Behavioral task
behavioral1
Sample
Incident Response in the Age of Cloud Techniques and best practices to effectively respond to cybers.pdf
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
Incident Response in the Age of Cloud Techniques and best practices to effectively respond to cybers.pdf
Resource
win10v2004-20220812-en
General
-
Target
Incident Response in the Age of Cloud Techniques and best practices to effectively respond to cybersecurity incidents (Erdal Ozkaya).pdf
-
Size
40.6MB
-
MD5
e42ff3dc29d98d01e72198f6fd6f0edf
-
SHA1
e12e3cdace48a7ca82252ad8c1d9724fc28bd03e
-
SHA256
ad9a997727e3fefa9b58b8b823e25bd7f6e01c116ea4cfaa1d836cea8f537ce3
-
SHA512
d1f4de87f15fb06cbf7781c592d6a499531cd5feb0deef5e7f4a4109534a9137f68215a46476b1da002274f8644787ad77f34070e1cf22e74b59ac9620c4f7ba
-
SSDEEP
786432:h567tCUNCKybR4iHo5b44NSV53FiNvFv6ON1Mq3hYCMMHSSLG4iU4WA6xa:X0nqgFNSVLGFvNSq3hVnVLG453s
Malware Config
Signatures
Files
-
Incident Response in the Age of Cloud Techniques and best practices to effectively respond to cybersecurity incidents (Erdal Ozkaya).pdf.pdf
-
http://authors.packtpub.com
-
https://www.packtpub.com/product/cybersecurity-attack-and-defense-strategies-second-edition/9781838827793
-
https://www.packtpub.com/product/cybersecurity-the-beginner-s-guide/9781789616194
-
http://www.packt.com
-
http://[email protected]
-
http://packt.com
-
https://www.amazon.com/dp/1800569211
-
https://windows-internals.com/printdemon-cve-2020-1048/
-
https://github.com/brav0hax/smbexec
-
https://github.com/BloodHoundAD/SharpHound
-
https://github.com/PowerShellEmpire/PowerTools/tree/master/PowerView
-
https://www.makeuseof.com/tag/artificial-intelligence-antivirus-tools/
-
https://www.secureaplus.com/features/artificial-intelligence/?_ga=2.45683876.1219726983.1591537412-1
-
https://docs.splunk.com/Documentation/ES/6.1.1/Admin/MLTKsearches
-
https://www.esecurityplanet.com/products/top-intrusion-detection-prevention-systems.html
-
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf
-
https://www.balbix.com/solutions/it-asset-discovery-inventory-management/
-
https://discoveredintelligence.ca/introducing-aura-asset-intelligence/
-
https://cybersecurity.att.com/blogs/security-essentials/incident-response-steps-comparison-guide
-
https://microsoftintune.uservoice.com/forums/291681-ideas
-
https://docs.microsoft.com/en-us/mem/intune/protect/security-baselines
-
https://docs.microsoft.com/en-us/mem/intune/protect/endpoint-security
-
https://docs.microsoft.com/en-us/windows/security/threat-protection/device-control/control-usb-devic
-
https://docs.microsoft.com/en-us/windows/deployment/update/waas-manage-updates-wufb
-
https://docs.microsoft.com/en-us/mem/intune/protect/compliance-policy-create-ios
-
https://docs.microsoft.com/en-us/mem/intune/protect/compliance-policy-create-android
-
https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-overvie
-
https://docs.microsoft.com/en-us/mem/configmgr/comanage/overview
-
https://docs.microsoft.com/en-us/azure/active-directory/devices/overview
-
https://docs.microsoft.com/en-us/mem/intune/configuration/device-restrictions-windows-10
-
https://docs.microsoft.com/en-us/mem/intune/configuration/device-restrictions-android
-
https://docs.microsoft.com/en-us/mem/intune/enrollment/device-enrollment
-
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/app-protection-based-cond
-
https://docs.microsoft.com/en-us/mem/intune/apps/app-protection-policy
-
https://docs.microsoft.com/en-us/mem/intune/user-help/you-need-to-turn-off-unknown-sources-android
-
https://docs.microsoft.com/en-us/mem/intune/protect/device-compliance-get-started
-
https://docs.microsoft.com/en-us/microsoft-365/admin/security-and-compliance/set-up-multi-factor-aut
-
https://www.microsoft.com/security/blog/2018/06/14/building-zero-trust-networks-with-microsoft-365/
-
https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/concept-fundamentals-block-lega
-
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/threat-explorer?view=o36
-
http://www.enisa.europa.eu/
-
https://www.networkworld.com/article/3116011/best-practices-for-incident-response-in-the-age-of-clou
-
https://csrc.nist.gov/publications/detail/sp/800-61/rev-2/final
-
https://aka.ms/ITSOC
-
https://aka.ms/IRRG
-
http://aka.ms/sharedresponsibility
-
https://aka.ms/CISOWorkshop
-
https://aka.ms/SecurityBestPractices
-
https://aka.ms/securityroles
-
https://info.microsoft.com/rs/157-GQE-382/images/EN-US-CNTNT-emergency-doc-digital.pdf
-
https://csrc.nist.gov/publications/detail/sp/800-184/final
-
http://blog.leetsys.com
-
https://attack.mitre.org/
-
https://www.virustotal.com/gui/
-
https://binalyze.com/products/irec
-
https://www.keepnetlabs.com/incident-responder/
-
https://www.microsoft.com/en-GB/download/details.aspx?id=48217
-
https://www.keepnetlabs.com/phishing-outlook-add-in/
-
https://databreachcalculator.mybluemix.net/
-
http://www.incidentresponse.com
-
https://eccitsolutions.com/7-best-practices-creating-using-incident-response-plan/
-
https://medium.com/fyipe/incident-response-best-practices-1093cdcf4b47
-
https://www.exabeam.com/incident-response/improve-your-2018-incident-response-plan-with-the-latest-b
-
https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-86.pdf
-
https://www.packetlabs.net/mitre-attack/
-
https://www.sans.org/reading-room/whitepapers/threathunting/paper/38710
-
https://digitalguardian.com/blog/what-does-cyber-threat-hunter-do
-
https://deloitte.wsj.com/cio/2014/09/22/an-introduction-to-cyber-war-games/
-
https://mitre-attack.github.io/attack-navigator/
-
https://atos.net/en/solutions/cyber-security/managed-security-services/soc-security-operation-center
-
https://cybersecurity.att.com/solutions/security-operations-center
-
https://www.thalesgroup.com/en/soc-service
-
https://mdr.comodo.com/managed-soc.php
-
https://www.techopedia.com/definition/10339/three-way-handshake
-
http://www.ErdalOzkaya.com
-
https://www.kaspersky.com/blog/billion-dollar-apt-carbanak/7519/
-
https://www.rapid7.com/info/security-orchestration-and-automation-playbook/
-
https://www.extrahop.com/company/blog/2020/insecure-apis-cloud-computing-cause-solutions/
-
https://media.defense.gov/2020/Jan/22/2002237484/-1/-1/0/CSI-MITIGATING-CLOUD-VULNERABILITIES_202001
-
https://www.okta.com/blog/2018/04/incident-response-in-the-cloud/
-
https://blog.trendmicro.com/pdating-incident-response-for-the-cloud/
-
https://securityboulevard.com/2018/04/incident-response-in-the-cloud-4-ways-to-improve-your-investig
-
https://www.sans.org/reading-room/whitepapers/incident/incident-handlers-handbook-33901
-
https://www.computer.org/publications/tech-news/research/bolt-cloud-computing-attack-test-system
-
https://www.onelogin.com/blog/may-31-2017-security-incident
-
https://github.com/oldrho/ip2provider
-
https://www.microsoft.com/en-au/download/details.aspx?id=56519
-
https://docs.aws.amazon.com/general/latest/gr/aws-ip-ranges.html
-
http://www.threatcrowd.org
-
https://github.com/danielmiessler/SecLists/tree/master/Discovery/DNS
-
http://Censys.io
-
http://www.Shodan.io
-
https://attack.mitre.org/matrices/enterprise/cloud/#
-
https://digital-forensics.sans.org/summit-archives/DFIR_Summit/Open-Source-Threat-Intelligence-Kyle-
-
https://www.microsoft.com/security/blog/2017/06/27/new-ransomware-old-techniques-petya-adds-worm-cap
-
https://www.firstlinepractitioners.com/practice/cyber-threat-intelligence-sharing-platforms-misp
-
http://www.ponemon.org/news-updates/blog/security/the-cost-of-malware-containment.html
-
https://talosintelligence.com/
-
https://www.virustotal.com/
-
https://us-cert.cisa.gov/ais
-
https://ransomwaretracker.cheena.net/
-
https://github.com/hslatman/awesome-threat-intelligence
-
https://www.metadefender.com/threat-intelligence-feeds
-
https://misp-project.org/
-
https://sectechno.com/tuxresponse-linux-incident-response/
-
https://docs.huihoo.com/linux/linux-security-admin-guide/SecurityAdminGuide-14.html
-
https://www.sandflysecurity.com/blog/compromised-linux-cheat-sheet/
-
https://resources.infosecinstitute.com/topic/mobile-forensics-process-steps-types/
-
https://searchmobilecomputing.techtarget.com/tip/How-to-develop-a-mobile-incident-response-plan
-
https://books.nowsecure.com/mobile-incident-response/en/index.html
-
https://www.truesec.com/incident/#workflow
-
https://www.fireeye.com/mandiant/incident-response.html
-
https://mdr.comodo.com/
-
https://cloud.google.com/security/incident-response
-
https://aws.amazon.com/blogs/security/introducing-the-aws-security-incident-response-whitepaper/
-
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdfas
-
https://azure.microsoft.com/en-gb/blog/introducing-microsoft-azure-sentinel-intelligent-security-ana
-
https://azure.microsoft.com/en-gb/blog/microsoft-incident-response-and-shared-responsibility-for-clo
-
https://docs.microsoft.com/en-us/azure/security-center/security-center-just-in-time
-
https://processhacker.sourceforge.io/
-
https://docs.microsoft.com/en-us/sysinternals/
-
https://csrc.nist.gov/publications/detail/sp/800-86/final
-
https://owasp.org/www-project-mobile-top-10/
-
https://books.nowsecure.com/mobile-incident-response/en/overview/ir-process.html
-
https://www.cisecurity.org/spotlight/cybersecurity-spotlight-defense-in-depth-did/
-
https://doc.keepnetlabs.com/
-
https://www.vaultintel.com/blog/10-essential-elements-of-an-incident-report
-
https://securelist.com/incident-response-analytics-report-2018/92732/
-
https://venngage.com/blog/incident-report/
-
https://static.packt-cdn.com/downloads/9781800569218_08_Information_Security_Incident_Report_Form.pd
-
https://www.anomali.com/blog/introduction-to-manual-ioc-management-for-threat-intelligence
-
https://misp-project.org/feeds/
-
http://ThreatStop.com
-
http://Threatfeeds.io
-
http://ThreatConnect.com
-
http://Team-Cymru.com
-
http://RecordedFuture.com
-
https://www.surfwatchlabs.com/
-
https://doc.keepnetlabs.com/technical-guide/phishing-reporter-add-in/generating-add-in
-
https://support.google.com/mail/answer/8253?hl=en
-
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/enable-the-report-messag
-
https://blog.malwarebytes.com/101/2018/12/something-else-phishy-detect-phishing-attempts-mobile/
-
https://www.cyberscoop.com/phishing-attacks-mobile-devices-lookout/
-
https://www.erdalozkaya.com/incident-response-and-management/
-
https://www.comodo.com/secure-email-gateway/
-
https://doc.keepnetlabs.com/technical-guide/phishing-incident-responder
-
https://doc.keepnetlabs.com/technical-guide/phishing-incident-responder/analysing-suspicious-emails/
-
https://dashboard.keepnetlabs.com/Modules/User/Login.aspx?returnurl=/Modules/Default.aspx
-
https://support.google.com/a/answer/9275024?hl=en
-
https://protection.office.com
-
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/air-view-investigation-r
-
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/automated-investigation-
-
https://blog.logsign.com/security-orchestration-automation-and-response-soar-description-and-functio
-
https://support.google.com/a/answer/7587832?hl=en&ref_topic=7563358
-
https://support.google.com/a/answer/9043224?hl=en&ref_topic=7563358
-
http://admin.google.com
-
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/investigate-malicious-em
-
https://www.cyberbit.com/blog/security-operations/top-5-open-source-incident-response-automation-too
-
https://doc.keepnetlabs.com/technical-guide/phishing-incident-responder/how-does-investigation-mecha
-
https://support.google.com/a/answer/7575955?hl=en
-
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/office-365-ti
-
https://clonezilla.org/
-
https://belkasoft.com/ec
-
https://winpmem.velocidex.com/
-
https://github.com/gentilkiwi/mimikatz
-
https://github.com/thimbleweed/All-In-USB/tree/master/utilities/DumpIt
-
http://symantec.com
-
https://www.erdalozkaya.com/netstat-for-security-professionals/
-
https://www.paladion.net/blogs/anti-phishing-incident-response
-
http://techgenix.com/incident-response-phishing-attacks/
-
http://blog.talosintelligence.com/2017/09/brazilbanking.html
-
https://doc.keepnetlabs.com/technical-guide/api-guide/rest-api-for-incident-responder-ir-operation
-
https://github.com/VirusTotal/yara
-
https://github.com/Yara-Rules/rules
-
https://yara.readthedocs.io
-
https://blog.rapid7.com/2016/12/09/understanding-and-configuring-snort-rules/
-
https://www.snort.org/
-
https://www.fireeye.com/blog/products-and-services/2020/12/fireeye-shares-details-of-recent-cyber-at
-
https://www.netadmintools.com/netflow-analyzer-and-collectors
-
https://www.varonis.com/blog/what-is-siem/
-
https://resources.infosecinstitute.com/the-phishing-response-playbook/
-
https://cybersecurity.att.com/resource-center/ebook/insider-guide-to-incident-response/incident-resp
-
https://www.lyonscg.com/2019/01/03/digital-incident-response/
-
https://resources.infosecinstitute.com/ooda-and-cybersecurity/
-
https://cybersecurity.att.com/resource-center/infographics/putting-the-ooda-loop-into-your-incident-
-
https://www.enisa.europa.eu/publications/incident-reporting-for-cloud-computing/at_download/fullRepo
-
https://www.owlh.net/
-
https://metron.apache.org/
-
https://thehive-project.org/
-
https://www.misp-project.org/
-
http://grr-doc.readthedocs.io
-
https://cybeready.com/assessing-your-phishing-risks-what-metrics-should-you-rely-on
-
https://www.atlassian.com/incident-management/kpis
-
https://victorops.com/blog/top-incident-management-kpis-to-monitor
-
https://securelist.com/spam-and-phishing-in-q2-2019/92379/
-
https://www.sans.org/reading-room/whitepapers/incident/computer-incident-response-team-641
-
https://digitalguardian.com/blog/building-your-incident-response-team-key-roles-and-responsibilities
-
https://www.youtube.com/watch?v=jypwuHc3yTU
-
https://www.comodo.com/partners/mssp/
-
https://krebsonsecurity.com/2015/08/tech-firm-ubiquiti-suffers-46m-cyberheist/
-
https://www.cnbc.com/2017/09/08/massive-equifax-cyberattack-triggers-class-action-lawsuit.html
-
https://www.infosecurity-magazine.com/opinions/the-importance-of-a-cyber-incident/
-
https://www.darkreading.com/edge/theedge/why-every-organization-needs-an-incident-response-plan/b/d-
-
https://www.infosecurity-magazine.com/news/companies-stock-value-dropped-1/
-
https://www.forbes.com/sites/sergeiklebnikov/2019/11/06/companies-with-security-fails-dont-see-their
-
https://www.comodo.com/business-security/email-security/breach-detection.php
-
https://www.ErdalOzkaya.com
-
http://blog.cipher.com/3-reasons-why-you-need-an-incident-response-plan
-
https://www.zdnet.com/article/127-million-user-records-from-8-companies-put-up-for-sale-on-the-dark-
-
http://www.darkreading.com/attacks-breaches/new-iotbotnet-discovered-120k-ip-cameras-at-risk-of-atta
-
https://www.itgovernance.co.uk/blog/what-is-incident-response-management-and-why-do-you-need-it
-
https://www.welivesecurity.com/2014/11/11/website-reveals-73000-unprotected-security-cameras-default
-
https://www.cybersecurity-insiders.com/almost-all-financial-apps-are-vulnerable-to-cyber-attacks/
-
https://www.erdalozkaya.com/?s=incident+response
-
https://www.mobilemarketer.com/news/nearly-all-financial-apps-have-security-flaws-that-leave-data-vu
-
https://enterprise.verizon.com/resources/reports/dbir/
-
https://cve.mitre.org/cve/
-
https://informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
-
https://www.forbes.com/sites/thomasbrewster/2020/05/19/easyjet-hacked-9-million-customers-and-2000-c
-
https://www.entrepreneur.com/article/349509
-
https://docs.microsoft.com/en-us/archive/blogs/yuridiogenes/byod-article-published-at-issa-journal
-
https://www.nytimes.com/2017/02/15/us/remote-workers-work-from-home.html
-
https://www.proofpoint.com/us/resources
-
https://www.theverge.com/2020/4/1/21203313/marriott-database-security-breach-5-million-guests
-
https://threatpost.com/20-linksys-router-modelsvulnerable-to-attack/125085/
-
http://www.packt.com/submit-errata
-
https://static.packt-cdn.com/downloads/9781800569218_ColorImages.pdf
-
http://978-1-80056-921-8en-USwww.packt.com
-
https://static.packt-cdn.com/en-USdownloads/9781800569218_ColorImages.pdfen-US.
-
http://www.packt.com/submit-errataen-US,
-
https://en-USattack.mitre.org/en-US
-
https://www.en-USwelivesecurity.com/2014/11/11/website-reveals-73000-en-USunprotected-security-cameras-default-passwords/en-US.
-
https://en-USthreatpost.com/20-linksys-router-modelsvulnerable-to-en-USattack/125085/en-US.en-USAn
-
https://en-USwww.theverge.com/2020/4/1/21203313/marriott-database-en-USsecurity-breach-5-million-guestsen-US.
-
https://www.nytimes.com/2017/02/15/us/en-USremote-workers-work-from-home.htmlen-US.
-
https://en-USinformationisbeautiful.net/visualizations/worlds-biggest-data-breaches-en-UShacks/en-US
-
https://docs.microsoft.com/en-us/en-USarchive/blogs/yuridiogenes/byod-article-published-at-en-USissa-journalen-US.en-USThe
-
https://www.entrepreneur.com/en-USarticle/349509en-US.en-USThe
-
https://www.forbes.com/sites/en-USthomasbrewster/2020/05/19/easyjet-hacked-9-million-en-UScustomers-and-2000-credit-cards-hit/#c9b68211ae18en-US.
-
https://en-UScve.mitre.org/cve/en-US.
-
https://enterprise.verizon.com/resources/en-USreports/dbir/en-US.en-USWhat
-
https://www.mobilemarketer.com/en-USnews/nearly-all-financial-apps-have-security-flaws-en-USthat-leave-data-vulnerable-s/551794/en-US.
-
https://en-USwww.erdalozkaya.com/?s=incident+responseen-US
-
https://www.cybersecurity-insiders.com/almost-all-financial-apps-en-USare-vulnerable-to-cyber-attacks/en-US
-
https://www.welivesecurity.com/2014/11/11/website-reveals-en-US73000-unprotected-security-cameras-default-passwords/en-US
-
https://www.itgovernance.co.uk/blog/what-is-incident-response-en-USmanagement-and-why-do-you-need-iten-US
-
http://www.en-USdarkreading.com/attacks-breaches/new-iotbotnet-discovered-120k-ip-en-UScameras-at-risk-of-attack/d/did/1328839
-
https://www.zdnet.com/article/127-million-user-records-from-8-en-UScompanies-put-up-for-sale-on-the-dark-web/en-US
-
http://blog.en-UScipher.com/3-reasons-why-you-need-an-incident-response-planen-US.
-
https://www.en-USinfosecurity-magazine.com/news/companies-stock-value-en-USdropped-1/en-US.en-USKlebnikov's
-
https://www.comodo.com/business-en-USsecurity/email-security/breach-detection.phpen-US
-
https://www.forbes.com/sites/sergeiklebnikov/2019/11/06/companies-en-USwith-security-fails-dont-see-their-stocks-drop-as-much-according-to-en-USreport/#29da9aed62e0en-US
-
https://en-USwww.infosecurity-magazine.com/news/companies-stock-value-dropped-1/en-US
-
https://www.darkreading.com/edge/theedge/why-every-organization-en-USneeds-an-incident-response-plan/b/d-id/1335395en-US
-
https://www.infosecurity-magazine.com/en-USopinions/the-importance-of-a-cyber-incident/
-
https://www.cnbc.com/2017/09/08/massive-equifax-en-UScyberattack-triggers-class-action-lawsuit.htmlen-US.
-
https://en-USkrebsonsecurity.com/2015/08/tech-firm-ubiquiti-en-USsuffers-46m-cyberheist/en-US.
-
https://www.en-UScomodo.com/partners/mssp/en-US.
-
https://www.youtube.com/watch?v=jypwuHc3yTUen-US
-
https://digitalguardian.com/blog/building-your-en-USincident-response-team-key-roles-and-responsibilitiesen-US
-
https://www.sans.org/en-USreading-room/whitepapers/incident/computer-incident-response-team-641
-
https://en-USsecurelist.com/spam-and-phishing-in-q2-2019/92379/en-US.
-
https://victorops.com/en-USblog/top-incident-management-kpis-to-monitoren-US.en-US
-
https://www.en-USatlassian.com/incident-management/kpisen-US.en-US
-
https://resources.en-USinfosecinstitute.com/the-phishing-response-playbook/en-US.en-US
-
https://cybeready.com/assessing-your-phishing-risks-what-en-USmetrics-should-you-rely-onen-US.en-US
-
https://en-UScofense.com/use-metrics-measure-improve-effectiveness-security-en-USawareness/en-US.
-
https://www.misp-project.org/en-US.en-GBTheHiveen-USTheHiveen-US
-
https://thehive-project.org/en-US.en-GBApache
-
https://metron.apache.org/en-US.en-GBOwlHen-USOwlHen-US
-
https://www.owlh.net/en-US.en-USOf
-
https://www.en-USenisa.europa.eu/publications/incident-reporting-for-cloud-computing/en-USat_download/fullReport
-
https://cybersecurity.att.com/resource-center/infographics/putting-en-USthe-ooda-loop-into-your-incident-response-processen-US
-
https://resources.infosecinstitute.com/en-USooda-and-cybersecurity/en-US
-
https://en-USwww.lyonscg.com/2019/01/03/digital-incident-response/en-US
-
https://en-UScybersecurity.att.com/resource-center/ebook/insider-guide-to-en-USincident-response/incident-response-process-and-proceduresen-US
-
https://www.varonis.com/blog/en-USwhat-is-siem/en-US
-
https://www.netadmintools.com/en-USnetflow-analyzer-and-collectors
-
https://nvlpubs.nist.gov/nistpubs/en-USSpecialPublications/NIST.SP.800-61r2.pdfen-US
-
https://www.fireeye.com/blog/products-and-services/2020/12/en-USfireeye-shares-details-of-recent-cyber-attack-actions-to-protect-communi
-
http://www.paypal.com
-
https://www.en-USsnort.org/en-US.en-USA
-
https://github.com/VirusTotal/yaraen-US.en-USen-USto
-
https://doc.keepnetlabs.com/technical-en-USguide/api-guide/rest-api-for-incident-responder-ir-en-USoperationen-US.
-
https://nvlpubs.nist.gov/en-USnistpubs/SpecialPublications/NIST.SP.800-61r2.pdfen-US
-
http://blog.en-UStalosintelligence.com/2017/09/brazilbanking.htmlen-US
-
http://techgenix.com/en-USincident-response-phishing-attacks/en-US
-
https://www.paladion.net/blogs/en-USanti-phishing-incident-response
-
https://www.en-USerdalozkaya.com/netstat-for-security-professionals/en-US.
-
https://github.com/gentilkiwi/mimikatzen-US
-
https://github.com/504ensicsLabs/LiMEen-UScd
-
https://github.com/volatilityfoundation/volatilityen-UScd
-
http://en-USUbuntu160403-040400-89.zip
-
http://vol.py
-
https://en-USwinpmem.velocidex.com/en-US.
-
https://en-USbelkasoft.com/ecen-US
-
https://clonezilla.org/en-US
-
https://docs.microsoft.com/en-us/microsoft-365/en-USsecurity/office-365-security/office-365-tien-US.en-GBGoogle
-
https://support.google.com/a/answer/7575955?hl=enen-US.
-
https://doc.keepnetlabs.com/en-UStechnical-guide/phishing-incident-responder/how-does-investigation-en-USmechanism-worken-US.en-USen-USAshman's
-
https://www.cyberbit.com/blog/security-operations/top-en-US5-open-source-incident-response-automation-tools/en-US.
-
https://docs.microsoft.com/en-USen-us/microsoft-365/security/office-365-security/en-USinvestigate-malicious-email-that-was-delivereden-US.en-USThis
-
https://docs.microsoft.com/en-us/microsoft-365/en-USsecurity/office-365-security/investigate-malicious-en-USemail-that-was-delivereden-US.
-
https://support.google.com/a/answer/7587832?hl=en&ref_en-UStopic=7563358en-US.en-GBKeepnet
-
https://en-USdoc.keepnetlabs.com/technical-guide/phishing-incident-en-USresponder/analysing-suspicious-emails/starting-a-en-USmanual-incident-investigationen-US.
-
https://blog.logsign.com/security-orchestration-en-USautomation-and-response-soar-description-and-en-USfunctional-components-part-1/en-US
-
https://docs.microsoft.com/en-us/en-USmicrosoft-365/security/office-365-security/automated-en-USinvestigation-response-office?view=o365-worldwideen-US.en-USThe
-
https://docs.microsoft.com/en-us/microsoft-365/en-USsecurity/office-365-security/air-view-investigation-en-USresults?view=o365-worldwideen-US.
-
https://support.en-USgoogle.com/a/answer/9275024?hl=enen-US.en-GBKIR
-
https://dashboard.keepnetlabs.com/Modules/User/Login.en-USaspx?returnurl=/Modules/Default.aspxen-US.en-USTo
-
https://doc.keepnetlabs.com/en-UStechnical-guide/phishing-incident-responder/analysing-en-USsuspicious-emails/incident-investigation-playbooken-US.
-
https://en-USdocs.microsoft.com/en-us/microsoft-365/security/office-365-security/en-USthreat-explorer?view=o365-worldwideen-US
-
https://doc.keepnetlabs.com/en-UStechnical-guide/phishing-incident-responderen-US
-
https://www.comodo.com/secure-email-gateway/en-US
-
https://www.erdalozkaya.com/incident-en-USresponse-and-management/
-
https://blog.malwarebytes.com/101/2018/12/something-else-phishy-en-USdetect-phishing-attempts-mobile/en-US
-
http://Outlook.com
-
https://docs.microsoft.com/en-us/en-USmicrosoft-365/security/office-365-security/enable-the-report-message-add
-
https://support.google.com/mail/en-USanswer/8253?hl=enen-US
-
https://en-USdoc.keepnetlabs.com/technical-guide/phishing-reporter-add-in/generating-
-
https://www.surfwatchlabs.com/en-US:
-
https://misp-project.org/feeds/en-US
-
http://Anomali.com
-
https://www.anomali.com/en-USblog/introduction-to-manual-ioc-management-for-threat-intelligenceen-US
-
https://venngage.com/en-USblog/incident-report/en-US
-
https://securelist.com/incident-en-USresponse-analytics-report-2018/92732/en-US
-
https://www.en-USvaultintel.com/blog/10-essential-elements-of-an-incident-reporten-US
-
https://doc.keepnetlabs.com/en-USTo
-
https://static.packt-cdn.com/en-USdownloads/9781800569218_08_Information_Security_en-USIncident_Report_Form.pdfen-US.
-
https://www.cisecurity.org/spotlight/en-UScybersecurity-spotlight-defense-in-depth-did/en-US
-
https://books.en-USnowsecure.com/mobile-incident-response/en/overview/ir-en-USprocess.htmlen-US.
-
https://csrc.nist.gov/publications/detail/sp/800-86/en-USfinalen-US.
-
https://docs.microsoft.com/en-us/en-USsysinternals/en-US.
-
https://docs.microsoft.com/en-us/azure/security-en-UScenter/security-center-just-in-timeen-US
-
https://en-USazure.microsoft.com/en-gb/blog/microsoft-incident-response-and-shared-en-USresponsibility-for-cloud-computing/en-US.en-USInformation
-
https://azure.microsoft.com/en-gb/blog/en-USintroducing-microsoft-azure-sentinel-intelligent-security-analytics-for-
-
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.en-USSP.800-61r2.pdfasen-US
-
https://aws.amazon.com/blogs/security/introducing-the-aws-security-en-USincident-response-whitepaper/en-US.
-
https://cloud.google.com/en-USsecurity/incident-responseen-US.en-USThere
-
https://www.en-USfireeye.com/mandiant/incident-response.htmlen-US.en-US
-
https://www.truesec.com/incident/#workflowen-US.en-USThere
-
https://searchmobilecomputing.techtarget.com/tip/How-to-develop-a-en-USmobile-incident-response-planen-US
-
https://resources.en-USinfosecinstitute.com/topic/mobile-forensics-process-steps-types/en-US
-
https://www.sandflysecurity.com/blog/compromised-linux-cheat-en-USsheet/en-US
-
https://docs.huihoo.com/linux/linux-security-admin-guide/en-USSecurityAdminGuide-14.htmlen-US
-
https://sectechno.com/tuxresponse-en-USlinux-incident-response/
-
http://en-USwww.ponemon.org/news-updates/blog/security/the-cost-of-malware-containme
-
https://misp-project.org/en-US.
-
https://www.metadefender.com/threat-intelligence-feedsen-US.en-GBFraudGuard
-
https://github.com/hslatman/awesome-threat-en-USintelligenceen-US.
-
https://ransomwaretracker.cheena.net/en-US.
-
https://us-cert.cisa.gov/aisen-US.en-GBVirusTotalen-USThis
-
https://www.virustotal.com/en-US
-
https://talosintelligence.com/en-US.en-GBThe
-
http://en-USwww.ponemon.org/en-USnews-updates/blog/security/the-cost-of-malware-containment.htmlen-US
-
https://www.firstlinepractitioners.com/practice/cyber-threat-en-USintelligence-sharing-platforms-mispen-US
-
https://www.microsoft.com/security/blog/2017/06/27/new-ransomware-en-USold-techniques-petya-adds-worm-capabilities/en-US
-
https://digital-en-USforensics.sans.org/summit-archives/DFIR_Summit/Open-Source-Threat-en-USIntelligence-Kyle-Maxwell.pdf
-
https://en-USattack.mitre.org/matrices/enterprise/cloud/#en-US.
-
https://www.virustotal.com/gui/en-USen-USdetails
-
http://aws.amazon.com
-
https://github.com/en-USdanielmiessler/SecLists/tree/master/Discovery/DNSen-US.en-USIf
-
https://docs.aws.amazon.com/general/latest/gr/aws-en-USip-ranges.htmlen-US
-
https://www.microsoft.com/en-au/download/en-USdetails.aspx?id=56519en-USIf
-
https://www.onelogin.com/blog/may-31-en-US2017-security-incidenten-US
-
https://www.computer.org/publications/tech-news/en-USresearch/bolt-cloud-computing-attack-test-systemen-US.
-
https://www.sans.org/reading-room/en-USwhitepapers/incident/incident-handlers-handbook-33901en-US
-
https://blog.en-UStrendmicro.com/pdating-incident-response-for-the-cloud/en-US
-
https://www.okta.com/blog/2018/04/en-USincident-response-in-the-cloud/en-US
-
https://media.defense.gov/2020/en-USJan/22/2002237484/-1/-1/0/CSI-MITIGATING-CLOUD-en-USVULNERABILITIES_20200121.PDFen-US
-
https://www.extrahop.com/company/en-USblog/2020/insecure-apis-cloud-computing-cause-solutions/en-US
-
https://www.kaspersky.com/blog/en-USbillion-dollar-apt-carbanak/7519/en-US
-
https://www.techopedia.com/en-USdefinition/10339/three-way-handshakeen-US.
-
https://mdr.comodo.com/managed-soc.phpen-US
-
https://www.thalesgroup.com/en/soc-serviceen-US
-
https://cybersecurity.att.com/solutions/security-operations-en-UScenteren-US
-
https://atos.net/en/solutions/cyber-security/managed-security-en-USservices/soc-security-operation-centeren-USBesides
-
https://attack.mitre.org/en-US,
-
https://mitre-attack.github.io/en-USattack-navigator/en-US.
-
https://attack.mitre.org/en-US
-
https://en-USdeloitte.wsj.com/cio/2014/09/22/an-introduction-to-cyber-war-games/en-US
-
https://en-USdigitalguardian.com/blog/what-does-cyber-threat-hunter-doen-US
-
https://www.sans.org/reading-room/en-USwhitepapers/threathunting/paper/38710en-US
-
https://www.en-USpacketlabs.net/mitre-attack/
-
https://nvlpubs.nist.gov/en-USnistpubs/Legacy/SP/nistspecialpublication800-86.pdfen-US
-
https://nvlpubs.nist.gov/en-USnistpubs/SpecialPublications/NIST.SP.800-61r2.pdfen-US.
-
https://www.en-USexabeam.com/incident-response/improve-your-2018-incident-response-en-USplan-with-the-latest-best-practices/en-US
-
https://en-USwww.networkworld.com/article/3116011/best-practices-for-incident-en-USresponse-in-the-age-of-cloud.htmlen-US
-
https://medium.com/fyipe/en-USincident-response-best-practices-1093cdcf4b47en-US
-
https://eccitsolutions.com/7-best-practices-creating-using-en-USincident-response-plan/en-US
-
http://en-USwww.incidentresponse.com
-
https://databreachcalculator.en-USmybluemix.net/en-US.
-
https://en-USwww.microsoft.com/en-GB/download/details.aspx?id=48217en-US.en-USYou
-
https://www.keepnetlabs.com/incident-responder/en-US.
-
https://www.en-USkeepnetlabs.com/phishing-outlook-add-in/en-US.
-
http://en-USscrippharmang.com/dt93499/DOC-0450-405065-40.exeen-US:en-USFigure
-
http://alfahdsteel.com
-
https://binalyze.com/en-USproducts/irecen-US.en-USOnce
-
https://en-USwww.virustotal.com/gui/en-US
-
http://bit.ly/run-irec
-
https://attack.en-USmitre.org/en-US
-
https://en-UScsrc.nist.gov/publications/detail/sp/800-184/finalen-US
-
https://nvlpubs.en-USnist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdfen-US
-
https://info.microsoft.com/rs/157-GQE-382/en-USimages/EN-US-CNTNT-emergency-doc-digital.pdf
-
https://aka.ms/en-USsecurityrolesen-USI
-
https://aka.ms/SecurityBestPracticesen-US
-
https://aka.ms/IRRGen-US.en-USContinuous
-
https://csrc.en-USnist.gov/publications/detail/sp/800-61/rev-2/finalen-US.
-
https://www.networkworld.com/article/3116011/best-practices-for-en-USincident-response-in-the-age-of-cloud.htmlen-US
-
http://www.en-USenisa.europa.eu/en-US
-
https://docs.microsoft.com/en-us/en-USmicrosoft-365/security/office-365-security/threat-explorer?view=o365-en-USworldwideen-US
-
http://en-USeps1.3_da3m0ns.mp
-
https://en-USdocs.microsoft.com/en-us/azure/active-directory/fundamentals/concept-en-USfundamentals-block-legacy-authenticationen-US.en-GBWhat
-
https://www.en-USmicrosoft.com/security/blog/2018/06/14/building-zero-trust-networks-with
-
https://docs.microsoft.com/en-USen-us/microsoft-365/admin/security-and-compliance/set-up-multi-factor-en-USauthentication?view=o365-worldwideen-US.en-USWhat
-
https://docs.microsoft.com/en-us/mem/intune/protect/device-compliance-ge
-
https://docs.microsoft.com/en-us/mem/intune/en-USuser-help/you-need-to-turn-off-unknown-sources-androiden-US.en-USen-USnext
-
https://docs.microsoft.com/en-en-USus/azure/active-directory/conditional-access/app-protection-based-en-USconditional-accessen-US.en-US
-
https://docs.microsoft.com/en-us/mem/intune/enrollment/device-en-USenrollmenten-US.en-US
-
https://docs.en-USmicrosoft.com/en-us/mem/intune/apps/app-protection-en-USpolicy
-
https://docs.microsoft.com/en-us/mem/intune/configuration/device-en-USrestrictions-androiden-US.en-USIn
-
https://docs.microsoft.com/en-us/mem/intune/en-USconfiguration/device-restrictions-windows-10en-US.en-USen-USdevice
-
https://docs.en-USmicrosoft.com/en-us/azure/active-directory/devices/overviewen-US.en-USWe
-
https://docs.microsoft.com/en-us/mem/configmgr/comanage/en-USoverviewen-US.en-USWhen
-
https://docs.microsoft.com/en-us/windows/security/en-USinformation-protection/bitlocker/bitlocker-overviewen-US:en-US
-
https://docs.microsoft.com/en-us/mem/intune/protect/compliance-en-USpolicy-create-androiden-US
-
https://docs.microsoft.com/en-us/mem/intune/en-USprotect/compliance-policy-create-iosen-US
-
https://docs.microsoft.com/en-us/windows/en-USdeployment/update/waas-manage-updates-wufben-US
-
https://docs.microsoft.com/en-us/mem/intune/protect/endpoint-securityen-US.en-USOne
-
https://microsoftintune.uservoice.com/forums/291681-en-USideasen-US.en-GBen-GBincident
-
https://en-USnvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.en-USSP.800-61r2.pdfen-US.
-
https://en-UScybersecurity.att.com/blogs/security-essentials/en-USincident-response-steps-comparison-guideen-US.
-
https://en-USdiscoveredintelligence.ca/introducing-aura-asset-en-USintelligence/en-US.en-USFor
-
https://www.balbix.com/solutions/it-asset-en-USdiscovery-inventory-management/en-US.
-
https://nvlpubs.nist.gov/nistpubs/en-USSpecialPublications/NIST.SP.800-61r2.pdfen-US.
-
https://www.esecurityplanet.com/products/top-en-USintrusion-detection-prevention-systems.htmlen-US.
-
https://docs.splunk.com/Documentation/ES/6.1.1/Admin/en-USMLTKsearchesen-US.
-
https://en-USwww.secureaplus.com/features/artificial-en-USintelligence/?_ga=2.45683876.1219726983.1591537412-en-US1161655713.1591537412en-US.
-
http://en-USen-USen-USPassHashes.ps
-
https://github.com/brav0hax/smbexecen-US
-
https://github.com/PowerShellEmpire/PowerTools/en-UStree/master/PowerViewen-US
-
https://windows-internals.com/en-USprintdemon-cve-2020-1048/en-US
-
https://www.amazon.com/en-USdp/1800569211
- Show all
-