Any good attacker will tell you that expensive security monitoring and prevention tools aren’t enough to keep you secure. This practical book demonstrates a data-centric approach to distilling complex security monitoring, incident response, and threat analysis ideas into their most basic elements. You’ll learn how to develop your own threat intelligence and incident detection strategy, rather than depend on security tools alone.
Written by members of Cisco’s Computer Security Incident Response Team, this book shows IT and information security professionals how to create an InfoSec playbook by developing strategy, technique, and architecture.
Learn incident response fundamentals—and the importance of getting back to basics
Understand threats you face and what you should be protecting
Collect, mine, organize, and analyze as many relevant data sources as possible
Build your own playbook of repeatable methods for security monitoring and response
Learn how to put your plan into action and keep it running smoothly
Select the right monitoring and detection tools for your environment
Develop queries to help you sort through data and create valuable reports
Know what actions to take during the incident response phase
Book year: 2015
Book pages: 276
Book language: en
File size: 10.20 MB
File type: pdf
Published: 04 February 2019 - 20:54