Applied Incident Response
#Knowledge Base#Resources
Teaching Security provides educational resources and lessons for teaching cybersecurity concepts to high school students.
Applied Incident Response: A Comprehensive Guide
Applied Incident Response is a thorough resource on incident response, offering effective techniques for handling advanced attacks targeting both local and remote network resources.
The book explores the preparation for incident response
The book explores the preparation of the environment for incident response. It covers the use of MITRE ATT&CK and threat intelligence, the triage of systems, the acquisition and analysis of RAM and disk images, log analysis, malware analysis, detection of lateral movement techniques, threat hunting, and adversary emulation.
The book is a valuable resource for incident responders
This book serves as an essential resource for incident responders, offering a structured approach to implementing incident response techniques and maintaining an advantage over adversaries.
The topics discussed in the book include:
* Preparing the environment for effective incident response
* Utilizing MITRE ATT&CK and threat intelligence
* Conducting both local and remote triage of systems
* Acquiring and analyzing RAM and disk images
* Performing log analysis and aggregating high-value logs
* Analyzing malware
* Detecting and responding to lateral movement techniques
* Engaging in threat hunting and adversary emulation
