Image

MAKE YOUR TOUGH JOB EASIER WITH THE FREE RESOURCES WE PROVIDE

Lateral Movement Analysis / Event Log Analysis / Memory Analysis and more

Image
Image

ATTEND TRAINING WITH APPLIED INCIDENT RESPONSE AUTHOR STEVE ANSON

Image

ATTEND TRAINING WITH APPLIED INCIDENT RESPONSE AUTHOR STEVE ANSON

Image

APPLIED INCIDENT RESPONSE

Incident response is critical for the active defense of any network, and incident responders need up-to-date, immediately applicable techniques with which to engage the adversary.

Applied Incident Response details effective ways to respond to advanced attacks against local and remote network resources, providing proven response techniques and a framework through which to apply them. As a starting point for new incident handlers, or as a technical reference for hardened IR veterans, this book details the latest techniques for responding to threats against your network, including:

  • Preparing your environment for effective incident response;
  • Leveraging MITRE ATT&CK and threat intelligence for active network defense;
  • Local and remote triage of systems using PowerShell, WMIC, and open-source tools;
  • Acquiring RAM and disk images locally and remotely;
  • Analyzing RAM with Volatility and Rekall;
  • Deep-dive forensic analysis of system drives using open-source or commercial tools;
Image

STEVE ANSON

Steve Anson is Certified Instructor with the SANS Institute and co-founder of Forward Defense, a leading IT security and incident response company headquartered in Abu Dhabi.

Previously, he served as a special agent with the US Department of Defense and on an FBI Cyber Crime Task Force, leading complex investigations into cyber-related offences including network intrusion incidents, terrorism, fraud and crimes against children. Steve also served as an instructor at the FBI Academy and for the US Department of State, providing network intrusion investigation and digital forensics training to thousands of students from US law enforcement agencies as well as national police, prosecutors and judges from dozens of countries.

Throughout his career, Steve has received a number of industry credentials, including Certified Information Systems Security Professional (CISSP), EnCase Certified Examiner (EnCE), Cellebrite Certified Mobile Examiner (CCME), US Department of Defense Certified Computer Crime Investigator and US Federal Law Enforcement Training Center Seized Computer Evidence Recovery Specialist (SCERS). He has served as an Adjunct Professor for George Washington Universitys Master of Computer Forensics program, is a certified Lead Assessor for laboratory competence in ISO 17025:2005 with the American Association for Laboratory Accreditation, and is the co-author of Mastering Windows Network Forensics and Investigations from Wiley Publishing.

Image

MAKE YOUR TOUGH JOB EASIER WITH THE FREE RESOURCES WE PROVIDE

LATERAL MOVEMENT ANALYSIS / EVENT LOG ANALYSIS / MEMORY ANALYSIS AND MORE

applied-incident-response-logo.png

 

> Homepage  > About  > Resources  > Publications  > Contact Us  > Links

 

Copyright © APPLIED INCIDENT RESPONSE. All Rights Reserved.