Discover Incident Response (IR), from its evolution to implementation
Understand cybersecurity essentials and IR best practices through real-world phishing incident scenarios
Explore the current challenges in IR through the perspectives of leading experts
Description
Cybercriminals are always in search of new methods to infiltrate systems. Quickly responding to an incident will help organizations minimize losses, decrease vulnerabilities, and rebuild services and processes.
In the wake of the COVID-19 pandemic, with most organizations gravitating towards remote working and cloud computing, this book uses frameworks such as MITRE ATT&CK® and the SANS IR model to assess security risks.
The book begins by introducing you to the cybersecurity landscape and explaining why IR matters. You will understand the evolution of IR, current challenges, key metrics, and the composition of an IR team, along with an array of methods and tools used in an effective IR process. You will then learn how to apply these strategies, with discussions on incident alerting, handling, investigation, recovery, and reporting.
Further, you will cover governing IR on multiple platforms and sharing cyber threat intelligence and the procedures involved in IR in the cloud. Finally, the book concludes with an “Ask the Experts” chapter wherein industry experts have provided their perspective on diverse topics in the IR sphere.
By the end of this book, you should become proficient at building and applying IR strategies pre-emptively and confidently.
Who is this book for?
This book is aimed at first-time incident responders, cybersecurity enthusiasts who want to get into IR, and anyone who is responsible for maintaining business security. It will also interest CIOs, CISOs, and members of IR, SOC, and CSIRT teams. However, IR is not just about information technology or security teams, and anyone with a legal, HR, media, or other active business role would benefit from this book.
The book assumes you have some admin experience. No prior DFIR experience is required. Some infosec knowledge will be a plus but isn’t mandatory.
What you will learn
Understand IR and its significance
Organize an IR team
Explore best practices for managing attack situations with your IR team
Form, organize, and operate a product security team to deal with product vulnerabilities and assess their severity
Organize all the entities involved in product security response
Respond to security vulnerabilities using tools developed by Keepnet Labs and Binalyze
I read this book and highly recommend if you are going to organize Incident Response Plan and Procedure.All chapters are explained clearly and widely.Thanks to Erdal Özkaya for such a wonderful source.
Amazon Verified review
BeagleOct 22, 2021
5
I have read many books on cybersecurity, and while I have found many to have some useful information Dr Erdal Ozkaya presents this information in a down to earth realistic matter which allows you to apply the principles which he outlines to real-world scenarios and derive immense and immediate value from this book. I would recommend this book to any cybersecurity professional and especially anyone interested in learning the fundamentals of incident response, there is not a more valuable resource you can find to learn from.
Amazon Verified review
CISOAug 09, 2022
5
This book is a comprehensive guide for any organization to get prepared for the eventuality of a cyberattack. The book covers how to control cybersecurity breaches ,helping you to speed up the recovery time, and minimize the damage costs .As CISO I bought this book not just for my self but also to my team to help them increase their awareness and knowledge based on real life examples covered in the book .Happy reading
Amazon Verified review
Dr. Roderick Arthur - Security Operations at ConfidentialMar 15, 2021
5
I was lucky to receive a review copy of this book, and If you're looking for a better understanding of responding to security incidents in the cloud, read Dr. Ozkaya's "Incident Response in the Age of Cloud!" Dr. Ozkaya uses a step-by-step process, covering everything from key metrics for IR, to IR best practices. Not only are the methods based on the author's own experiences, included are inputs from other industry experts. A must read from incident responders, and easily a five star read.
Amazon Verified review
RDiverMar 20, 2021
5
622 pages ! this is a lot of work and certainly a topic that needs this level of detail. Recommended reading for anyone enhancing their security strategy, building a SOC, consulting for customers, and especially for anyone new to Cyber Security that wants to jump in at the deep-end :)In this book Dr Erdal Ozkaya covers every aspect of Incident response from team composition and methodologies, to incident handling and investigations, including metrics your team can use to improve success rates through continuous practice.This book provides great coverage of how to handle one of the most common forms of incidents: Phishing attacks. There are guides also for several types of IR activities across many workloads. Get hands on with the step by step guidance based on real-life experience and deep expertise from many industry experts.
Dr. Erdal Ozkaya is named among the Top 50 Technology Leaders by CIO Online & IDC. He is a Chief Cybersecurity Strategist and CISO at Xcitium (Comodo Cybersecurity), and a professor at Charles Sturt University. His expertise spans end-to-end IT solutions, management, communications, and innovation. He's a well-known public speaker, an award-winning technical expert, author, and creator of certifications (courseware and exams) for prestigious organizations such as Microsoft, EC Council, CertNexus, and other expert-level vendors with an esteemed list of credits to his name. He is working with an ardent passion for raising cyber awareness and leveraging new, innovative approaches.
Where there is an eBook version of a title available, you can buy it from the book details for that title. Add either the standalone eBook or the eBook and print book bundle to your shopping cart. Your eBook will show in your cart as a product on its own. After completing checkout and payment in the normal way, you will receive your receipt on the screen containing a link to a personalised PDF download file. This link will remain active for 30 days. You can download backup copies of the file by logging in to your account at any time.
If you already have Adobe reader installed, then clicking on the link will download and open the PDF file directly. If you don't, then save the PDF file on your machine and download the Reader to view it.
Please Note: Packt eBooks are non-returnable and non-refundable.
Packt eBook and Licensing When you buy an eBook from Packt Publishing, completing your purchase means you accept the terms of our licence agreement. Please read the full text of the agreement. In it we have tried to balance the need for the ebook to be usable for you the reader with our needs to protect the rights of us as Publishers and of our authors. In summary, the agreement says:
You may make copies of your eBook for your own use onto any machine
You may not pass copies of the eBook on to anyone else
How can I make a purchase on your website?
If you want to purchase a video course, eBook or Bundle (Print+eBook) please follow below steps:
Register on our website using your email address and the password.
Search for the title by name or ISBN using the search option.
Select the title you want to purchase.
Choose the format you wish to purchase the title in; if you order the Print Book, you get a free eBook copy of the same title.
Proceed with the checkout process (payment to be made using Credit Card, Debit Cart, or PayPal)
Where can I access support around an eBook?
If you experience a problem with using or installing Adobe Reader, the contact Adobe directly.
To view the errata for the book, see www.packtpub.com/support and view the pages for the title you have.
To view your account details or to download a new copy of the book go to www.packtpub.com/account
Our eBooks are currently available in a variety of formats such as PDF and ePubs. In the future, this may well change with trends and development in technology, but please note that our PDFs are not Adobe eBook Reader format, which has greater restrictions on security.
You will need to use Adobe Reader v9 or later in order to read Packt's PDF eBooks.
What are the benefits of eBooks?
You can get the information you need immediately
You can easily take them with you on a laptop
You can download them an unlimited number of times
You can print them out
They are copy-paste enabled
They are searchable
There is no password protection
They are lower price than print
They save resources and space
What is an eBook?
Packt eBooks are a complete electronic version of the print edition, available in PDF and ePub formats. Every piece of content down to the page numbering is the same. Because we save the costs of printing and shipping the book to you, we are able to offer eBooks at a lower cost than print editions.
When you have purchased an eBook, simply login to your account and click on the link in Your Download Area. We recommend you saving the file to your hard drive before opening it.
For optimal viewing of our eBooks, we recommend you download and install the free Adobe Reader version 9.