{"product_id":"applied-incident-response-paperback-1","title":"Applied Incident Response - Paperback","description":"\u003cdiv\u003e\u003cp style=\"text-align: right;\"\u003e\u003ca href=\"https:\/\/reportcopyrightinfringement.com\/\" target=\"_blank\" rel=\"nofollow\"\u003e\u003cb\u003eReport copyright infringement\u003c\/b\u003e\u003c\/a\u003e\u003c\/p\u003e\u003c\/div\u003e\u003cp\u003eby \u003cb\u003eSteve Anson\u003c\/b\u003e (Author)\u003c\/p\u003e\u003cp\u003e\u003c\/p\u003e\u003cp\u003eIncident response is critical for the active defense of any network, and incident responders need up-to-date, immediately applicable techniques with which to engage the adversary. \u003ci\u003eApplied Incident Response\u003c\/i\u003e details effective ways to respond to advanced attacks against local and remote network resources, providing proven response techniques and a framework through which to apply them. As a starting point for new incident handlers, or as a technical reference for hardened IR veterans, this book details the latest techniques for responding to threats against your network, including: \u003c\/p\u003e \u003cul\u003e \u003cli\u003ePreparing your environment for effective incident response\u003c\/li\u003e \u003cli\u003eLeveraging MITRE ATT\u0026amp;CK and threat intelligence for active network defense\u003c\/li\u003e \u003cli\u003eLocal and remote triage of systems using PowerShell, WMIC, and open-source tools\u003c\/li\u003e \u003cli\u003eAcquiring RAM and disk images locally and remotely\u003c\/li\u003e \u003cli\u003eAnalyzing RAM with Volatility and Rekall\u003c\/li\u003e \u003cli\u003eDeep-dive forensic analysis of system drives using open-source or commercial tools\u003c\/li\u003e \u003cli\u003eLeveraging Security Onion and Elastic Stack for network security monitoring\u003c\/li\u003e \u003cli\u003eTechniques for log analysis and aggregating high-value logs\u003c\/li\u003e \u003cli\u003eStatic and dynamic analysis of malware with YARA rules, FLARE VM, and Cuckoo Sandbox\u003c\/li\u003e \u003cli\u003eDetecting and responding to lateral movement techniques, including pass-the-hash, pass-the-ticket, Kerberoasting, malicious use of PowerShell, and many more\u003c\/li\u003e \u003cli\u003eEffective threat hunting techniques\u003c\/li\u003e \u003cli\u003eAdversary emulation with Atomic Red Team\u003c\/li\u003e \u003cli\u003eImproving preventive and detective controls\u003c\/li\u003e \u003c\/ul\u003e\u003ch3\u003eBack Jacket\u003c\/h3\u003e\u003cp\u003e\u003c\/p\u003e\u003cp\u003e\u003cb\u003eDEFEND YOUR NETWORK WITH IMMEDIATELY APPLICABLE INCIDENT RESPONSE SKILLS\u003c\/b\u003e \u003c\/p\u003e\u003cp\u003eIncident response is critical for the active defense of any network, and incident responders need up-to-date, actionable techniques with which to engage the adversary\u003ci\u003e. Applied Incident Response\u003c\/i\u003e details effective ways to respond to advanced attacks against local and remote network resources, providing proven response methods and a framework through which to implement them. Drawing on the author's experience investigating intrusions for the FBI, US Department of Defense (DoD), and many international organizations, this authoritative book covers the core skills needed for incident handling and active network defense, including triaging systems, acquiring memory, imaging disks, collecting network data, log analysis, memory forensics, disk forensics, network security monitoring, adversary emulation, threat hunting, and more. Examples focus on free and open-source tools, but introduce commercial alternatives as well. \u003c\/p\u003e\u003cp\u003eAs a starting point for new incident handlers, or as a technical reference for hardened incident response veterans, this book details the latest techniques for responding to threats against your network, including: \u003c\/p\u003e\u003cul\u003e \u003cli\u003ePreparing your environment for effective incident response\u003c\/li\u003e \u003cli\u003eLeveraging MITRE ATT\u0026amp;CK and threat intelligence for active network defense\u003c\/li\u003e \u003cli\u003eLocal and remote triage of systems using PowerShell, WMIC, and open-source tools\u003c\/li\u003e \u003cli\u003eAcquiring RAM and disk images locally and remotely\u003c\/li\u003e \u003cli\u003eAnalyzing RAM with Volatility and Rekall\u003c\/li\u003e \u003cli\u003eDeep-dive forensic analysis of system drives using open-source or commercial tools\u003c\/li\u003e \u003cli\u003eLeveraging Security Onion and Elastic Stack for network security monitoring\u003c\/li\u003e \u003cli\u003eTechniques for log analysis and aggregating high-value logs\u003c\/li\u003e \u003cli\u003eStatic and dynamic analysis of malware with YARA rules, FLARE VM, and Cuckoo Sandbox\u003c\/li\u003e \u003cli\u003eDetecting and responding to lateral movement techniques, including pass-the-hash, pass-the-ticket, Kerberoasting, malicious use of PowerShell, and many more\u003c\/li\u003e \u003cli\u003eEffective threat hunting techniques\u003c\/li\u003e \u003cli\u003eAdversary emulation with Atomic Red Team\u003c\/li\u003e \u003cli\u003eImproving preventive and detective controls\u003c\/li\u003e \u003c\/ul\u003e\u003ch3\u003eAuthor Biography\u003c\/h3\u003e\u003cp\u003e\u003c\/p\u003e\u003cp\u003e\u003cb\u003eSteve Anson\u003c\/b\u003e is a SANS Certified Instructor and co-founder of leading IT security company Forward Defense. He has over 20 years of experience investigating cybercrime and network intrusion incidents. As a former US federal agent, Steve specialized in intrusion investigations for the FBI and DoD. He has taught incident response and digital forensics techniques to thousands of students around the world on behalf of the FBI Academy, US Department of State, and the SANS Institute. He has assisted governments in over 50 countries to improve their strategic and tactical response to computer-facilitated crimes and works with a range of multinational organizations to prevent, detect and respond to network security incidents.\u003c\/p\u003e\n            \u003cdiv\u003e\n\u003cstrong\u003eNumber of Pages:\u003c\/strong\u003e 464\u003c\/div\u003e\n            \u003cdiv\u003e\n\u003cstrong\u003eDimensions:\u003c\/strong\u003e 1 x 9.2 x 7.4 IN\u003c\/div\u003e\n            \u003cdiv\u003e\n\u003cstrong\u003ePublication Date:\u003c\/strong\u003e January 29, 2020\u003c\/div\u003e\n            ","brand":"BooksCloud","offers":[{"title":"Default Title","offer_id":47212120441081,"sku":"9781119560265","price":47.0,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0789\/2782\/3097\/files\/aVNYaURUemxBcEN2eWVaNTZlK2RkUT09_fa8ec684-a23a-41d6-b13c-8f95294be8ad.webp?v=1768088074","url":"https:\/\/bookscloud.io\/products\/applied-incident-response-paperback-1","provider":"BooksCloud Book Dropshipping","version":"1.0","type":"link"}