[Free ebook] How to...
 
Notifications
Clear all

[Free ebook] How to Investigate Like a Rockstar

7 Posts
3 Users
0 Likes
1,841 Views
(@sparcflow)
Posts: 3
New Member
Topic starter
 

Hi,

I would like to share with you a book that might help you on forensic and incident response engagements.
It describes in detail a security incident inspired by real life events, from the first doubtful call made by a bank to the height of tension caused by preliminary forensic analysis.

Together, we explore
- Memory analysis
- Perfect disk copy
- Threat hunting on a Mainframe
- Data carving

We also share the insights of real crisis management how to steer people in the right direction, what are the crucial reflexes of a first responder, what to say and do in the first minutes of a security incident, and how to address the inevitable challenge of security versus business continuity.

You will mostly find Windows stuff but the story kicks off with an infected Mainframe, so get ready to be blown away!
You can get a copy here (free for today)
http//amzn.to/2i8cY0S

Hope you enjoy it!

Sparc F.

 
Posted : 18/08/2017 3:04 pm
jaclaz
(@jaclaz)
Posts: 5133
Illustrious Member
 

Are Rock Stars good forensics investigators? roll

(porn stars are known to be good at hacking, of course)

jaclaz

 
Posted : 19/08/2017 1:52 am
MDCR
 MDCR
(@mdcr)
Posts: 376
Reputable Member
 

Stopped reading the page at "Kindle".

A rockstar is someone who usually think they are special, but most are not. I've meet many "rockstars" who think they are the centre of the universe because they know products X, Y, Z which they love to namedrop to look cool in the eyes of mediocre people or management. A better word for these people would be Tier-1 SIEM-Monkey.

I've only met a few that do qualify as genuine rockstars because their knowledge isn't based upon products, but have real life analytical skills and problem solving skills. Products come and go, but knowledge and intuition stays.

 
Posted : 19/08/2017 3:21 pm
(@sparcflow)
Posts: 3
New Member
Topic starter
 

Could not agree more. that's why I titled it rockstar instead of "Tier-1 SIEM-Monkey".
More importantly…it's just a damn title. Rockstar, superstar, pornstar…who cares, it is just another marketing scheme to capture the attention of the reader while scrolling through thousands of titles on Amazon. And it works.
But once you look past the title, and actually read the content, you will find no mention of the work "rockstar", no mention of any SIEM product or any other bullshit stuff, just good anecdotes about incident response inspired by some of my engagements a few good tips for analysts 😉

Cheers,

 
Posted : 19/08/2017 3:35 pm
jaclaz
(@jaclaz)
Posts: 5133
Illustrious Member
 

And it works.

… most probably to catch everyone's attention BUT that of actual digital forensic investigators …

jaclaz

 
Posted : 19/08/2017 7:06 pm
(@sparcflow)
Posts: 3
New Member
Topic starter
 

haha well we are having this discussion so… D
Yeah true, one needs more than a title to make it truly work in the long run.
BTW, the free promotion is over by now but if anyone needs a free copy, shoot me a DM (here or on twitter) and i'll happily oblige.

Cheers,

 
Posted : 19/08/2017 8:29 pm
jaclaz
(@jaclaz)
Posts: 5133
Illustrious Member
 

haha well we are having this discussion so… D
Yeah true, one needs more than a title to make it truly work in the long run.

I was thinking more about the psychological effect of "real" paper books, you know, you go to - say - a lawyer (or a digital forensic expert) and you are put some ten or fifteen minutes in a waiting room where a library is (usually with legal books) when you spot that title …

jaclaz

 
Posted : 19/08/2017 9:04 pm
Share: