Detect and investigate various cyber threats and techniques carried out by malicious actors by analyzing logs generated from different sources
Effective threat investigation requires strong technical expertise, analytical skills, and a deep understanding of cyber threats and attacker techniques. It’s a crucial skill for SOC analysts, enabling them to analyze different threats and identify security incident origins. This book provides insights into the most common cyber threats and various attacker techniques to help you hone your incident investigation skills.
The book begins by explaining phishing and email attack types and how to detect and investigate them, along with Microsoft log types such as Security, System, PowerShell, and their events. Next, you’ll learn how to detect and investigate attackers’ techniques and malicious activities within Windows environments. As you make progress, you’ll find out how to analyze the firewalls, flows, and proxy logs, as well as detect and investigate cyber threats using various security solution alerts, including EDR, IPS, and IDS. You’ll also explore popular threat intelligence platforms such as VirusTotal, AbuseIPDB, and X-Force for investigating cyber threats and successfully build your own sandbox environment for effective malware analysis.
By the end of this book, you’ll have learned how to analyze popular systems and security appliance logs that exist in any environment and explore various attackers’ techniques to detect and investigate them with ease.
This book is for Security Operation Center (SOC) analysts, security professionals, cybersecurity incident investigators, incident handlers, incident responders, or anyone looking to explore attacker techniques and delve deeper into detecting and investigating attacks. If you want to efficiently detect and investigate cyberattacks by analyzing logs generated from different log sources, then this is the book for you. Basic knowledge of cybersecurity and networking domains and entry-level security concepts are necessary to get the most out of this book.
1、本站所有分享材料(数据、资料)均为网友上传,如有侵犯您的任何权利,请您第一时间通过微信(lib99net)、QQ(24661067)、电话(17898078618)联系本站,本站将在24小时内回复您的诉求!谢谢!
2、本站所有商品,除特殊说明外,均为(电子版)Ebook,请购买分享内容前请务必注意。特殊商品有说明实物的,按照说明为准。
1、自动:在上方保障服务中标有自动发货的宝贝,拍下后,将会自动收到来自卖家的宝贝获取(下载)链接;
2、手动:未标有自动发货的的宝贝,拍下后,卖家会收到邮件、短信提醒,也可通过QQ或订单中的电话联系对方。
1、描述:书籍描述(含标题)与实际不一致的(例:描述PDF,实际为epub、缺页少页、版本不符等);
2、链接:部分图书会给出链接,直接链接到官网或者其他站点,以便于提示,如与给出不符等;
3、发货:手动发货书籍,在卖家未发货前,已申请退款的;
4、其他:如质量方面的硬性常规问题等。
注:经核实符合上述任一,均支持退款,但卖家予以积极解决问题则除外。交易中的商品,卖家无法对描述进行修改!
1、在未购买下前,双方在QQ上所商定的内容,亦可成为纠纷评判依据(商定与描述冲突时,商定为准);
2、在宝贝同时有网站演示与图片演示,且站演与图演不一致时,默认按图演作为纠纷评判依据(特别声明或有商定除外);
3、在没有"无任何正当退款依据"的前提下,写有"一旦售出,概不支持退款"等类似的声明,视为无效声明;
4、虽然交易产生纠纷的几率很小,但请尽量保留如聊天记录这样的重要信息,以防产生纠纷时便于网站工作人员介入快速处理。