Steve Anson

Applied Incident Response

Name: Applied Incident Response
Brand: John Wiley & Sons Inc
SKU: 9781119560265
Price: 45.99 EUR
Availability: InStock

★★★★★

€45.99

Product variants

A01=Steve Anson

applied cybersecurity

Author_Steve Anson

Category=UT

cybersecurity analysis

cybersecurity incident handling

cybersecurity incident reference

cybersecurity incident response

cybersecurity malware

cybersecurity readiness

cybersecurity tools

cybersecurity training

eq_bestseller

eq_computing

eq_isMigrated=1

eq_isMigrated=2

eq_nobargain

eq_non-fiction

Product details

ISBN 9781119560265
Weight: 658g
Dimensions: 188 x 231mm
Publication Date: 09 Mar 2020
Publisher: John Wiley & Sons Inc
Publication City/Country: US
Product Form: Paperback

Delivery/Collection within 10-20 working days

Our Delivery Time Frames Explained
2-4 Working Days: Available in-stock

10-20 Working Days: On Backorder

Will Deliver When Available: On Pre-Order or Reprinting

We ship your order once all items have arrived at our warehouse and are processed. Need those 2-4 day shipping items sooner? Just place a separate order for them!

Incident response is critical for the active defense of any network, and incident responders need up-to-date, immediately applicable techniques with which to engage the adversary. Applied Incident Response details effective ways to respond to advanced attacks against local and remote network resources, providing proven response techniques and a framework through which to apply them. As a starting point for new incident handlers, or as a technical reference for hardened IR veterans, this book details the latest techniques for responding to threats against your network, including:

Preparing your environment for effective incident response
Leveraging MITRE ATT&CK and threat intelligence for active network defense
Local and remote triage of systems using PowerShell, WMIC, and open-source tools
Acquiring RAM and disk images locally and remotely
Analyzing RAM with Volatility and Rekall
Deep-dive forensic analysis of system drives using open-source or commercial tools
Leveraging Security Onion and Elastic Stack for network security monitoring
Techniques for log analysis and aggregating high-value logs
Static and dynamic analysis of malware with YARA rules, FLARE VM, and Cuckoo Sandbox
Detecting and responding to lateral movement techniques, including pass-the-hash, pass-the-ticket, Kerberoasting, malicious use of PowerShell, and many more
Effective threat hunting techniques
Adversary emulation with Atomic Red Team
Improving preventive and detective controls

Steve Anson is a SANS Certified Instructor and co-founder of leading IT security company Forward Defense. He has over 20 years of experience investigating cybercrime and network intrusion incidents. As a former US federal agent, Steve specialized in intrusion investigations for the FBI and DoD. He has taught incident response and digital forensics techniques to thousands of students around the world on behalf of the FBI Academy, US Department of State, and the SANS Institute. He has assisted governments in over 50 countries to improve their strategic and tactical response to computer-facilitated crimes and works with a range of multinational organizations to prevent, detect and respond to network security incidents.