Michael A. Davis

Hacking Exposed: Malware and Rootkits

Defend against the ongoing wave of malware and rootkit assaults the failsafe Hacking Exposed way. Real-world case studies and examples reveal how today’s hackers use readily available tools to infiltrate and hijack systems. Step-by-step countermeasures provide proven prevention techniques. Find out how to detect and eliminate malicious embedded code, block pop-ups and websites, prevent keylogging, and terminate rootkits. The latest intrusion detection, firewall, honeynet, antivirus, anti-rootkit, and anti-spyware technologies are covered in detail.

• Understand how malware infects, survives, and propagates across an enterprise
• Learn how hackers use archivers, encryptors, and packers to obfuscate code
• Implement effective intrusion detection and prevention procedures
• Defend against keylogging, redirect, click fraud, and identity theft threats
• Detect, kill, and remove virtual, user-mode, and kernel-mode rootkits
• Prevent malicious website, phishing, client-side, and embedded-code exploits
• Protect hosts using the latest antivirus, pop-up blocker, and firewall software
• Identify and terminate malicious processes using HIPS and NIPS

“Hacking Exposed wastes no time in explaining how to implement the countermeasures–where they exist–that will render known attacks ineffective. Taking on the major network operating systems and network devices one at a time, the authors tell you exactly what Unix configuration files to alter, what Windows NT Registry keys to change, and what settings to make in NetWare. They spare no criticism of products with which they aren’t impressed, and don’t hesitate to point out inherent, uncorrectable security weaknesses where they find them. This book is no mere rehashing of generally accepted security practices. It and its companion Web site are the best way for all of you network administrators to know thine enemies.”  –David Wall

Michael A. Davis has been privileged to help shape and educate the global community on the evolution of IT security. His portfolio of clients includes international corporations such as AT&T, Sears, and Exelon as well as the U.S. Department of Defense. Davis’ early embrace of entrepreneurship earned him a spot on BusinessWeek’s “Top 25 under 25” list, recognizing his launch of IT security consulting firm Savid Technologies, which was recognized as one of the fastest growing companies of its decade. He has a passion for educating others and as a contributing author for the “Hacking Exposed” books, has become a keynote speaker at dozens of conferences and symposiums worldwide.

Most recently, Davis has served as CTO of CounterTack, provider of an endpoint security platform delivering real-time cyber threat detection and forensics. He chose to join the company because he recognized that the battle is moving to the endpoint, and that conventional IT security technologies can’t protect enterprises. Rather, he saw a need to deliver to the community continuous attack monitoring backed by automated threat analysis.

Davis brings a solid background in IT threat assessment and protection to his latest posting, having been Senior Manager Global Threats for McAfee prior to launching Savid, which was acquired by External IT.

Aside from his work advancing cyber security, Davis authors through industry publications including InformationWeek and Dark Reading. Additionally, he has been a partner in a number of diverse entrepreneurial startups; held a leadership position at 3com; managed two Internet service providers; and recently served as President/CEO of the InClaro Group, a firm providing information security advisory and consulting services based on a unique risk assessment methodology.

Davis’ ability to analyze, translate, and make connections among emerging IT and security trends combined with a business and entrepreneurial mindset make him a popular speaker — he strives to present complex concepts in a way that delivers value to a range of listeners. He regularly presents at industry conferences including Black Hat, Interop, SuperStrategies, and InfoSecWorld. His long-term vision, to create systems that will “push defenders ahead of attackers,” is relevant to a wide array of enterprise, government and vertical-industry stakeholders.