertise to execute AI-powered products Learn best practices for measuring the success of AI-powered products Understand the ethical and legal considerations that come with building AI products Collaborate with scientists, engineers, and key stakeholders
Large language models (LLMs) and generative AI are rapidly changing the healthcare industry. These technologies have the potential to revolutionize healthcare by improving the efficiency, accuracy, and personalization of care. This practical book shows healthcare leaders, researchers, data scientists, and AI engineers the potential of LLMs and generative AI today and in the future, using storytelling and illustrative use cases in healthcare. Authors Kerrie Holley and Manish Mathur from Google's Healthcare and Life Sciences Industry team help you explore real-world applications of these technologies in healthcare, from personalized patient care and drug discovery to enhanced medical imaging and robot-assisted surgeries. You'll also learn the challenges of using these technologies--and the ethical implications of their application in this field. With this book, you will: Learn how LLMs and generative AI can help address and transform healthcare issues Explore the basics of LLMs and generative AI and learn how they work Learn how these technologies are being applied in healthcare today Understand several LLM and generative AI use cases Examine the ethics and challenges of applying LLMs and generative AI to healthcare Understand the potential use of LLMs and generative AI in healthcare in the near term and their prospects for the future
Get practical advice on how to leverage AI development tools for all stages of code creation, including requirements, planning, design, coding, debugging, testing, and documentation. With this practical book, beginners and experienced developers alike will learn how to use a wide range of tools, from general-purpose LLMs to code-specific systems.
Learn how to get started with Futures Thinking. With this practical guide, Phil Balagtas, founder of the Design Futures Initiative and the global Speculative Futures network, shows you how designers and futurists have made futures work at companies such as Atari, IBM, Apple, Disney, Autodesk, Lufthansa, and McKinsey & Company. This book demystifies the process of Futures Thinking into a language that's practical and useful for both designers and strategists. You'll learn about Strategic Foresight for using ideas about the future to anticipate and prepare for change; explore Speculative Design to deal with the relationship between science, technology, and humans; and Design Fiction to explore and critique possible futures. Balagtas also shares stories from his journey to build a global community and describes how he works with clients to reshape the futures vocabulary. With this guide, you'll learn how to: Prepare your client, team, and/or audience for futures Facilitate and work with the fundamental methods and frameworks Gain advocacy and support within your organization Provide measurable value from the process and outcomes Build a futures culture and team Sustain a culture and support system beyond projects
As the transformation to hybrid multicloud accelerates, businesses require a structured approach to securing their workloads. Adopting zero trust principles demands a systematic set of practices to deliver secure solutions. Regulated businesses, in particular, demand rigor in the architectural process to ensure the effectiveness of security controls and continued protection. This book provides the first comprehensive method for hybrid multicloud security, integrating proven architectural techniques to deliver a comprehensive end-to-end security method with compliance, threat modeling, and zero trust practices. This method ensures repeatability and consistency in the development of secure solution architectures. Architects will learn how to effectively identify threats and implement countermeasures through a combination of techniques, work products, and a demonstrative case study to reinforce learning. You'll examine: The importance of developing a solution architecture that integrates security for clear communication Roles that security architects perform and how the techniques relate to nonsecurity subject matter experts How security solution architecture is related to design thinking, enterprise security architecture, and engineering How architects can integrate security into a solution architecture for applications and infrastructure using a consistent end-to-end set of practices How to apply architectural thinking to the development of new security solutions About the authors Mark Buckwell is a cloud security architect at IBM with 30 years of information security experience. Carsten Horst with more than 20 years of experience in Cybersecurity is a certified security architect and Associate Partner at IBM. Stefaan Van daele has 25 years experience in Cybersecurity and is a Level 3 certified security architect at IBM.
Using machine learning for products, services, and critical business processes is quite different from using ML in an academic or research setting--especially for recent ML graduates and those moving from research to a commercial environment. Whether you currently work to create products and services that use ML, or would like to in the future, this practical book gives you a broad view of the entire field. Authors Robert Crowe, Hannes Hapke, Emily Caveness, and Di Zhu help you identify topics that you can dive into deeper, along with reference materials and tutorials that teach you the details. You'll learn the state of the art of machine learning engineering, including a wide range of topics such as modeling, deployment, and MLOps. You'll learn the basics and advanced aspects to understand the production ML lifecycle. This book provides four in-depth sections that cover all aspects of machine learning engineering: Data: collecting, labeling, validating, automation, and data preprocessing; data feature engineering and selection; data journey and storage Modeling: high performance modeling; model resource management techniques; model analysis and interoperability; neural architecture search Deployment: model serving patterns and infrastructure for ML models and LLMs; management and delivery; monitoring and logging Productionalizing: ML pipelines; classifying unstructured texts and images; genAI model pipelines
Frontend developers have to consider many things: browser compatibility, usability, performance, scalability, SEO, and other best practices. But the most fundamental aspect of creating websites is one that often falls short: accessibility. Accessibility is the cornerstone of any website, and if a website is inaccessible, users won't be able to interact with it, obtain information, sign up for services, or buy products. The Web Accessibility Cookbook provides you with dozens of recipes to help you avoid these failures. You'll learn how to build common components, such as main navigation, filters, and dialogs, in an accessible manner. Each recipe not only explains how to build things but also why. Author Manuel Matuzovic provides the knowledge you need to create your own accessible components and address your users' varying needs, abilities, and preferences. With this practical guide, you will: Learn how to build websites that feature inclusive frontends Discover the common obstacles website users face every day Understand how your decisions impact users Learn how to build accessible frontends step-by-step Write high-quality markup and CSS Evaluate the accessibility of frontend components
Geared to intermediate- to advanced-level DBAs and IT professionals looking to enhance their MySQL skills, this guide provides a comprehensive overview on how to manage and optimize MySQL databases. You'll learn how to create databases and implement backup and recovery, security configurations, high availability, scaling techniques, and performance tuning. Using practical techniques, tips, and real-world examples, authors Arunjith Aravindan and Jeyaram Ayyalusamy show you how to deploy and manage MySQL, Amazon RDS, Amazon Aurora, and Azure MySQL. By the end of the book, you'll have the knowledge and skills necessary to administer, manage, and optimize MySQL databases effectively. Design and implement a scalable and reliable database infrastructure using MySQL 8 on premises and cloud Install and configure software, manage user accounts, and optimize database performance Use backup and recovery strategies, security measures, and high availability solutions Apply best practices for database schema design, indexing strategies, and replication techniques Implement advanced database features and techniques such as replication, clustering, load balancing, and high availability Troubleshoot common issues and errors, using diagnostic tools and techniques to identify and resolve problems quickly and efficiently Facilitate major MySQL upgrades including MySQL 5.7 to MySQL 8
Jack the Ripper and legacy codebases have more in common than you'd think. Inspired by forensic psychology methods, you can apply strategies to identify problems in your existing code, assess refactoring direction, and understand how your team influences the software architecture. With its unique blend of criminal psychology and code analysis, Your Code as a Crime Scene arms you with the techniques you need to take on any codebase, no matter what programming language you use.Software development might well be the most challenging task humanity ever attempted. As systems scale up, they also become increasingly complex, expensive to maintain, and difficult to reason about. We can always write more tests, try to refactor, and even fire up a debugger to understand complex coding constructs. That's a great starting point, but you can do so much better.Take inspiration from forensic psychology techniques to understand and improve existing code. Visualize codebases via a geographic profile from commit data to find development hotspots, prioritize technical debt, and uncover hidden dependencies. Get data and develop strategies to make the business case for larger refactorings. Detect and fix organizational problems from the vantage point of the software architecture to remove bottlenecks for the teams.The original Your Code as a Crime Scene from 2014 pioneered techniques for understanding the intersection of people and code. This new edition reflects a decade of additional experience from hundreds of projects. Updated techniques, novel case studies, and extensive new material adds to the strengths of this cult classic.Change how you view software development and join the hunt for better code!What You Need:You need to be comfortable reading code. You also need to use Git (or Subversion, Mercurial or similar version-control tool).
Augmented Analytics isn't just another book on data and analytics; it's a holistic resource for reimagining how your entire organization interacts with information so that it becomes insight-driven. Go beyond traditional, limited ways of making sense of data. Augmented Analytics provides a dynamic, actionable strategy for improving your organization's analytical capabilities. With this book, you can infuse your workflows with intelligent automation and modern artificial intelligence, empowering more team members to make informed, data-driven decisions. Be aware: This book is not just about adding another forecast to your dashboard. It goes deeper, presenting a holistic approach to fostering a data-driven culture of analytics excellence throughout your organization. You'll explore: Key elements and building blocks of augmented analytics, including its benefits, potential challenges, and relevance in today's business landscape Best practices for preparing and implementing augmented analytics in your organization, including analytics roles, mindset, toolset, and skill set Best practices for data enablement, liberalization, trust, and accessibility How to apply a use case approach to drive business value and use augmented analytics as an enabler, with selected case studies Drawing on extensive, real-world experience leading large organizations through this transformation, the authors provide a clear, actionable path to accelerate your organization's journey to analytical excellence.
A decade ago, developers built information-sharing software by writing a lot of custom code in a single code base, then adding layers of caching. Now we build information systems: interdependent software and services, data platforms, and event streams. Many of our software-to-systems initiatives fail, though, and when they do, we double down on traditional linear approaches. But linear thinking cannot resolve systems challenges. We need to shift to systems thinking. This book shows software developers and architects how systems thinking can guide you through the emerging complexity of modern systems. Author Diana Montalion presents a vision of technology architecture that transforms how we learn, communicate, and collaborate with others. Through practical examples and scenarios, you'll learn how to develop critical self-reflection and decision-making skills amid complexity and uncertainty--and lead impactful cultural change within your organization. You'll learn: How linear thinking limits your perspective on software systems The obstacles to changing your perspective and how to move past them How systems and nonlinear thinking help you understand and navigate complex issues arising from internal and external factors Methods for creating sound, cross-functional recommendations in the midst of complexity and uncertainty How nonlinear approaches improve the quality of architectural thinking and deliver impactful change for organizations How to provide a modern style of leadership as software becomes information systems
JavaScript gives web developers great power to create rich interactive browser experiences, and much of that power is provided by the browser itself. Modern web APIs enable web-based applications to come to life like never before, supporting actions that once required browser plug-ins. Some are still in an experimental stage, but many are ready for use today. With this hands-on cookbook, author Joe Attardi helps you explore the powerful APIs available in modern browsers and guides you through the specific tasks that they unlock. Because these features are web standards, there is comprehensive documentation available from trusted resources such as MDN Web Docs. The knowledge you'll gain is transferable across different companies and projects. Learn the breadth of functionality available in modern browser APIs Explore future APIs that are still in an experimental stage Discover newer elements, such as dialog that replaces the need for a third-party library Build more powerful and interactive web applications using native APIs Understand the permissions model used by the browser to unlock functionality such as geolocation and push notifications
In today's fast-paced world, more and more organizations require rapid application development with reduced development costs and increased productivity. This practical guide shows application developers how to use PowerApps, Microsoft's no-code/low-code application framework that helps developers speed up development, modernize business processes, and solve tough challenges. Author Arpit Shrivastava provides a comprehensive overview of designing and building cost-effective applications with Microsoft Power Apps. You'll learn fundamental concepts behind low-code and no-code development, how to build applications using pre-built and blank templates, how to design an app using Copilot AI and drag and drop PowerPoint-like controls, use Excel-like expressions to write business logic for an app, and integrate apps with external data sources. With this book, you'll: Learn the importance of no-code/low-code application development Design mobile/tablet (canvas apps) applications using pre-built and blank templates Design web applications (model-driven apps) using low-code, no-code, and pro-code components Integrate PowerApps with external applications Learn basic coding concepts like JavaScript, Power Fx, and C# Apply best practices to customize Dynamics 365 CE applications Dive into Azure DevOps and ALM concepts to automate application deployment Citizen developers and professional application developers alike will be able to design robust applications and solve real world business challenges using Power Apps. Arpit Shrivastava is a Microsoft MVP and Power Platform architect at Capgemini, with vast experience working with Microsoft Dynamics 365 and the Power Platform.
Methods of delivering software are constantly evolving in order to increase speed to market without sacrificing reliability and stability. Mastering development end to end, from version control to production, and building production-ready code is now more important than ever. Continuous deployment takes it one step further. This method for delivering software automates the final step to production and enables faster feedback and safer releases. Based on years of work with medium to large organizations at Thoughtworks, author Valentina Servile explains how to perform safe and reliable deployments with no manual gate to production. You'll learn a framework to perform incremental, safe releases during everyday development work, structured exclusively around the challenges of continuous deployment in nontrivial, distributed systems. Complete with interviews and case studies from fellow industry professionals. Close the feedback loop and leverage the production environment to manage your end-to-end development lifecycle efficiently. This book helps you: Take observability, performance, test automation, and security into account when splitting work into increments Create a daily development plan that takes immediate deployments to production into account Deploy work in progress to production incrementally without causing regressions Use patterns to refactor live functionality and alter persistence layers Test and release features in production using different feature toggle configurations
Data science happens in code. The ability to write reproducible, robust, scaleable code is key to a data science project's success--and is absolutely essential for those working with production code. This practical book bridges the gap between data science and software engineering, clearly explaining how to apply the best practices from software engineering to data science. Examples are provided in Python, drawn from popular packages such as NumPy and pandas. If you want to write better data science code, this guide covers the essential topics you need (and that are often missing from introductory data science or coding classes), including how to: Understand data structures and object-oriented programming Clearly and skillfully document your code Package and share your code Integrate data science code with a larger codebase Write APIs Create secure code Apply best practices to common tasks such as testing, error handling, and logging Work more effectively with software engineers Write more efficient, maintainable, and robust code in Python Put your data science projects into production And more
"Python is an excellent way to get started in programming, and this clear, concise guide walks you through Python a step at a time--beginning with basic programming concepts before moving on to functions, data structures, and object-oriented design."--
How will software development and operations have to change to meet the sustainability and green needs of the planet? And what does that imply for development organizations? In this eye-opening book, sustainable software advocates Anne Currie, Sarah Hsu, and Sara Bergman provide a unique overview of this topic-discussing everything from the likely evolution of national grids to the effect those changes will have on the day-to-day lives of developers. Ideal for everyone from new developers to CTOs, Building Green Software tackles the challenges involved and shows you how to build, host, and operate code in a way that's not only better for the planet, but also cheaper and relatively low-risk for your business. Most hyperscale public cloud providers have already committed to net-zero IT operations by 2030. This book shows you how to get on board.
In today's cloud native world, where we automate as much as possible, everything is code. With this practical guide, you'll learn how policy as code (PaC) provides the means to manage the policies that guide our responses as well as the systems we maintain--Kubernetes, cloud security, software supply-chain security, infrastructure-as-code, and microservices authorization, among others. Author Jimmy Ray, a developer advocate on the Amazon Web Services Kubernetes team, provides a practical approach to integrating PaC solutions into your systems, with plenty of real-world examples and important hands-on guidance. DevOps and DevSecOps engineers, Kubernetes developers, and cloud engineers will understand how to choose and then implement the most appropriate solutions. Understand PaC theory, best practices, and use cases for security Learn how to choose and use the correct PaC solution for your needs Explore PaC tooling and deployment options for writing and managing PaC policies Apply PaC to DevOps, IaC, Kubernetes, and AuthN/AuthZ Examine how you can use PaC to implement security controls Verify that your PaC solution is providing the desired result Create auditable artifacts to satisfy internal and external regulatory requirements
By incorporating cyber threat intelligence, adversary emulation provides a form of cybersecurity assessment that mimics advanced persistent threat (APT) tactics, techniques, and procedures (TTPs). This comprehensive guide introduces an empirical approach with strategies and processes collected over a decade of experience in the cybersecurity field. You'll learn to assess resilience against coordinated and stealthy threat actors capable of harming an organization. Author Drinor Selmanaj demonstrates adversary emulation for offensive operators and defenders using practical examples and exercises that actively model adversary behavior. Each emulation plan includes different hands-on scenarios, such as smash-and-grab or slow-and-deliberate. This book uses the MITRE ATT&CK knowledge base as a foundation to describe and categorize TTPs based on real-world observations, and provides a common language that's standardized and accessible to everyone. You'll learn how to: Map Cyber Threat Intelligence to ATT&CK Define Adversary Emulation goals and objectives Research Adversary Emulation TTPs using ATT&CK knowledge base Plan Adversary Emulation activity Implement Adversary tradecraft Conduct Adversary Emulation Communicate Adversary Emulation findings Automate Adversary Emulation to support repeatable testing Execute FIN6, APT3, and APT29 emulation plans
"C# is undeniably one of the most versatile programming languages available to engineers today. With this comprehensive guide, you'll learn just how powerful the combination of C# and .NET can be. Author Ian Griffiths guides you through C# 12.0 and .NET 8 fundamentals and techniques for building cloud, web, and desktop applications. Designed for experienced programmers, this book provides many code examples to help you work with the nuts and bolts of C#, such as generics, LINQ, and asynchronous programming features. You'll get up to speed on .NET 8 and the latest C# 11.0 and 12.0 additions, including generic math, new polymorphism options, enhanced pattern matching, and new features designed to improve productivity. This book helps you: Understand how .NET has changed in recent releases and learn what it means for application development; Select the appropriate C# language features for any task; Learn when to use the new features and when to stick with older ones; Examine the range of functionality in .NET's class libraries; Apply these class libraries to practical programming tasks; Explore numerous small additions to .NET that improve expressiveness"--
"In today's data-driven world, understanding statistical models is crucial for effective analysis and decision making. Whether you're a beginner or an experienced user, this book equips you with the foundational knowledge to grasp and implement statistical models within Tableau. Gain the confidence to speak fluently about the models you employ, driving adoption of your insights and analysis across your organization. As AI continues to revolutionize industries, possessing the skills to leverage statistical models is no longer optional--it's a necessity. Stay ahead of the curve and harness the full potential of your data by mastering the ability to interpret and utilize the insights generated by these models. Whether you're a data enthusiast, analyst, or business professional, this book empowers you to navigate the ever-evolving landscape of data analytics with confidence and proficiency. Start your journey toward data mastery today."--
"How do some organizations maintain 24-7 internet-scale operations? How can organizations integrate security while continuously deploying new features? How do organizations increase security within their DevOps processes? This practical guide helps you answer those questions and more. Author Steve Suehring provides unique content to help practitioners and leadership successfully implement DevOps and DevSecOps. Learning DevSecOps emphasizes prerequisites that lead to success through best practices and then takes you through some of the tools and software used by successful DevSecOps-enabled organizations. You'll learn how DevOps and DevSecOps can eliminate the walls that stand between development, operations, and security so that you can tackle the needs of other teams early in the development lifecycle. This book helps you: Learn why DevSecOps is about culture and processes, with tools to support the processes; Understand why DevSecOps practices are key elements to deploying software in a 24-7 environment; Deploy software using a DevSecOps toolchain and create scripts to assist; Integrate processes from other teams earlier in the software development lifecycle; Help team members learn the processes important for successful software development"--
Rust's popularity is growing, due in part to features like memory safety, type safety, and thread safety. But these same elements can also make learning Rust a challenge, even for experienced programmers. This practical guide helps you make the transition to writing idiomatic Rust--while also making full use of Rust's type system, safety guarantees, and burgeoning ecosystem. If you're a software engineer who has experience with an existing compiled language, or if you've struggled to convert a basic understanding of Rust syntax into working programs, this book is for you. By focusing on the conceptual differences between Rust and other compiled languages, and by providing specific recommendations that programmers can easily follow, Effective Rust will soon have you writing fluent Rust, not just badly translated C++. Understand the structure of Rust's type system Learn Rust idioms for error handling, iteration, and more Discover how to work with Rust's crate ecosystem Use Rust's type system to express your design Win fights with the borrow checker Build a robust project that takes full advantage of the Rust tooling ecosystem
Prenumerera på vårt nyhetsbrev för att få fantastiska erbjudanden och inspiration för din nästa läsning.
Genom att registrera dig accepterar du vår personuppgiftspolicy.
