De Aller-Bedste Bøger - over 12 mio. danske og engelske bøger
Levering: 1 - 2 hverdage
Hjælp
Login
  1. Forside
  2. Bøger
  3. Business og læring
  4. Computer og IT
  5. Applied Incident Response

Applied Incident Response

af Steve Anson
Applied Incident Response af Steve Anson
Bag om Applied Incident Response

Incident response is critical for the active defense of any network, and incident responders need up-to-date, immediately applicable techniques with which to engage the adversary. Applied Incident Response details effective ways to respond to advanced attacks against local and remote network resources, providing proven response techniques and a framework through which to apply them. As a starting point for new incident handlers, or as a technical reference for hardened IR veterans, this book details the latest techniques for responding to threats against your network, including: * Preparing your environment for effective incident response * Leveraging MITRE ATT&CK and threat intelligence for active network defense * Local and remote triage of systems using PowerShell, WMIC, and open-source tools * Acquiring RAM and disk images locally and remotely * Analyzing RAM with Volatility and Rekall * Deep-dive forensic analysis of system drives using open-source or commercial tools * Leveraging Security Onion and Elastic Stack for network security monitoring * Techniques for log analysis and aggregating high-value logs * Static and dynamic analysis of malware with YARA rules, FLARE VM, and Cuckoo Sandbox * Detecting and responding to lateral movement techniques, including pass-the-hash, pass-the-ticket, Kerberoasting, malicious use of PowerShell, and many more * Effective threat hunting techniques * Adversary emulation with Atomic Red Team * Improving preventive and detective controls

Vis mere
  • Sprog:
  • Engelsk
  • ISBN:
  • 9781119560265
  • Indbinding:
  • Paperback
  • Sideantal:
  • 464
  • Udgivet:
  • 9. marts 2020
  • Størrelse:
  • 234x188x19 mm.
  • Vægt:
  • 836 g.
  • 8-11 hverdage.
  • 7. marts 2025
På lager

Normalpris

Abonnementspris

- Rabat på køb af fysiske bøger
- 1 valgfrit digitalt ugeblad
- 20 timers lytning og læsning
- Adgang til 70.000+ titler
- Ingen binding

Abonnementet koster 75 kr./md.
Ingen binding og kan opsiges når som helst.

Bag om Steve Anson

Vis alle bøger af Steve Anson

Beskrivelse af Applied Incident Response

Incident response is critical for the active defense of any network, and incident responders need up-to-date, immediately applicable techniques with which to engage the adversary. Applied Incident Response details effective ways to respond to advanced attacks against local and remote network resources, providing proven response techniques and a framework through which to apply them. As a starting point for new incident handlers, or as a technical reference for hardened IR veterans, this book details the latest techniques for responding to threats against your network, including:
* Preparing your environment for effective incident response
* Leveraging MITRE ATT&CK and threat intelligence for active network defense
* Local and remote triage of systems using PowerShell, WMIC, and open-source tools
* Acquiring RAM and disk images locally and remotely
* Analyzing RAM with Volatility and Rekall
* Deep-dive forensic analysis of system drives using open-source or commercial tools
* Leveraging Security Onion and Elastic Stack for network security monitoring
* Techniques for log analysis and aggregating high-value logs
* Static and dynamic analysis of malware with YARA rules, FLARE VM, and Cuckoo Sandbox
* Detecting and responding to lateral movement techniques, including pass-the-hash, pass-the-ticket, Kerberoasting, malicious use of PowerShell, and many more
* Effective threat hunting techniques
* Adversary emulation with Atomic Red Team
* Improving preventive and detective controls

Brugerbedømmelser af Applied Incident Response



Andre købte også..
Find lignende bøger
Bogen Applied Incident Response findes i følgende kategorier: