Steve Anson 
Applied Incident Response [EPUB ebook] 

Soporte

Incident response is critical for the active defense of any network, and incident responders need up-to-date, immediately applicable techniques with which to engage the adversary. Applied Incident Response details effective ways to respond to advanced attacks against local and remote network resources, providing proven response techniques and a framework through which to apply them. As a starting point for new incident handlers, or as a technical reference for hardened IR veterans, this book details the latest techniques for responding to threats against your network, including:
* Preparing your environment for effective incident response
* Leveraging MITRE ATT&CK and threat intelligence for active network defense
* Local and remote triage of systems using Power Shell, WMIC, and open-source tools
* Acquiring RAM and disk images locally and remotely
* Analyzing RAM with Volatility and Rekall
* Deep-dive forensic analysis of system drives using open-source or commercial tools
* Leveraging Security Onion and Elastic Stack for network security monitoring
* Techniques for log analysis and aggregating high-value logs
* Static and dynamic analysis of malware with YARA rules, FLARE VM, and Cuckoo Sandbox
* Detecting and responding to lateral movement techniques, including pass-the-hash, pass-the-ticket, Kerberoasting, malicious use of Power Shell, and many more
* Effective threat hunting techniques
* Adversary emulation with Atomic Red Team
* Improving preventive and detective controls

€30.99
Métodos de pago

Sobre el autor

Steve Anson is a SANS Certified Instructor and co-founder of leading IT security company Forward Defense. He has over 20 years of experience investigating cybercrime and network intrusion incidents. As a former US federal agent, Steve specialized in intrusion investigations for the FBI and Do D. He has taught incident response and digital forensics techniques to thousands of students around the world on behalf of the FBI Academy, US Department of State, and the SANS Institute. He has assisted governments in over 50 countries to improve their strategic and tactical response to computer-facilitated crimes and works with a range of multinational organizations to prevent, detect and respond to network security incidents.

¡Compre este libro electrónico y obtenga 1 más GRATIS!
Idioma Inglés ● Formato EPUB ● Páginas 464 ● ISBN 9781119560319 ● Tamaño de archivo 40.8 MB ● Editorial John Wiley & Sons ● Publicado 2020 ● Edición 1 ● Descargable 24 meses ● Divisa EUR ● ID 7369437 ● Protección de copia Adobe DRM
Requiere lector de ebook con capacidad DRM

Más ebooks del mismo autor / Editor

3.375 Ebooks en esta categoría