What is Incident Response?
1. Intelligence-Driven Incident Response: Outwitting the Adversary
“Predictive pre-defense” and “prompt and accurate incident response” should be the two key drivers which makes Intelligence-Driven Incident Response: Outwitting the Adversary one of the most useful books for realizing Intelligence-driven incident response.
The books throws light intelligence as the main vector in the IR operational function narrative
If you are an incident responder, security analyst, or just interested in threat intelligence, this book is for you. The authors give detailed examples of the techniques used to gather intelligence, and how they can be used to better respond to threats. The book is illustrated with real-world examples that will help the reader learn the concepts presented.
Scott J. Roberts and Rebekah Brown
2. The Practice of Network Security Monitoring
This big-steps book is full of technical information about network monitoring/investigation/analysis of logs, inspecting network packets and how to bind incident response around it.
It is full of explanations of how NSA has a soft spot for metadata.
This book is intelligence-driven incident response, which is a very interesting and promising approach to network security.
The book may be most useful if you plan to use the recommended tools to monitor your network.
Author: Richard Bejtlich
3. Reversing: The Secrets of Reverse Engineering
The Secrets of Reverse Engineering is a good introduction to reverse engineering, especially in Microsoft Windows environments.
The book explains some useful tips on:
- x86 assembly code,
- anti-debugging techniques etc.
It also delves into some often overlooked areas of reversing like how to enhance your analysis by reading intermediate objects that are left behind during compilation.
Author: Eldad Eilam
4. The Threat Intelligence Handbook: A Practical Guide for Security Teams to Unlocking the Power of Intelligence
A solid, comprehensive guide without the fluff, this book is a great resource for anyone wanting to learn about cyber threat intelligence.
It’s not overly technical and a “must read” for CISOs, security managers, and IT security practitioners etc.
- ASIN : B07L7ZH119
- Publisher :
- Language : English
Author: Eldad Eilam
Author: Recorded Future
Latest Edition: April 2005
Publisher: CyberEdge Group
5. The Cyber Intelligence Handbook: An Authoritative Guide for the C-Suite, IT Staff, and Intelligence Team
This book is an incredible resource for anyone looking to get started with Cyber Threat Intelligence and how it stops malicious cyber-threat actors targeting networks and data.
A cyber intelligence guide, this book provides common sense practices for establishing and growing a Cyber Threat Intelligence process unit.
The author covers the critical components of establishing an intelligence program and how to make it more proactive and responsive to emerging threats. Cyber Threat Intelligence is a rapidly growing field and this book provides a comprehensive guide to getting started and staying ahead of the curve for the C-Suite, IT Staff, and Intelligence Team
Author: David M. Cooney Jr.
Publisher: Independently Published
6. Open Source Intelligence Techniques: Resources for Searching and Analyzing Online Information
Want to be part of OSINT ‘game’ to understand the best of would-be detectives?
The book is on the best resources on Open Source Intelligence Techniques. Apt for OSINT beginners and experienced workers to gather digital information, there are dedicated chapters and sections for:
- specialized websites
- and software solutions.