Save on pre-loved laptops

Customers who viewed this item also viewed

  1. Incident Response & Computer Forensics, Third Edition
    Incident Response & Computer Forensics, Third Edition
    4.7215
    $29.14
  2. Digital Forensics and Incident Response: Incident response tools and techniques for effective cyber threat response
    Digital Forensics and Incident Response: Incident response tools and techniques for effective cyber threat response
    4.541
    $52.99
  3. Blue Team Field Manual (BTFM) (Field Manual Series)
    Blue Team Field Manual (BTFM) (Field Manual Series)
    4.72,010
    $14.99
Enjoy fast, free delivery, exclusive deals, and award-winning movies & TV shows.
Buy new:
-16% $39.71
FREE delivery Friday, November 7
Ships from: Amazon.com
Sold by: Amazon.com
Kindle app logo image

Download the free Kindle app and start reading Kindle books instantly on your smartphone, tablet, or computer - no Kindle device required.

Read instantly on your browser with Kindle for Web.

Using your mobile phone camera - scan the code below and download the Kindle app.

QR code to download the Kindle App

Follow the author

Steve Anson
Follow
Something went wrong. Please try your request again later.

Applied Incident Response 1st Edition

by Steve Anson (Author)
{"desktop_buybox_group_1":[{"displayPrice":"$39.71","priceAmount":39.71,"currencySymbol":"$","integerValue":"39","decimalSeparator":".","fractionalValue":"71","symbolPosition":"left","hasSpace":false,"showFractionalPartIfEmpty":true,"offerListingId":"7l0iZnOiYvpXMYwUODnmGQT%2BJhU1X5RML7MqG5w4EfUq%2BqxaMLtR%2FobMme5MUSYoilTbg8D8sG7RceochvjI%2B2q%2BMRgB%2BMEvJOG9bgfd4LZogsi1Ozm7880FZ7WmNSSkwbcRNLtw2xLPi8XhbFhbww%3D%3D","locale":"en-US","buyingOptionType":"NEW","aapiBuyingOptionIndex":0}, {"displayPrice":"$27.00","priceAmount":27.00,"currencySymbol":"$","integerValue":"27","decimalSeparator":".","fractionalValue":"00","symbolPosition":"left","hasSpace":false,"showFractionalPartIfEmpty":true,"offerListingId":"7l0iZnOiYvpXMYwUODnmGQT%2BJhU1X5RMJv0vXepuWzDNigK%2Be7d5otOeNTaC8uJce1F9ppfdpezHNhQNTSZi7MORlgdsTjMOY0%2BpBJeDDYdA8%2FYM8j24VOYXhMR6a%2F5sUQBlIPGJXE%2BGjIJAtQ2D%2Bzeu3S0wQ2YUGXvkaNKJyMgjfpuSUCxwk%2FOzRtnZnr4g","locale":"en-US","buyingOptionType":"USED","aapiBuyingOptionIndex":1}]}

Purchase options and add-ons

Incident response is critical for the active defense of any network, and incident responders need up-to-date, immediately applicable techniques with which to engage the adversary.  Applied Incident Response details effective ways to respond to advanced attacks against local and remote network resources, providing proven response techniques and a framework through which to apply them.  As a starting point for new incident handlers, or as a technical reference for hardened IR veterans, this book details the latest techniques for responding to threats against your network, including:

  • Preparing your environment for effective incident response
  • Leveraging MITRE ATT&CK and threat intelligence for active network defense
  • Local and remote triage of systems using PowerShell, WMIC, and open-source tools
  • Acquiring RAM and disk images locally and remotely
  • Analyzing RAM with Volatility and Rekall
  • Deep-dive forensic analysis of system drives using open-source or commercial tools
  • Leveraging Security Onion and Elastic Stack for network security monitoring
  • Techniques for log analysis and aggregating high-value logs
  • Static and dynamic analysis of malware with YARA rules, FLARE VM, and Cuckoo Sandbox
  • Detecting and responding to lateral movement techniques, including pass-the-hash, pass-the-ticket, Kerberoasting, malicious use of PowerShell, and many more
  • Effective threat hunting techniques
  • Adversary emulation with Atomic Red Team
  • Improving preventive and detective controls
Read more
Previous slide of product details
  1. ISBN-10
    1119560268
  2. ISBN-13
    978-1119560265
  3. Edition
    1st
  4. Publisher
    Wiley
  5. Publication date
    January 29, 2020
  6. Language
    English
  7. Dimensions
    7.4 x 1.1 x 9.1 inches
  8. Print length
    464 pages
Next slide of product details

Frequently bought together

This item: Applied Incident Response
$36.00
In stock
Usually ships within 3 to 4 days.
Ships from and sold by Publisher Direct.
+
Digital Forensics and Incident Response: Incident response tools and techniques for effective cyber threat response
$52.99
Get it as soon as Friday, Nov 7
In Stock
Ships from and sold by Amazon.com.
+
Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber Security Incident Responder.
$23.74
Get it as soon as Wednesday, Nov 12
In Stock
Sold by CAPEPOINT LLC and ships from Amazon Fulfillment.
Total price: $00
To see our price, add these items to your cart.
Details
Added to Cart
Some of these items ship sooner than the others.
Show details Hide details
Choose items to buy together.

Frequently purchased items with fast delivery

Page 1 of 1 Start over
Previous set of slides
  1. Law Enforcement Responder: .
    Randy G. Stair
    Paperback
    $120.24
    Get it as soon as Friday, Nov 7
    FREE Shipping by Amazon
    Only 15 left in stock - order soon.
  2. The Game: A Rookie Firefighter's Manual For Success
    Renick Sampson
    Paperback
    $19.99
    Get it as soon as Friday, Nov 7
    FREE Shipping on orders over $35 shipped by Amazon
  3. Emergency Medical Responder: First on Scene
    Chris Le Baudour
    Paperback
    $139.79
    Get it Nov 6 - 10
    FREE Shipping
    Only 2 left in stock - order soon.
  5. Crisis Management and Emergency Planning
    Michael J. Fagel
    Hardcover
    $85.11
    Get it as soon as Friday, Nov 7
    FREE Shipping by Amazon
  6. Informed's NIMS Incident Command System Field Guide
    Informed
    Spiral-bound
    $19.56
    Get it Nov 10 - 14
    $3.99 shipping
    Only 1 left in stock - order soon.
Next set of slides

Customers also bought or read

Page 1 of 1Start over
Previous page
  9. PTFM: Purple Team Field Manual
    Paperback
    $14.99
    Delivery Friday
  15. Hacking: The Art of Exploitation, 2nd Edition
    Paperback
    $37.49
    FREE delivery Friday
  16. RTFM: Red Team Field Manual v2
    Paperback
    $13.99
    Delivery Friday
  22. GCIH GIAC Certified Incident Handler All-in-One Exam Guide
    Paperback
    $47.63
    FREE delivery Sat, Nov 15
  30. Cybersecurity Law
    Hardcover
    $44.00
    $3.99 delivery Tue, Nov 18
Next page
Loading...

Editorial Reviews

From the Inside Flap

DEFEND YOUR NETWORK WITH IMMEDIATELY APPLICABLE INCIDENT RESPONSE SKILLS

Incident response is critical for the active defense of any network, and incident responders need up-to-date, actionable techniques with which to engage the adversary. Applied Incident Response details effective ways to respond to advanced attacks against local and remote network resources, providing proven response methods and a framework through which to implement them. Drawing on the author's experience investigating intrusions for the FBI, US Department of Defense (DoD), and many international organizations, this authoritative book covers the core skills needed for incident handling and active network defense, including triaging systems, acquiring memory, imaging disks, collecting network data, log analysis, memory forensics, disk forensics, network security monitoring, adversary emulation, threat hunting, and more. Examples focus on free and open-source tools, but introduce commercial alternatives as well.

As a starting point for new incident handlers, or as a technical reference for hardened incident response veterans, this book details the latest techniques for responding to threats against your network, including:

  • Preparing your environment for effective incident response
  • Leveraging MITRE ATT&CK and threat intelligence for active network defense
  • Local and remote triage of systems using PowerShell, WMIC, and open-source tools
  • Acquiring RAM and disk images locally and remotely
  • Analyzing RAM with Volatility and Rekall
  • Deep-dive forensic analysis of system drives using open-source or commercial tools
  • Leveraging Security Onion and Elastic Stack for network security monitoring
  • Techniques for log analysis and aggregating high-value logs
  • Static and dynamic analysis of malware with YARA rules, FLARE VM, and Cuckoo Sandbox
  • Detecting and responding to lateral movement techniques, including pass-the-hash, pass-the-ticket, Kerberoasting, malicious use of PowerShell, and many more
  • Effective threat hunting techniques
  • Adversary emulation with Atomic Red Team
  • Improving preventive and detective controls

From the Back Cover

DEFEND YOUR NETWORK WITH IMMEDIATELY APPLICABLE INCIDENT RESPONSE SKILLS

Incident response is critical for the active defense of any network, and incident responders need up-to-date, actionable techniques with which to engage the adversary. Applied Incident Response details effective ways to respond to advanced attacks against local and remote network resources, providing proven response methods and a framework through which to implement them. Drawing on the author's experience investigating intrusions for the FBI, US Department of Defense (DoD), and many international organizations, this authoritative book covers the core skills needed for incident handling and active network defense, including triaging systems, acquiring memory, imaging disks, collecting network data, log analysis, memory forensics, disk forensics, network security monitoring, adversary emulation, threat hunting, and more. Examples focus on free and open-source tools, but introduce commercial alternatives as well.

As a starting point for new incident handlers, or as a technical reference for hardened incident response veterans, this book details the latest techniques for responding to threats against your network, including:

  • Preparing your environment for effective incident response
  • Leveraging MITRE ATT&CK and threat intelligence for active network defense
  • Local and remote triage of systems using PowerShell, WMIC, and open-source tools
  • Acquiring RAM and disk images locally and remotely
  • Analyzing RAM with Volatility and Rekall
  • Deep-dive forensic analysis of system drives using open-source or commercial tools
  • Leveraging Security Onion and Elastic Stack for network security monitoring
  • Techniques for log analysis and aggregating high-value logs
  • Static and dynamic analysis of malware with YARA rules, FLARE VM, and Cuckoo Sandbox
  • Detecting and responding to lateral movement techniques, including pass-the-hash, pass-the-ticket, Kerberoasting, malicious use of PowerShell, and many more
  • Effective threat hunting techniques
  • Adversary emulation with Atomic Red Team
  • Improving preventive and detective controls

Product details

About the author

Follow authors to get new release updates, plus improved recommendations.
Steve Anson

Steve Anson

Brief content visible, double tap to read full content.
Full content visible, double tap to read brief content.

Steve Anson is the cofounder of Informed Defense and a Principal Instructor with the SANS Institute. He has previously served as a police officer, FBI High Tech Crimes Task Force agent, Special Agent with the U.S. DoD, and an instructor with the U.S. State Department Antiterrorism Assistance Program (ATA). He has trained thousands of law enforcement officers around the world in techniques of digital forensics and investigation.

Related books

Page 1 of 1Start Over
Sponsored
Previous page
  1. Shop the Store on Amazon ›
    Property and Casualty Insurance Exam Success: 5 Full-Length Exams, 600+ Practice Questions & Detailed Answer Explanations for Guaranteed First-Attempt Success (Apex Academic Exam Success)
    Property and Casualty Insurance Exam Success: 5 Full-Length Exams, 600+ Practice Questions & Detailed Answer Explanations for Guaranteed First-Attempt Success (Apex Academic Exam Success)
    4.64.6 out of 5 stars152
    $42.60 List:$49.99
  2. Shop the Store on Amazon ›
    RBT Exam Study Cards 2025-2026: Prep and Practice Test Questions for the Registered Behavior Technician Exam [Full Color Cards]
    RBT Exam Study Cards 2025-2026: Prep and Practice Test Questions for the Registered Behavior Technician Exam [Full Color Cards]
    4.84.8 out of 5 stars9
    $34.99 List:$40.99
  3. Shop the Store on Amazon ›
    OAR Study Guide: 500+ Practice Questions and Officer Aptitude Rating Test Prep [5th Edition]
    OAR Study Guide: 500+ Practice Questions and Officer Aptitude Rating Test Prep [5th Edition]
    4.24.2 out of 5 stars17
    $43.99
  4. Shop the Store on Amazon ›
    Federal Rules of Evidence, 2025 Edition: With Internal Cross-References, Advisory Committee Notes and Landmark Cases Supplement. Includes Recent Amendments and Practical Exercises
    Federal Rules of Evidence, 2025 Edition: With Internal Cross-References, Advisory Committee Notes and Landmark Cases Supplement. Includes Recent Amendments and Practical Exercises
    4.34.3 out of 5 stars83
    $19.99
  5. Shop the Store on Amazon ›
    Intellectual Property In the Digital Age [Edition 2024]: A Practical Guide on Patents, Trademarks, Copyrights, and Protecting Confidential Information [AI Insight Bonus]
    Intellectual Property In the Digital Age [Edition 2024]: A Practical Guide on Patents, Trademarks, Copyrights, and Protecting Confidential Information [AI Insight Bonus]
    4.74.7 out of 5 stars23
    $49.97
Next page

Customer reviews

4.7 out of 5 stars
222 global ratings

Customers say

Customers find the book's content thorough, with one review highlighting its detailed links to tools. They appreciate its effectiveness, with one customer noting it's useful in difficult situations.

Select to learn more

Content qualityEffectiveness
7 customers mention "Content quality"6 positive1 negative

Customers find the content of the book thorough, with one customer highlighting its detailed links to tools and another noting how it solidifies understanding of monitoring techniques.

"...The coverage is comprehensive, thorough, and covers many of the latest "cutting edge" DFIR techniques...." Read more

"...I’m so glad I decided to purchase it! This book is very thorough and you will be a better security professional after reading this...." Read more

"Probably the best incident response book written! Well written, lots of details. Great book!" Read more

"Overall excellent content on DFIR. A great updated supplement to the Incident Response & Computer Forensics series...." Read more

4 customers mention "Effectiveness"4 positive0 negative

Customers find the book effective, with one mentioning it provides useful techniques for handling difficult situations, while another notes it serves as a great updated supplement to the Incident Response guide.

"A must have, time tested and useful in difficult situations. Of course, if you get where I’m going with that comment...." Read more

"Overall excellent content on DFIR. A great updated supplement to the Incident Response & Computer Forensics series...." Read more

"Very good book. Has some great ideas and techniques for dealing with situations." Read more

"Great Read for Incident Response..." Read more

Very good ir book, but terrible print quality.
4 out of 5 stars
Very good ir book, but terrible print quality.
Some pages stick together.(look atrachment)
Hide
Thank you for your feedback
Sorry, there was an error
Sorry we couldn't load the review

Top reviews from the United States

  • Avid Reader
    5.0 out of 5 stars Fantastic DFIR Resource!
    Reviewed in the United States on March 17, 2020
    Format: KindleVerified Purchase
    This book is a bit of an anomaly. Ever since I purchased "Mastering Windows Network Forensics and Investigation" (1st and 2nd editions) years ago, I've been curious as to why the author hadn't published anything further. I was excited to see this book announced and even more so, after having read it, to learn that my anticipation was not in vain. This book is the most valuable book on DFIR that I've ever found. The coverage is comprehensive, thorough, and covers many of the latest "cutting edge" DFIR techniques. With that said, this book is an anomaly in that it is so very valuable but seems to be, as of yet, still widely unknown to the cybersecurity community. I would encourage anyone in (or even interested in) the cybersecurity field to purchase this book and study it thoroughly. Personally, this book is easily near the top of my list of favorites and I will be amazed if it doesn't hold it's title as the most valuable cybersecurity book that I've read this year.
    10 people found this helpful
    Helpful
     Report
  • John N. Calve
    5.0 out of 5 stars Can't say enough good things about this book.
    Reviewed in the United States on June 4, 2020
    Format: PaperbackVerified Purchase
    I have being performing assessments at a Federal Agency for about 4 years, time for a change. So I order Applied Incident Response and have read about 5 chapters and have been very happy with the book The author is clearly knowledgeable, an "expert" in the subject matter, but many expert write poorly. Steve Anson writes with great clarity which makes reading/learning a pleasure. Additionally, the book is filled with detailed links to tools, articles, books ... to supplement the book. The examples of tools, e.g., Security Onion, the corresponding screenshots and text are perfectly in sync and easy to follow. Great technical content and the book is a pleasure to read.
    6 people found this helpful
    Helpful
     Report
  • Steph
    5.0 out of 5 stars Great Read for Incident Response
    Reviewed in the United States on April 29, 2020
    Format: PaperbackVerified Purchase
    I’m currently enrolled in SANS504 and was looking for some material to supplement my course. I was a little hesitant to purchase this book with it being recently published and not having a ton of reviews. I’m so glad I decided to purchase it! This book is very thorough and you will be a better security professional after reading this. The content of this book is outstanding and complements that SANS material quite nicely. Highly recommended!
    5 people found this helpful
    Helpful
     Report
  • Amazon Customer
    4.0 out of 5 stars Bit damaged upon arrival
    Reviewed in the United States on July 14, 2020
    Format: PaperbackVerified Purchase
    So I haven't had the chance to read it yet (heard really good things about this book!) but the book came somewhat damaged on the front cover. there are some scratches around the cover of the book and appears a bit bent between a bit the "E" in Incident and "N" in response. Still OK that it came in one piece haha.
    Helpful
     Report
  • Porky
    5.0 out of 5 stars My go to refferance guide for the IHT.
    Reviewed in the United States on August 23, 2022
    Format: PaperbackVerified Purchase
    A must have, time tested and useful in difficult situations. Of course, if you get where I’m going with that comment. Simplified, even the Exec’s understand it and that’s a huge win when budget season comes.
    Helpful
     Report
  • Kyle G
    5.0 out of 5 stars Comprehensive, Updated Book on DFIR
    Reviewed in the United States on March 12, 2020
    Format: PaperbackVerified Purchase
    Overall excellent content on DFIR. A great updated supplement to the Incident Response & Computer Forensics series. I particularly enjoyed the Lateral Movement section as it really solidified my understanding in how to monitor, hunt and investigate common techniques of pivoting within a network.
    3 people found this helpful
    Helpful
     Report
  • Amazon Customer
    3.0 out of 5 stars Bought Paperback New...yet came with binding damages.
    Reviewed in the United States on August 10, 2021
    Format: PaperbackVerified Purchase
    The inside of the book is brand new but I'm not exactly happy with the quality of the cover. I purchased a book brand new and with Amazon's new packaging, I don't think shipping books out in this helps to my review. I'm disappointed that I paid for a new book yet it came with binding damages...
    Customer image
    Amazon Customer
    3.0 out of 5 stars
    Bought Paperback New...yet came with binding damages.

    Reviewed in the United States on August 10, 2021
    The inside of the book is brand new but I'm not exactly happy with the quality of the cover. I purchased a book brand new and with Amazon's new packaging, I don't think shipping books out in this helps to my review. I'm disappointed that I paid for a new book yet it came with binding damages...
    Images in this review
    Customer imageCustomer imageCustomer image
    One person found this helpful
    Helpful
     Report
  • Poster child
    5.0 out of 5 stars Great book
    Reviewed in the United States on November 3, 2022
    Format: PaperbackVerified Purchase
    Definitely worth getting
    Helpful
     Report

Top reviews from other countries

  • Amazon Customer
    1.0 out of 5 stars Terrible print quality
    Reviewed in the United Kingdom on July 25, 2020
    Format: PaperbackVerified Purchase
    Haven’t read as the print quality is terrible. Pages are stuck together and it’s impossible to read it without destroying the book.
    Report
  • Vlad Andrei
    5.0 out of 5 stars Good material
    Reviewed in Germany on January 11, 2021
    Format: PaperbackVerified Purchase
    This book covers a lot of topics and touches the most important parts. The topics are presented clearly and in a concise manner and it's a great addition to people studying forensics / incident response.
    Report