0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Incident Response for Windows

You're reading from Incident Response for Windows Adapt effective strategies for managing sophisticated cyberattacks targeting Windows systems

Product type Paperback

Published in Aug 2024

Publisher Packt

ISBN-13 9781804619322

Length 244 pages

Edition 1st Edition

Concepts

Cybersecurity

Authors (2):

Anatoly Tykushin

Svetlana Ostrovskaya

View More author details

Table of Contents (20) Chapters

Preface

1. Part 1: Understanding the Threat Landscape and Attack Life Cycle

2. Chapter 1: Introduction to the Threat Landscape FREE CHAPTER

3. Chapter 2: Understanding the Attack Life Cycle

4. Part 2: Incident Response Procedures and Endpoint Forensic Evidence Collection

5. Chapter 3: Phases of an Efficient Incident Response on Windows Infrastructure

6. Chapter 4: Endpoint Forensic Evidence Collection

7. Part 3: Incident Analysis and Threat Hunting on Windows Systems

8. Chapter 5: Gaining Access to the Network

9. Chapter 6: Establishing a Foothold

10. Chapter 7: Network and Key Assets Discovery

11. Chapter 8: Network Propagation

12. Chapter 9: Data Collection and Exfiltration

13. Chapter 10: Impact

14. Chapter 11: Threat Hunting and Analysis of TTPs

15. Part 4: Incident Investigation Management and Reporting

16. Chapter 12: Incident Containment, Eradication, and Recovery

17. Chapter 13: Incident Investigation Closure and Reporting

18. Index

Why subscribe?

19. Other Books You May Enjoy

Incident closure

Once the incident is mitigated and there are no intrusion signs remaining, the infrastructure is recovered and ready to return to normal operations.

Let’s have a look at our IR phases diagram in Figure 13.1. Post-incident steps are highlighted by a blue rectangle:

Figure 13.1 – Post-incident phase description

Figure 13.1 – Post-incident phase description

The process seems simple and straightforward; however, it still needs a detailed explanation. Table 13.1 uncovers the inputs, description, and outputs of each action item:

Action

Description of activity

12a. Provide Incident Report

Input(s): Result of incident investigation, containment, recovery phases

Output(s): Incident Report, Lessons Learned

Subject-matter experts (SMEs) or an external IRT (if engaged) prepare the incident report

Prepare a lessons-learned meeting with...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (2)

Tykushin

Tykushin

Anatoly Tykushin is a services director at Group-IB with 6 years of experience in digital forensics, incident response, compromise assessment, and threat hunting. He has created several DFIR training programs in incident response and network forensics, written several blog posts, and contributed to threat research reports. Outside of DFIR, he has a background in IT administration and DevOps, microcontroller unit development in C, and ASM.

See other products by Tykushin

Ostrovskaya

Ostrovskaya

Svetlana Ostrovskaya is a practicing specialist in digital forensics and incident response at Group-IB. She is the author of DFIR training programs and cybersecurity crisis management workshops, and the author and co-author of blog posts, articles, and books on information security, computer forensics, and incident response.

See other products by Ostrovskaya

Personalised recommendations for you

Based on your interests and search pattern

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m