0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Incident Response for Windows

You're reading from Incident Response for Windows Adapt effective strategies for managing sophisticated cyberattacks targeting Windows systems

Product type Paperback

Published in Aug 2024

Publisher Packt

ISBN-13 9781804619322

Length 244 pages

Edition 1st Edition

Concepts

Cybersecurity

Authors (2):

Anatoly Tykushin

Svetlana Ostrovskaya

View More author details

Table of Contents (20) Chapters

Preface

1. Part 1: Understanding the Threat Landscape and Attack Life Cycle

2. Chapter 1: Introduction to the Threat Landscape FREE CHAPTER

3. Chapter 2: Understanding the Attack Life Cycle

4. Part 2: Incident Response Procedures and Endpoint Forensic Evidence Collection

5. Chapter 3: Phases of an Efficient Incident Response on Windows Infrastructure

6. Chapter 4: Endpoint Forensic Evidence Collection

7. Part 3: Incident Analysis and Threat Hunting on Windows Systems

8. Chapter 5: Gaining Access to the Network

9. Chapter 6: Establishing a Foothold

10. Chapter 7: Network and Key Assets Discovery

11. Chapter 8: Network Propagation

12. Chapter 9: Data Collection and Exfiltration

13. Chapter 10: Impact

14. Chapter 11: Threat Hunting and Analysis of TTPs

15. Part 4: Incident Investigation Management and Reporting

16. Chapter 12: Incident Containment, Eradication, and Recovery

17. Chapter 13: Incident Investigation Closure and Reporting

18. Index

Why subscribe?

19. Other Books You May Enjoy

Threat Hunting and Analysis of TTPs

In Chapter 3, the section on detection and analysis covered many possible cybersecurity incident discovery methods. Alerts from security controls, notifications from internal teams on suspicious behavior, and external notifications from subcontractors, counterparties, law enforcement agencies, and cyber threat intelligence cybersecurity vendors still don’t guarantee a holistic defense. Since 2017, the cybersecurity community began a new trend in proactive cyber threat discovery by applying the threat hunting process. Many vendors have tried to scrape this idea by misleading their clients using marketing tricks. It resulted in a lot of companies pulling IoCs from cyber threat intelligence providers, applying them to their security controls such as SIEM, AV, EDR, and Next-Generation Firewalls (NGFW) for retrospective scanning of the collected telemetry and calling it threat hunting.

However, it’s a big misconception. So, what is true...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at AU $24.99/month. Cancel anytime

Authors (2)

Tykushin

Tykushin

Anatoly Tykushin is a services director at Group-IB with 6 years of experience in digital forensics, incident response, compromise assessment, and threat hunting. He has created several DFIR training programs in incident response and network forensics, written several blog posts, and contributed to threat research reports. Outside of DFIR, he has a background in IT administration and DevOps, microcontroller unit development in C, and ASM.

See other products by Tykushin

Ostrovskaya

Ostrovskaya

Svetlana Ostrovskaya is a practicing specialist in digital forensics and incident response at Group-IB. She is the author of DFIR training programs and cybersecurity crisis management workshops, and the author and co-author of blog posts, articles, and books on information security, computer forensics, and incident response.

See other products by Ostrovskaya

Personalised recommendations for you

Based on your interests and search pattern

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m