Using a well-conceived incident response plan in the aftermath of an online security breach enables your team to identify attackers and learn how they operate. But, only when you approach incident response with a cyber threat intelligence mindset will you truly understand the value of that information. With this practical guide, you'll learn the fundamentals of intelligence analysis, as well as the best ways to incorporate these techniques into your incident response process. Each method reinforces the other: threat intelligence supports and augments incident response, while incident response generates useful threat intelligence. This book helps incident managers, malware analysts, reverse engineers, digital forensics specialists, and intelligence analysts understand, implement, and benefit from this relationship. In three parts, this in-depth book includes: The fundamentals: get an introduction to cyber threat intelligence, the intelligence process, the incident-response process, and how they all work together Practical application: walk through the intelligence-driven incident response (IDIR) process using the F3EAD process-Find, Fix Finish, Exploit, Analyze, and Disseminate The way forward: explore big-picture aspects of IDIR that go beyond individual incident-response investigations, including intelligence team building
Les mer
With this practical guide, incident managers, malware analysts, reverse engineers, digital forensics specialists, and intelligence analysts will learn the fundamentals of intelligence analysis, as well as the best ways to incorporate these techniques into your incident response process.
Les mer

Produktdetaljer

ISBN
9781491934944
Publisert
2017-07-25
Utgiver
Vendor
O'Reilly Media
Vekt
666 gr
Høyde
250 mm
Bredde
150 mm
Dybde
15 mm
Aldersnivå
P, 06
Språk
Product language
Engelsk
Format
Product format
Heftet
Antall sider
256

Forfatter

Biographical note

Scott J Roberts works for GitHub and makes up his title every time he's asked, so we'll say he's the Director of Bad Guy Catching. He has worked for 900lbs security gorillas, government security giants & boutiques, and financial services security firms and done his best to track down bad guys at all these places. He's released and contributed to multiple tools for threat intelligence and malware analysis. Scott is also really good at speaking in the 3rd person. Kyle Maxwell is a threat intelligence analyst supporting private sector clients across the globe. He has contributed to several public reports on data breach analysis and frequently speaks & writes at conferences around the United States and Latin America. Previously, he led the incident response team at a large payment processor and performed digital forensics for clients across the United States at several private investigation firms. Mr. Maxwell holds a degree in Mathematics from the University of Texas at Dallas.