Applied Incident Response
ISBN-13:
9781119560265
ISBN-10:
1119560268
Edition:
1
Author:
Steve Anson
Publication date:
2020
Publisher:
Wiley
Format:
Paperback
464 pages
FREE US shipping
on ALL non-marketplace orders
Rent
35 days
Due Jun 09, 2024
35 days
from $9.52
USD
Marketplace
from $34.35
USD
Marketplace offers
Seller
Condition
Note
Seller
Condition
New
Brand New! Not overstocks! Brand New direct from the publisher! Ships in sturdy cardboard packaging.
Book details
ISBN-13:
9781119560265
ISBN-10:
1119560268
Edition:
1
Author:
Steve Anson
Publication date:
2020
Publisher:
Wiley
Format:
Paperback
464 pages
Summary
Applied Incident Response (ISBN-13: 9781119560265 and ISBN-10: 1119560268), written by authors
Steve Anson, was published by Wiley in 2020.
With an overall rating of 3.8 stars, it's a notable title among other
Network Security
(Security & Encryption, Networking & Cloud Computing) books. You can easily purchase or rent Applied Incident Response (Paperback, Used) from BooksRun,
along with many other new and used
Network Security
books
and textbooks.
And, if you're looking to sell your copy, our current buyback offer is $9.72.
Description
Incident response is critical for the active defense of any network, and incident responders need up-to-date, immediately applicable techniques with which to engage the adversary. Applied Incident Response details effective ways to respond to advanced attacks against local and remote network resources, providing proven response techniques and a framework through which to apply them. As a starting point for new incident handlers, or as a technical reference for hardened IR veterans, this book details the latest techniques for responding to threats against your network, including:
- Preparing your environment for effective incident response
- Leveraging MITRE ATT&CK and threat intelligence for active network defense
- Local and remote triage of systems using PowerShell, WMIC, and open-source tools
- Acquiring RAM and disk images locally and remotely
- Analyzing RAM with Volatility and Rekall
- Deep-dive forensic analysis of system drives using open-source or commercial tools
- Leveraging Security Onion and Elastic Stack for network security monitoring
- Techniques for log analysis and aggregating high-value logs
- Static and dynamic analysis of malware with YARA rules, FLARE VM, and Cuckoo Sandbox
- Detecting and responding to lateral movement techniques, including pass-the-hash, pass-the-ticket, Kerberoasting, malicious use of PowerShell, and many more
- Effective threat hunting techniques
- Adversary emulation with Atomic Red Team
- Improving preventive and detective controls
We would LOVE it if you could help us and other readers by reviewing the book
Book review
Congratulations! We have received your book review.
{user}
{createdAt}
by {truncated_author}