Деталі електронної книги

Incident Response with Threat Intelligence. Practical insights into developing an incident response capability through intelligence-based threat hunting

Incident Response with Threat Intelligence. Practical insights into developing an incident response capability through intelligence-based threat hunting

Roberto Martinez

Eлектронна книга
Купуйте видання на ebookpoint.pl
With constantly evolving cyber threats, developing a cybersecurity incident response capability to identify and contain threats is indispensable for any organization regardless of its size. This book covers theoretical concepts and a variety of real-life scenarios that will help you to apply these concepts within your organization.
Starting with the basics of incident response, the book introduces you to professional practices and advanced concepts for integrating threat hunting and threat intelligence procedures in the identification, contention, and eradication stages of the incident response cycle. As you progress through the chapters, you'll cover the different aspects of developing an incident response program. You'll learn the implementation and use of platforms such as TheHive and ELK and tools for evidence collection such as Velociraptor and KAPE before getting to grips with the integration of frameworks such as Cyber Kill Chain and MITRE ATT&CK for analysis and investigation. You'll also explore methodologies and tools for cyber threat hunting with Sigma and YARA rules.
By the end of this book, you'll have learned everything you need to respond to cybersecurity incidents using threat intelligence.
  • 1. Threat Landscape and Cybersecurity Incidents
  • 2. Concepts of Digital Forensics and Incident Response
  • 3. Basics of the Incident Response and Triage Procedures
  • 4. Applying First Response Procedures
  • 5. Identifying and Profiling Threat Actors
  • 6. Understanding the Cyber Kill Chain and the MITRE ATT&CK Framework
  • 7. Using Cyber Threat Intelligence in Incident Response
  • 8. Building an Incident Response Capability
  • 9. Creating Incident Response Plans and Playbooks
  • 10. Implementing an Incident Management System
  • 11. Integrating SOAR Capabilities into Incident Response
  • 12. Working with Analytics and Detection Engineering in Incident Response
  • 13. Creating and Deploying Detection Rules
  • 14. Hunting and Investigating Security Incidents
  • Назва: Incident Response with Threat Intelligence. Practical insights into developing an incident response capability through intelligence-based threat hunting
  • Автор: Roberto Martinez
  • Оригінальна назва: Incident Response with Threat Intelligence. Practical insights into developing an incident response capability through intelligence-based threat hunting
  • ISBN: 9781801070997, 9781801070997
  • Дата видання: 2022-06-24
  • Формат: Eлектронна книга
  • Ідентифікатор видання: e_2t36
  • Видавець: Packt Publishing