Incident response with Threat Intelligence

By Roberto Martinez
    Advance your knowledge in tech with a Packt subscription

  • Instant online access to over 7,500+ books and videos
  • Constantly updated with 100+ new titles each month
  • Breadth and depth in over 1,000+ technologies

About this book

With constantly evolving cyber threats, developing a cybersecurity incident response capability to identify and contain threats is indispensable for any organization regardless of its size. This book covers theoretical concepts and a variety of real-life scenarios that will help you to apply these concepts within your organization.

Starting with the basics of incident response, the book introduces you to professional practices and advanced concepts for integrating threat hunting and threat intelligence procedures in the identification, contention, and eradication stages of the incident response cycle. As you progress through the chapters, you'll cover the different aspects of developing an incident response program. You’ll learn the implementation and use of platforms such as TheHive, ELK, and MISP and tools for evidence collection such as Velociraptor and KAPE before getting to grips with the integration of frameworks such as Cyberkill Chain and Mitre ATT&CK for analysis and investigation. You'll also explore methodologies and tools for cyber threat hunting with Sigma and Yara Rules.

By the end of this book, you'll have learned everything you need to respond to cybersecurity incidents using threat intelligence.

Publication date:
February 2022
Publisher
Packt
Pages
316
ISBN
9781801072953

About the Author

  • Roberto Martinez

    Roberto Martinez, works as a Senior Security Researcher at Kaspersky's Global Research and Analysis Team (GReAT) since April 2012, doing research to detect and identify new Security Threats, responding to Security Incidents, and presenting at security events worldwide.

    He also collaborates as an Expert Associate Professor at Tec de Monterrey University and is currently an active member of the HTCIA (High Technology Crime Investigation Association).

    Roberto has more than 15 years of experience in cybersecurity, working in different fields as Offensive Security, Incident Response, Digital Forensic Investigation, Threat Hunting, Threat Intelligence, and Malware Analysis.

    Before this, he worked as a consultant and instructor specializing in security for governments, financial institutions, and private corporations in Latin America.

    Browse publications by this author
Book Title
Unlock this book and the full library for FREE
Start free trial