Effective threat investigation requires strong technical expertise, analytical skills, and a deep understanding of cyber threats and attacker techniques. It's a crucial skill for SOC analysts, enabling them to analyze different threats and identify security incident origins. This book provides insights into the most common cyber threats and various attacker techniques to help you hone your incident investigation skills.
The book begins by explaining phishing and email attack types and how to detect and investigate them, along with Microsoft log types such as Security, System, PowerShell, and their events. Next, you’ll learn how to detect and investigate attackers' techniques and malicious activities within Windows environments. As you make progress, you’ll find out how to analyze the firewalls, flows, and proxy logs, as well as detect and investigate cyber threats using various security solution alerts, including EDR, IPS, and IDS. You’ll also explore popular threat intelligence platforms such as VirusTotal, AbuseIPDB, and X-Force for investigating cyber threats and successfully build your own sandbox environment for effective malware analysis.
By the end of this book, you’ll have learned how to analyze popular systems and security appliance logs that exist in any environment and explore various attackers' techniques to detect and investigate them with ease.

Osoby które kupowały "Effective Threat Investigation for SOC Analysts. The ultimate guide to examining various threats and attacker techniques using security logs", wybierały także:

• Cisco CCNA 200-301. Kurs video. Administrowanie bezpieczeÅ„stwem sieci. Część 3 665,00 zÅ‚, (39,90 zÅ‚ -94%)
• Cisco CCNA 200-301. Kurs video. Administrowanie urzÄ…dzeniami Cisco. Część 2 665,00 zÅ‚, (39,90 zÅ‚ -94%)
• Cisco CCNA 200-301. Kurs video. Podstawy sieci komputerowych i konfiguracji. Część 1 665,00 zÅ‚, (39,90 zÅ‚ -94%)
• Cisco CCNP Enterprise 350-401 ENCOR. Kurs video. Programowanie i automatyzacja sieci 443,33 zÅ‚, (39,90 zÅ‚ -91%)
• CCNP Enterprise 350-401 ENCOR. Kurs video. Mechanizmy kierowania ruchem pakiet 443,33 zÅ‚, (39,90 zÅ‚ -91%)

Spis treści

Effective Threat Investigation for SOC Analysts. The ultimate guide to examining various threats and attacker techniques using security logs eBook -- spis treści

• 1. Investigating Email Threats
• 2. Email Flow and Header Analysis
• 3. Introduction to Windows Event Logs
• 4. Tracking Accounts Login and Management
• 5. Investigating Suspicious Process Execution Using Windows Event Logs
• 6. Investigating PowerShell Event Logs
• 7. Investigating Persistence and Lateral Movement Using Windows Event Logs
• 8. Network Firewall Logs Analysis
• 9. Investigating Cyber Threats by Using the Firewall Logs
• 10. Web Proxy Logs Analysis
• 11. Investigating Suspicious Outbound Communications (C&C Communications) by Using Proxy Logs
• 12. Investigating External Threats
• 13. Investigating Network Flows and Security Solutions Alerts
• 14. Threat Intelligence in a SOC Analyst's Day
• 15. Malware Sandboxing – Building a Malware Sandbox