±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 3 Overall: 32784
New Yesterday: 6 Visitors: 148

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

RSS Feed Widget

±Latest Webinars

[Free ebook] How to Investigate Like a Rockstar

Computer forensics training and education issues. If you are looking for topic suggestions for your project, thesis or dissertation please post here rather than the general discussion forum.
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
 
  

[Free ebook] How to Investigate Like a Rockstar

Post Posted: Fri Aug 18, 2017 9:04 am

Hi,

I would like to share with you a book that might help you on forensic and incident response engagements.
It describes in detail a security incident inspired by real life events, from the first doubtful call made by a bank to the height of tension caused by preliminary forensic analysis.

Together, we explore :
- Memory analysis
- Perfect disk copy
- Threat hunting on a Mainframe
- Data carving

We also share the insights of real crisis management: how to steer people in the right direction, what are the crucial reflexes of a first responder, what to say and do in the first minutes of a security incident, and how to address the inevitable challenge of security versus business continuity.

You will mostly find Windows stuff but the story kicks off with an infected Mainframe, so get ready to be blown away!
You can get a copy here (free for today) :
http://amzn.to/2i8cY0S




Hope you enjoy it!

Sparc F.  

sparcflow
Newbie
 
 
  

Re: [Free ebook] How to Investigate Like a Rockstar

Post Posted: Fri Aug 18, 2017 7:52 pm

Are Rock Stars good forensics investigators? Rolling Eyes

(porn stars are known to be good at hacking, of course)

jaclaz
_________________
- In theory there is no difference between theory and practice, but in practice there is. - 

jaclaz
Senior Member
 
 
  

Re: [Free ebook] How to Investigate Like a Rockstar

Post Posted: Sat Aug 19, 2017 9:21 am

Stopped reading the page at "Kindle".

A rockstar is someone who usually think they are special, but most are not. I've meet many "rockstars" who think they are the centre of the universe because they know products X, Y, Z which they love to namedrop to look cool in the eyes of mediocre people or management. A better word for these people would be Tier-1 SIEM-Monkey.

I've only met a few that do qualify as genuine rockstars because their knowledge isn't based upon products, but have real life analytical skills and problem solving skills. Products come and go, but knowledge and intuition stays.  

MDCR
Senior Member
 
 
  

Re: [Free ebook] How to Investigate Like a Rockstar

Post Posted: Sat Aug 19, 2017 9:35 am

Could not agree more. that's why I titled it rockstar instead of "Tier-1 SIEM-Monkey".
More importantly...it's just a damn title. Rockstar, superstar, pornstar...who cares, it is just another marketing scheme to capture the attention of the reader while scrolling through thousands of titles on Amazon. And it works.
But once you look past the title, and actually read the content, you will find no mention of the work "rockstar", no mention of any SIEM product or any other bullshit stuff, just good anecdotes about incident response inspired by some of my engagements a few good tips for analysts Wink

Cheers,  

sparcflow
Newbie
 
 
  

Re: [Free ebook] How to Investigate Like a Rockstar

Post Posted: Sat Aug 19, 2017 1:06 pm

- sparcflow
And it works.

... most probably to catch everyone's attention BUT that of actual digital forensic investigators ...

jaclaz
_________________
- In theory there is no difference between theory and practice, but in practice there is. - 

jaclaz
Senior Member
 
 
  

Re: [Free ebook] How to Investigate Like a Rockstar

Post Posted: Sat Aug 19, 2017 2:29 pm

haha well we are having this discussion so... Very Happy
Yeah true, one needs more than a title to make it truly work in the long run.
BTW, the free promotion is over by now but if anyone needs a free copy, shoot me a DM (here or on twitter) and i'll happily oblige.

Cheers,  

sparcflow
Newbie
 
 
  

Re: [Free ebook] How to Investigate Like a Rockstar

Post Posted: Sat Aug 19, 2017 3:04 pm

- sparcflow
haha well we are having this discussion so... Very Happy
Yeah true, one needs more than a title to make it truly work in the long run.

I was thinking more about the psychological effect of "real" paper books, you know, you go to - say - a lawyer (or a digital forensic expert) and you are put some ten or fifteen minutes in a waiting room where a library is (usually with legal books) when you spot that title ...

jaclaz
_________________
- In theory there is no difference between theory and practice, but in practice there is. - 

jaclaz
Senior Member
 
 

Page 1 of 1