Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Defensive Security with Kali Purple
Defensive Security with Kali Purple

Defensive Security with Kali Purple: Cybersecurity strategies using ELK Stack and Kali Linux

eBook
€17.99 €26.99
Paperback
€33.99
Subscription
Free Trial
Renews at €18.99p/m

What do you get with eBook?

Product feature icon Instant access to your Digital eBook purchase
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Product feature icon AI Assistant (beta) to help accelerate your learning
OR
Modal Close icon
Payment Processing...
tick Completed

Billing Address

Table of content icon View table of contents Preview book icon Preview Book

Defensive Security with Kali Purple

An Introduction to Cybersecurity

If you’re reading this book, there’s a great chance you’re already familiar with cybersecurity. You might even already have some experience with Linux or even the Kali variant of the Linux operating system (OS). It’s a popular tool used by offensive security people who are typically referred to as red teamers. Offensive security is when users simulate attacks to discover potential vulnerabilities within an organization’s technology. However, where there’s offense, there most assuredly is defense. In the world of computers and technology, people working on defensive security teams are typically referred to as blue teamers. If you’re familiar with the color wheel, then you know that when red is combined with blue, you get purple. Take the utilities of both offense and defense, bundle them as a software application suite added to a popular Linux OS, and there you have it. Welcome to Kali Purple!

In this...

How we got here

The need for a technologically advanced set of computer security tools in the world today is not something that just popped up overnight. There weren’t a couple of college students who decided to hone their coding skills out of boredom between classes. No – the idea of security for computing technology is a concept that evolved in parallel with the technologies themselves.

If you wanted to, you could probably find some historical parchment with ancient hieroglyphics or other language painted on it telling stories of the abacus. It might detail how someone, somewhere, managed to trick the ancient Mesopotamians by some art of visual misdirection toward the accountants and then move a bead or two on the abacus. We’ll let the historians determine and tell those stories. We are going to focus on the security of modern computing.

During the 1960s and 1970s, computer security was mostly security in the traditional sense of physical protection –...

Offensive security

The offensive security aspect hails from the red team side of the Purple family. Because it is the defensive toolset that sets Kali Purple apart from the rest, we will only highlight the offensive portion as it relates to use cases and testing the defensive setup of Purple. You will want to learn or at least have a basic understanding of offensive security to get the most robust rewards from Kali Purple. You will gain an understanding of enough offensive security and red team tools and techniques that you’ll be able to effectively test your defensive setup. That will also allow you to develop live presentations and proof-of-concept activities that you can use to train others or even play with yourself. This, by far, is not an exhaustive instruction or reference point for anyone who is exclusively or primarily interested in offensive security. It has only been included to make your Kali Purple journey proper and complete.

It’s expected that most who...

Defensive security

The uniqueness of Kali Purple is how it adds defensive tools to the Kali Linux distribution for blue team operators so that they may train junior analysts and/or otherwise do their jobs. Of course, to fully grasp where these tools might fit into an organization’s security posture, it might be helpful to know some of the terms associated with cyber defense. Here, we will go over some of the more commonly used terms and highlight the cyber defense concepts needed to navigate this book. We will talk more directly about what it means to be a blue teamer and gain an understanding of what the information security/CIA triad, SOC, SOAR, SIEM, IDS/IPS, and other concepts are. In the process, we will focus on how these items relate to Kali Purple.

If you’ve ever studied for a technology certification or any aspect of cybersecurity, you have likely been introduced to the information security triad, also known as the CIA triad. The three components –...

Summary

In this chapter, we discovered a solid base of actions and knowledge that led to the cybersecurity stage as we see it today. We were able to follow a brief history of security developments and events that created the protective needs businesses have today. In doing so, we examined Stuxnet, one of the world’s first uses of modern computing technology for weaponization and cyberwarfare. From there, we looked at a cyberattack that affected individuals in the masses with the Target attack of 2013. We saw how these two attacks led to much of the technology we are about to work with throughout the rest of this book.

As we navigated both the red and blue team tools included in the Kali Purple distribution or made available to add to it, we started to piece together the full picture of a well-rounded cybersecurity system. We were able to begin seeing the greater potential of Kali Purple and watch it slowly emerge as a comprehensive one-stop-shop capable of providing a great...

Questions

Answer the following questions to test your knowledge of this chapter:

  1. What is a SOC?
    1. Special operations command
    2. Standard of operational conduct
    3. Security operations center
    4. A piece of fabric someone wears on their foot
  2. What is the primary difference between Hydra and John the Ripper?
    1. Hydra’s focus is on password cracking from a hash list and John the Ripper’s is on brute-forcing with network applications
    2. John the Ripper’s focus is on password cracking from a hash list and Hydra’s is on brute-forcing with network applications
    3. Hydra has many heads whereas John the Ripper only has one
    4. All the above
    5. None of the above
  3. What is the downside of being known for having top-tier security?
    1. You become a target for adversaries looking to prove their mettle
    2. Your security budget is outrageous
    3. You’re so protected that your own mother cannot contact you
    4. Everybody expects you to share your secrets
  4. Which pocket-sized tool was used to deliver sabotage...

Further reading

To learn more about the topics that were covered in this chapter, take a look at the following resources:

Left arrow icon Right arrow icon

Key benefits

  • Gain practical experience in defensive security methods
  • Learn the correct process for acquiring, installing, and configuring a robust SOC from home
  • Create training scenarios for junior technicians and analysts using real-world cybersecurity utilities
  • Purchase of the print or Kindle book includes a free PDF eBook

Description

Defensive Security with Kali Purple combines red team tools from the Kali Linux OS and blue team tools commonly found within a security operations center (SOC) for an all-in-one approach to cybersecurity. This book takes you from an overview of today's cybersecurity services and their evolution to building a solid understanding of how Kali Purple can enhance training and support proof-of-concept scenarios for your technicians and analysts. After getting to grips with the basics, you’ll learn how to develop a cyber defense system for Small Office Home Office (SOHO ) services. This is demonstrated through the installation and configuration of supporting tools such as virtual machines, the Java SDK, Elastic, and related software. You’ll then explore Kali Purple’s compatibility with the Malcolm suite of tools, including Arkime, CyberChef, Suricata, and Zeek. As you progress, the book introduces advanced features, such as security incident response with StrangeBee’s Cortex and TheHive and threat and intelligence feeds. Finally, you’ll delve into digital forensics and explore tools for social engineering and exploit development. By the end of this book, you’ll have a clear and practical understanding of how this powerful suite of tools can be implemented in real-world scenarios.

Who is this book for?

This book is for entry-level cybersecurity professionals eager to explore a functional defensive environment. Cybersecurity analysts, SOC analysts, and junior penetration testers seeking to better understand their targets will find this content particularly useful. If you’re looking for a proper training mechanism for proof-of-concept scenarios, this book has you covered. While not a prerequisite, a solid foundation of offensive and defensive cybersecurity terms, along with basic experience using any Linux operating system, will make following along easier.

What you will learn

  • Set up and configure a fully functional miniature security operations center
  • Explore and implement the government-created Malcolm suite of tools
  • Understand traffic and log analysis using Arkime and CyberChef
  • Compare and contrast intrusion detection and prevention systems
  • Explore incident response methods through Cortex, TheHive, and threat intelligence feed integration
  • Leverage purple team techniques for social engineering and exploit development

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Jun 28, 2024
Length: 376 pages
Edition : 1st
Language : English
ISBN-13 : 9781835087350
Category :
Concepts :

What do you get with eBook?

Product feature icon Instant access to your Digital eBook purchase
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Product feature icon AI Assistant (beta) to help accelerate your learning
OR
Modal Close icon
Payment Processing...
tick Completed

Billing Address

Product Details

Publication date : Jun 28, 2024
Length: 376 pages
Edition : 1st
Language : English
ISBN-13 : 9781835087350
Category :
Concepts :

Packt Subscriptions

See our plans and pricing
Modal Close icon
€18.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
€189.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just €5 each
Feature tick icon Exclusive print discounts
€264.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just €5 each
Feature tick icon Exclusive print discounts

Frequently bought together


Stars icon
Total 97.97
API Security for White Hat Hackers
€33.99
Bug Bounty from Scratch
€29.99
Defensive Security with Kali Purple
€33.99
Total 97.97 Stars icon

Table of Contents

16 Chapters
Part 1:Introduction, History, and Installation Chevron down icon Chevron up icon
Chapter 1: An Introduction to Cybersecurity Chevron down icon Chevron up icon
Chapter 2: Kali Linux and the ELK Stack Chevron down icon Chevron up icon
Chapter 3: Installing the Kali Purple Linux Environment Chevron down icon Chevron up icon
Chapter 4: Configuring the ELK Stack Chevron down icon Chevron up icon
Chapter 5: Sending Data to the ELK Stack Chevron down icon Chevron up icon
Part 2: Data Analysis, Triage, and Incident Response Chevron down icon Chevron up icon
Chapter 6: Traffic and Log Analysis Chevron down icon Chevron up icon
Chapter 7: Intrusion Detection and Prevention Systems Chevron down icon Chevron up icon
Chapter 8: Security Incident and Response Chevron down icon Chevron up icon
Part 3: Digital Forensics, Offensive Security, and NIST CSF Chevron down icon Chevron up icon
Chapter 9: Digital Forensics Chevron down icon Chevron up icon
Chapter 10: Integrating the Red Team and External Tools Chevron down icon Chevron up icon
Chapter 11: Autopilot, Python, and NIST Control Chevron down icon Chevron up icon
Index Chevron down icon Chevron up icon
Other Books You May Enjoy Chevron down icon Chevron up icon

Customer reviews

Rating distribution
Full star icon Full star icon Full star icon Full star icon Half star icon 4.8
(5 Ratings)
5 star 80%
4 star 20%
3 star 0%
2 star 0%
1 star 0%
charles Oct 25, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Overall this is a good introduction to Kali Purple. It manages to strike a balance. It goes into a topic so you understand it and can go deeper as each tool can be a whole book on it's own. If you are a red team, blue team, or purple team member, this is a great addition to your bookshelf!
Amazon Verified review Amazon
Brit Sep 12, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
I am relatively new to Cybersecurity having traded my career in Criminal Justice for a career in Cybersecurity a little over a year ago. It is hard to find a balance with textbooks either being way to complex or just lacking the information I need to learn. This book is great for someone who needs to learn the fundamentals in order to advance their Cybersecurity knowledge. I have been recommending it to all of my friends who are trying to break into the field!
Amazon Verified review Amazon
Nicholas Carpenter Sep 12, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
As someone new to the cyber severity field. I found this book very interesting and informative. It has refreshed my drive and passion to learn more about this career path I’m on and advance my knowledge to the next level. Can’t wait to see what’s next.
Amazon Verified review Amazon
Darryl L. Rowe Oct 06, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
I'm now branching into YouTube videos to get familiar with the tools and reading other related material, including setting up a test lab. Let the fun begin.
Amazon Verified review Amazon
joe Oct 28, 2024
Full star icon Full star icon Full star icon Full star icon Empty star icon 4
Introduction to Kali Purple by Karl Lane offers a compelling exploration of the burgeoning field of purple teaming, effectively merging the offensive prowess of Kali Linux with the defensive strategies of a Security Operations Center (SOC). This book serves as a comprehensive guide for both seasoned professionals and newcomers eager to delve into the world of proactive cybersecurity.Strength:Clear and Concise Language: The author's writing style is approachable and easy to understand, making complex cybersecurity concepts accessible to a wider audience.Real-World Applicability: The book consistently emphasizes the practical application of purple teaming techniques in real-world scenarios. This focus on practicality ensures that readers can translate their knowledge into actionable skills.Areas for Improvement:Assumed Knowledge: While the book caters to entry-level professionals, a basic understanding of cybersecurity fundamentals and Linux is assumed. A more comprehensive introductory section could benefit readers with limited prior knowledge.
Amazon Verified review Amazon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

How do I buy and download an eBook? Chevron down icon Chevron up icon

Where there is an eBook version of a title available, you can buy it from the book details for that title. Add either the standalone eBook or the eBook and print book bundle to your shopping cart. Your eBook will show in your cart as a product on its own. After completing checkout and payment in the normal way, you will receive your receipt on the screen containing a link to a personalised PDF download file. This link will remain active for 30 days. You can download backup copies of the file by logging in to your account at any time.

If you already have Adobe reader installed, then clicking on the link will download and open the PDF file directly. If you don't, then save the PDF file on your machine and download the Reader to view it.

Please Note: Packt eBooks are non-returnable and non-refundable.

Packt eBook and Licensing When you buy an eBook from Packt Publishing, completing your purchase means you accept the terms of our licence agreement. Please read the full text of the agreement. In it we have tried to balance the need for the ebook to be usable for you the reader with our needs to protect the rights of us as Publishers and of our authors. In summary, the agreement says:

  • You may make copies of your eBook for your own use onto any machine
  • You may not pass copies of the eBook on to anyone else
How can I make a purchase on your website? Chevron down icon Chevron up icon

If you want to purchase a video course, eBook or Bundle (Print+eBook) please follow below steps:

  1. Register on our website using your email address and the password.
  2. Search for the title by name or ISBN using the search option.
  3. Select the title you want to purchase.
  4. Choose the format you wish to purchase the title in; if you order the Print Book, you get a free eBook copy of the same title. 
  5. Proceed with the checkout process (payment to be made using Credit Card, Debit Cart, or PayPal)
Where can I access support around an eBook? Chevron down icon Chevron up icon
  • If you experience a problem with using or installing Adobe Reader, the contact Adobe directly.
  • To view the errata for the book, see www.packtpub.com/support and view the pages for the title you have.
  • To view your account details or to download a new copy of the book go to www.packtpub.com/account
  • To contact us directly if a problem is not resolved, use www.packtpub.com/contact-us
What eBook formats do Packt support? Chevron down icon Chevron up icon

Our eBooks are currently available in a variety of formats such as PDF and ePubs. In the future, this may well change with trends and development in technology, but please note that our PDFs are not Adobe eBook Reader format, which has greater restrictions on security.

You will need to use Adobe Reader v9 or later in order to read Packt's PDF eBooks.

What are the benefits of eBooks? Chevron down icon Chevron up icon
  • You can get the information you need immediately
  • You can easily take them with you on a laptop
  • You can download them an unlimited number of times
  • You can print them out
  • They are copy-paste enabled
  • They are searchable
  • There is no password protection
  • They are lower price than print
  • They save resources and space
What is an eBook? Chevron down icon Chevron up icon

Packt eBooks are a complete electronic version of the print edition, available in PDF and ePub formats. Every piece of content down to the page numbering is the same. Because we save the costs of printing and shipping the book to you, we are able to offer eBooks at a lower cost than print editions.

When you have purchased an eBook, simply login to your account and click on the link in Your Download Area. We recommend you saving the file to your hard drive before opening it.

For optimal viewing of our eBooks, we recommend you download and install the free Adobe Reader version 9.