Incident Response for Windows. Adapt effective strategies for managing sophisticated cyberattacks targeting Windows systems

Anatoly Tykushin, Svetlana Ostrovskaya, Dmitry Volkov

Cybersecurity threats are constantly evolving, posing serious risks to organizations. Incident Response for Windows, by cybersecurity experts Anatoly Tykushin and Svetlana Ostrovskaya, provides a practical hands-on guide to mitigating threats in Windows environments, drawing from their real-world experience in incident response and digital forensics.Designed for cybersecurity professionals, IT administrators, and digital forensics practitioners, the book covers the stages of modern cyberattacks, including reconnaissance, infiltration, network propagation, and data exfiltration. It takes a step-by-step approach to incident response, from preparation and detection to containment, eradication, and recovery. You will also explore Windows endpoint forensic evidence and essential tools for gaining visibility into Windows infrastructure. The final chapters focus on threat hunting and proactive strategies to identify cyber incidents before they escalate.By the end of this book, you will gain expertise in forensic evidence collection, threat hunting, containment, eradication, and recovery, equipping them to detect, analyze, and respond to cyber threats while strengthening your organization's security posture

Incident Response in the Age of Cloud. Techniques and best practices to effectively respond to cybersecurity incidents

Dr. Erdal Ozkaya

Cybercriminals are always in search of new methods to infiltrate systems. Quickly responding to an incident will help organizations minimize losses, decrease vulnerabilities, and rebuild services and processes.In the wake of the COVID-19 pandemic, with most organizations gravitating towards remote working and cloud computing, this book uses frameworks such as MITRE ATT&CK® and the SANS IR model to assess security risks.The book begins by introducing you to the cybersecurity landscape and explaining why IR matters. You will understand the evolution of IR, current challenges, key metrics, and the composition of an IR team, along with an array of methods and tools used in an effective IR process. You will then learn how to apply these strategies, with discussions on incident alerting, handling, investigation, recovery, and reporting.Further, you will cover governing IR on multiple platforms and sharing cyber threat intelligence and the procedures involved in IR in the cloud. Finally, the book concludes with an “Ask the Experts” chapter wherein industry experts have provided their perspective on diverse topics in the IR sphere.By the end of this book, you should become proficient at building and applying IR strategies pre-emptively and confidently.

Incident Response Techniques for Ransomware Attacks. Understand modern ransomware attacks and build an incident response strategy to work through them

Oleg Skulkin

Ransomware attacks have become the strongest and most persistent threat for many companies around the globe. Building an effective incident response plan to prevent a ransomware attack is crucial and may help you avoid heavy losses. Incident Response Techniques for Ransomware Attacks is designed to help you do just that.This book starts by discussing the history of ransomware, showing you how the threat landscape has changed over the years, while also covering the process of incident response in detail. You’ll then learn how to collect and produce ransomware-related cyber threat intelligence and look at threat actor tactics, techniques, and procedures. Next, the book focuses on various forensic artifacts in order to reconstruct each stage of a human-operated ransomware attack life cycle. In the concluding chapters, you’ll get to grips with various kill chains and discover a new one: the Unified Ransomware Kill Chain.By the end of this ransomware book, you’ll be equipped with the skills you need to build an incident response strategy for all ransomware attacks.

Incident Response with Threat Intelligence. Practical insights into developing an incident response capability through intelligence-based threat hunting

Roberto Martinez

With constantly evolving cyber threats, developing a cybersecurity incident response capability to identify and contain threats is indispensable for any organization regardless of its size. This book covers theoretical concepts and a variety of real-life scenarios that will help you to apply these concepts within your organization.Starting with the basics of incident response, the book introduces you to professional practices and advanced concepts for integrating threat hunting and threat intelligence procedures in the identification, contention, and eradication stages of the incident response cycle. As you progress through the chapters, you'll cover the different aspects of developing an incident response program. You'll learn the implementation and use of platforms such as TheHive and ELK and tools for evidence collection such as Velociraptor and KAPE before getting to grips with the integration of frameworks such as Cyber Kill Chain and MITRE ATT&CK for analysis and investigation. You'll also explore methodologies and tools for cyber threat hunting with Sigma and YARA rules.By the end of this book, you'll have learned everything you need to respond to cybersecurity incidents using threat intelligence.

Increasing Autodesk Revit Productivity for BIM Projects. A practical guide to using Revit workflows to improve productivity and efficiency in BIM projects

Fabio Roberti, Decio Ferreira

Increasing Autodesk Revit Productivity for BIM Projects takes a hands-on approach to implementing Revit effectively for everyone curious about this new and exciting methodology.Complete with step-by-step explanations of essential concepts and practical examples, this Revit book begins by explaining the principles of productivity in Revit and data management for BIM projects. You'll get to grips with the primary BIM documentation to start a BIM project, including the contract, Exchange Information Requirements (EIR), and BIM Execution Plan (BEP/BXP). Later, you'll create a Revit template, start a Revit project, and explore the core functionalities of Revit to increase productivity. Once you've built the foundation, you'll learn about Revit plugins and use Dynamo for visual programming and Power BI for analyzing BIM information.By the end of this book, you'll have a solid understanding of Revit as construction and design software, how to increase productivity in Revit, and how to apply multiple workflows in your project to manage BIM.

Industrial Cybersecurity. Efficiently monitor the cybersecurity posture of your ICS environment - Second Edition

Pascal Ackerman

With Industrial Control Systems (ICS) expanding into traditional IT space and even into the cloud, the attack surface of ICS environments has increased significantly, making it crucial to recognize your ICS vulnerabilities and implement advanced techniques for monitoring and defending against rapidly evolving cyber threats to critical infrastructure. This second edition covers the updated Industrial Demilitarized Zone (IDMZ) architecture and shows you how to implement, verify, and monitor a holistic security program for your ICS environment.You'll begin by learning how to design security-oriented architecture that allows you to implement the tools, techniques, and activities covered in this book effectively and easily. You'll get to grips with the monitoring, tracking, and trending (visualizing) and procedures of ICS cybersecurity risks as well as understand the overall security program and posture/hygiene of the ICS environment. The book then introduces you to threat hunting principles, tools, and techniques to help you identify malicious activity successfully. Finally, you'll work with incident response and incident recovery tools and techniques in an ICS environment.By the end of this book, you'll have gained a solid understanding of industrial cybersecurity monitoring, assessments, incident response activities, as well as threat hunting.

Industrial Cybersecurity. Efficiently secure critical infrastructure systems

Pascal Ackerman

With industries expanding, cyber attacks have increased significantly. Understanding your control system’s vulnerabilities and learning techniques to defend critical infrastructure systems from cyber threats is increasingly important. With the help of real-world use cases, this book will teach you the methodologies and security measures necessary to protect critical infrastructure systems and will get you up to speed with identifying unique challenges.Industrial cybersecurity begins by introducing Industrial Control System (ICS) technology, including ICS architectures, communication media, and protocols. This is followed by a presentation on ICS (in) security. After presenting an ICS-related attack scenario, securing of the ICS is discussed, including topics such as network segmentation, defense-in-depth strategies, and protective solutions. Along with practical examples for protecting industrial control systems, this book details security assessments, risk management, and security program development. It also covers essential cybersecurity aspects, such as threat detection and access management. Topics related to endpoint hardening such as monitoring, updating, and anti-malware implementations are also discussed.

Industrial Internet Application Development. Simplify IIoT development using public cloud and native cloud services

Alena Traukina, Jayant Thomas, Prashant Tyagi, Veera Kishore Reddipalli

The Industrial Internet refers to the integration of complex physical machines with networked sensors and software. The growth in the number of sensors used in industrial machinery has led to an exponential increase in data being captured for predictive analytics.Industrial Internet Application Development is a practical guide for developers who want to create applications that leverage the full capabilities of IIoT. You will get started by learning how to develop your first IIoT application and understanding its deployment and security. Once you’re familiar with what IIoT is, you will move on to exploring Edge Development along with the analytics aspect of the IIoT stack. In later chapters, you’ll get to grips with the deployment of IIoT applications on the Predix platform. As you cover these concepts, you’ll be able to identify key elements of the development framework and understand their importance while considering architecture and design for IIoT applications.By the end of this book, you will have the skills you need to deploy IIoT applications on the Predix platform and incorporate best practices for developing fault-tolerant and reliable IIoT systems.