Have a personal or library account? Click to login
Effective Threat Investigation for SOC Analysts: The ultimate guide to examining various threats and attacker techniques using security logs Cover

Effective Threat Investigation for SOC Analysts: The ultimate guide to examining various threats and attacker techniques using security logs

Chapter in the book
Effective Threat Investigation for SOC Analysts
Publisher:Packt Publishing Limited
By:
Paid access
|Sep 2023
Table of contents

Table of Contents

  1. Investigating Email Threats
  2. Email Flow and Header Analysis
  3. Introduction to Windows Event Logs
  4. Tracking Accounts Login and Management
  5. Investigating Suspicious Process Execution Using Windows Event Logs
  6. Investigating PowerShell Event Logs
  7. Investigating Persistence and Lateral Movement Using Windows Event Logs
  8. Network Firewall Logs Analysis
  9. Investigating Cyber Threats by Using the Firewall Logs
  10. Web Proxy Logs Analysis
  11. Investigating Suspicious Outbound Communications (C&C Communications) by Using Proxy Logs
  12. Investigating External Threats
  13. Investigating Network Flows and Security Solutions Alerts
  14. Threat Intelligence in a SOC Analyst's Day
  15. Malware Sandboxing – Building a Malware Sandbox

PDF preview is not available for this content.

PDF ISBN: 978-1-83763-875-8
Publisher: Packt Publishing Limited
Copyright owner: © 2023 Packt Publishing Limited
Publication date: 2023
Language: English
Pages: 314
Related subjects:
Computer sciences,
Computer sciences, other
Effective Threat Investigation for SOC Analysts