Hands-on Incident Response and Digital Forensics
Incident response and digital forensics require a balancing act to get right, but both are essential when an information sec…
Incident Response in the Cloud
Moving from on-premises deployments to the cloud can offer incredible benefits to many organizations, including a plethora o…
Hunt Evil: Your Practical Guide to Threat Hunting
This eBook will guide you through how to assess and improve your threat hunting capabilities, how to prioritize what to hunt…
Open-Source DFIR Made Easy: The Setup
A common challenge in the digital forensics and incident response (DFIR) community has been creating a DFIR toolkit that is …
Memory Acquisition and Virtual Secure Mode
Jason Hale has published a post about the impact of VBS on memory acqusition. With Windows 10 and Server 2016, Microsoft add…
An Academic’s View to Incident Response
Here is a talk by Martin Schmiedecker from SHA2017 on incident response: SHA2017 is a non profit outdoor Hacker camp/confere…
An Introduction to VolUtility
Basil Alawi S.Taher has posted a nice overview of how to start using VolUtility – a web frontend for Volatility framew…
Windows IR made easier and faster – Find the head of the snake using AutoRuns, Large Registry Keys, Logs, IP/WhoIs and Netflow
Windows systems are still king of the desktop and server operating systems, thus the #1 target of hackers, malware, ransomwa…
Ten Ways to Prepare for Incident Response
McAfee has published a white paper by Jim Olmstead, Senior Consultant, Incident Response and Forensic Practice Foundstone® S…
Cyber Threat Intelligence Summit 2017
SANS has published 16 videos from Cyber Threat Intelligence Summit 2017. All videos are available for free at SANS Digital F…
