What do you think?
Rate this book
Applied Incident Response
Incident response is critical for the active defense of any network, and incident responders need up-to-date, immediately applicable techniques with which to engage the adversary. Applied Incident Response details effective ways to respond to advanced attacks against local and remote network resources, providing proven response techniques and a framework through which to apply them. As a starting point for new incident handlers, or as a technical reference for hardened IR veterans, this book details the latest techniques for responding to threats against your network,
464 pages, Paperback
Published January 29, 2020
55 people are currently reading
67 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 4 of 4 reviews
June 7, 2021
The wave of ransomware attacks has highlighted many areas of information security, and one of them is incident response. When a company is locked out of its data, knowing how to respond is crucial. When most organizations discover they are victims, it is way too lack to create a formal incident response plan. Being reactive to a security incident only prolongs the incident, increases the damages, and may, in fact, have them violating contracts and regulations.
In 2021 it should be pretty obvious that every organization needs an incident response plan. The only question is why so many firms wait until they have an active incident to start thinking about how they need a plan. It is like trying to buy flood insurance in the days before a hurricane. Many people believe they can do it, only to find there is a 30-day period before the policy becomes active, and they have zero protection against the damages of the hurricane in their midst.
Applied Incident Response provides a more technical approach to the topic. Anson focuses heavily on tools, including those for forensic analysis. He gives a highly detailed approach to respond to an incident and has methods to avoid becoming a victim in the first place. This book is made for a security engineer or network analyst who needs to perform malware analysis, threat hunting, forensics gathering, and more. For anyone dealing with an actual incident, these incident responders will find this book to be an invaluable resource.
The book shows how to create an incident response team, what their tasks are, and how to deal with the myriad issues when the plan needs to be put in place. He also gets into the legal issues that may need to be dealt with in the event of a breach. While many companies focus on stopping the breach, they also need to consider how to secure forensic evidence so it can be used in the event you want to pursue legal action against the attackers.
In 2021 it should be pretty obvious that every organization needs an incident response plan. The only question is why so many firms wait until they have an active incident to start thinking about how they need a plan. It is like trying to buy flood insurance in the days before a hurricane. Many people believe they can do it, only to find there is a 30-day period before the policy becomes active, and they have zero protection against the damages of the hurricane in their midst.
Applied Incident Response provides a more technical approach to the topic. Anson focuses heavily on tools, including those for forensic analysis. He gives a highly detailed approach to respond to an incident and has methods to avoid becoming a victim in the first place. This book is made for a security engineer or network analyst who needs to perform malware analysis, threat hunting, forensics gathering, and more. For anyone dealing with an actual incident, these incident responders will find this book to be an invaluable resource.
The book shows how to create an incident response team, what their tasks are, and how to deal with the myriad issues when the plan needs to be put in place. He also gets into the legal issues that may need to be dealt with in the event of a breach. While many companies focus on stopping the breach, they also need to consider how to secure forensic evidence so it can be used in the event you want to pursue legal action against the attackers.
October 25, 2020
I went into the book thinking it was about Disaster Recovery procedures, I was wrong. Its security centric, but I walked away with good some good tips, links, and actual real-world examples I can implement on the job. It's a good book.
June 19, 2023
Informative, well-organized, and provides a comprehensive guide to incident response & forensics. I enjoyed it very much and I highly recommend this book to anyone looking to improve their incident response skills & mindset.
September 13, 2024
I recommended this book for all the people that work or that want to start a career in incident response. It is a technical book that will guide you through all the incident response's stages.
Displaying 1 - 4 of 4 reviews