Applied Incident Response
List Price:
$47.00
- Availability: Confirm prior to ordering
- Branding: minimum 50 pieces (add’l costs below)
- Check Freight Rates (branded products only)
Branding Options (v), Availability & Lead Times
- 1-Color Imprint: $2.00 ea.
- Promo-Page Insert: $2.50 ea. (full-color printed, single-sided page)
- Belly-Band Wrap: $2.50 ea. (full-color printed)
- Set-Up Charge: $45 per decoration
- Availability: Product availability changes daily, so please confirm your quantity is available prior to placing an order.
- Branded Products: allow 10 business days from proof approval for production. Branding options may be limited or unavailable based on product design or cover artwork.
- Unbranded Products: allow 3-5 business days for shipping. All Unbranded items receive FREE ground shipping in the US. Inquire for international shipping.
- RETURNS/CANCELLATIONS: All orders, branded or unbranded, are NON-CANCELLABLE and NON-RETURNABLE once a purchase order has been received.
Product Details
Author:
Steve Anson
Format:
Paperback
Pages:
464
Publisher:
Wiley (January 29, 2020)
Language:
English
Audience:
General/trade
ISBN-13:
9781119560265
Weight:
23.2oz
Case Pack:
18
File:
Wiley-wileyUS_2_1_20260415-20260415.xml
Folder:
Wiley
List Price:
$47.00
As low as:
$44.65
Publisher Identifier:
P-WIL
Discount Code:
D
Dimensions:
7.4" x 9.1" x 1.1"
Country of Origin:
United States
Pub Discount:
50
Imprint:
Wiley
Overview
Incident response is critical for the active defense of any network, and incident responders need up-to-date, immediately applicable techniques with which to engage the adversary. Applied Incident Response details effective ways to respond to advanced attacks against local and remote network resources, providing proven response techniques and a framework through which to apply them. As a starting point for new incident handlers, or as a technical reference for hardened IR veterans, this book details the latest techniques for responding to threats against your network, including:
- Preparing your environment for effective incident response
- Leveraging MITRE ATT&CK and threat intelligence for active network defense
- Local and remote triage of systems using PowerShell, WMIC, and open-source tools
- Acquiring RAM and disk images locally and remotely
- Analyzing RAM with Volatility and Rekall
- Deep-dive forensic analysis of system drives using open-source or commercial tools
- Leveraging Security Onion and Elastic Stack for network security monitoring
- Techniques for log analysis and aggregating high-value logs
- Static and dynamic analysis of malware with YARA rules, FLARE VM, and Cuckoo Sandbox
- Detecting and responding to lateral movement techniques, including pass-the-hash, pass-the-ticket, Kerberoasting, malicious use of PowerShell, and many more
- Effective threat hunting techniques
- Adversary emulation with Atomic Red Team
- Improving preventive and detective controls
