Incident Response with Threat Intelligence: Practical insights into developing an incident response capability through intelligence-based threat hunting

Incident Response with Threat Intelligence: Practical insights into developing an incident response capability through intelligence-based threat hunting

  • Downloads:6994
  • Type:Epub+TxT+PDF+Mobi
  • Create Date:2022-08-16 06:51:54
  • Update Date:2025-09-07
  • Status:finish
  • Author:Roberto Martínez
  • ISBN:1801072957
  • Environment:PC/Android/iPhone/iPad/Kindle
  • Download

Summary

With constantly evolving cyber threats, developing a cybersecurity incident response capability to identify and contain threats is indispensable for any organization regardless of its size。 This book covers theoretical concepts and a variety of real-life scenarios that will help you to apply these concepts within your organization。

Starting with the basics of incident response, the book introduces you to professional practices and advanced concepts for integrating threat hunting and threat intelligence procedures in the identification, contention, and eradication stages of the incident response cycle。 As you progress through the chapters, you'll cover the different aspects of developing an incident response program。 You'll learn the implementation and use of platforms such as TheHive and ELK and tools for evidence collection such as Velociraptor and KAPE before getting to grips with the integration of frameworks such as Cyber Kill Chain and MITRE ATT&CK for analysis and investigation。 You'll also explore methodologies and tools for cyber threat hunting with Sigma and YARA rules。

By the end of this book, you'll have learned everything you need to respond to cybersecurity incidents using threat intelligence。

Download

Reviews

C

I focused on the threat intel content and skimmed the incident response content, which is the larger portion of the book。 The book is heavy on practical usage, with step-by-step instructions for installing and using many tools, plus screenshots。 Each chapter ends with links to further reading。 You can find the book's digital resources on GitHub。NotesIoCs are evidence of compromise studied after an attack (hashes, IP addresses, domain names, registry entries, etc。)。 IoAs are observed malicious be I focused on the threat intel content and skimmed the incident response content, which is the larger portion of the book。 The book is heavy on practical usage, with step-by-step instructions for installing and using many tools, plus screenshots。 Each chapter ends with links to further reading。 You can find the book's digital resources on GitHub。NotesIoCs are evidence of compromise studied after an attack (hashes, IP addresses, domain names, registry entries, etc。)。 IoAs are observed malicious behavior studied before or during an attack (TTPs)。Report Template for Threat Intelligence and Incident Response 。。。more

Reference

google book https://www.google.com/search?tbm=bks&q=Incident Response with Threat Intelligence: Practical insights into developing an incident response capability through intelligence-based threat hunting

hathitrust digital library https://babel.hathitrust.org/cgi/ls?q1=Incident Response with Threat Intelligence: Practical insights into developing an incident response capability through intelligence-based threat hunting&field1=ocr&a=srchls&ft=ft&lmt=ft

The British Library https://bll01.primo.exlibrisgroup.com/discovery/search?query=any,contains,Incident Response with Threat Intelligence: Practical insights into developing an incident response capability through intelligence-based threat hunting&tab=LibraryCatalog&search_scope=Not_BL_Suppress&vid=44BL_INST:BLL01&lang=en&offset=0