Network attacks and exploitation: a framework
There is no other book like this one, indeed I would say this is the only book I have read of this nature. It has been written and edited by Matthew Monte
and Dave Aitel two experts in the field. The main focus of the book is Computer Network Exploitation (CNE) from a strategic point of view. Most books today are focused on the tactical level for security practitioners, however, this book suits perfectly those readers that are not extremely technical and are interested in how CNE is planned from a strategic level. Those working in the industry, specifically in strategic threat intelligence, security design as well as management should consider reading it.
There are 9 chapters distributed across around 190 pages. The most interesting chapters that other books do not discuss are chapter 1, in which the author defines the 3 immutable principles of computer network exploitation and that every defender needs to understand.
Chapter 4 discusses the asymmetries between the attacker and defender in contrast to what is believed today, that cost and attribution are the main asymmetries between attacker and defender to the extent that it is often cited in international cyber policy research papers and reports as the main barriers to establish an effective international cybersecurity policy.
Chapter 7 explains what is the offensive strategy of the attacker and what is the trade-off in every computer network exploitation campaign. The topics discussed in this chapter will be especially beneficial for those in the strategic field of threat intelligence and intrusion analysis from a strategic point of view. These trade-offs are the same that many experts apply and understand in the threat analysis field and that are working today in top vendors in the threat intelligence industry.
Chapter 9 is the final chapter in which there are several proposed case studies to apply the framework presented throughout the book.
I wonder, as an avid reader of textbooks, how this one has gone under the radar for so long. Fortunately, the book was only written 4 years ago and the topics discussed in it are and will continue to be relevant for the cyber threat industry.