Episode 3 - NIST SP 800-61 Computer Security Incident Handling Guide (Detection)

Update: 2024-05-28

Description

In this 45 minute episode Clint covers a lot of ground based on the Detection phase of NIST 800-61.

Attack vectors for digital security incidents, including insider threats and weaponized USBs.
Cybersecurity incident response and detection, including NIST guidelines and Sysmon logging augmentation
The importance of following temporal linearity in Forensic Investigations, expanding analysis to 5-10 minutes prior to and after events, particularly in Internet History and Memory Dumps
Building a baseline of activity through network pcaps and log analysis
Why synchronised clocks are important?
How detailed notes help in your investigations

Comments

Top Podcasts

The Best New Comedy Podcast Right Now – June 2024 The Best News Podcast Right Now – June 2024 The Best New Business Podcast Right Now – June 2024 The Best New Sports Podcast Right Now – June 2024 The Best New True Crime Podcast Right Now – June 2024 The Best New Joe Rogan Experience Podcast Right Now – June 20 The Best New Dan Bongino Show Podcast Right Now – June 20 The Best New Mark Levin Podcast – June 2024

In Channel

Episode 15 -Windows event log analysis with Hayabusa. The Sigma-based log analysis tool

2024-10-1523:20

Episode 14 - AI and the future of log analysis, bug detection, forensics and AI ethical considerations with Jonathan Thompson

2024-09-2201:08:33

Episode 13-ELK EDR and Sandboxing, Home grown CTF environments, DFIR Automation & Forensics in the cloud, with Jacob Wilson

2024-08-2054:55

Episode 12 - You're forced to decide: Cyber Generalist or Cyber Specialist?

2024-08-1317:47

Episode 11 - Velociraptor, Containerisation and Infrastructure Deployed as Code with Myles Agnew

2024-07-2952:46

Episode 10 - Detecting and Preventing Phishing Attacks

2024-07-1719:04

Episode 9 -Unmasking APT40 (Leviathan): Tactics, Challenges, and Defense Strategies

2024-07-1221:48

Episode 8 - Hidden digital forensic logging for Cybersecurity on Any Budget: Practical Strategies for Enhanced Detection and Prevention Using Sysmon, Blocking Data Exfil with group policy and printer forensics

2024-07-0719:57

Episode 7 - Defending Against Scattered Spider: Understanding Their Tactics, Techniques, and Procedures

2024-06-2517:07

Episode 6 - Responding to ransomware - is your VPN a target? Plus ransomware risk mitigation with Phil Ngo

2024-06-2026:11

Episode 5 - NIST SP 800-61 Computer Security Incident Handling Guide (Post-Incident Activity)

2024-06-1233:06

Episode 4 - NIST SP 800-61 Computer Security Incident Handling Guide (Containment,Eradication and Recovery)

2024-06-0722:10

Episode 3 - (Part 2) NIST SP 800-61 Computer Security Incident Handling Guide (Detection)

2024-05-3111:41

Episode 3 - NIST SP 800-61 Computer Security Incident Handling Guide (Detection)

2024-05-2846:52

Episode 2 - NIST SP 800-61 Computer Security Incident Handling Guide (Preparation)

2024-05-1727:17

Episode 1 - Digital forensics trends and preparations, learning from real life case studies & DFIR training for getting started

2024-05-1623:27

00:00

Episode 3 - NIST SP 800-61 Computer Security Incident Handling Guide (Detection)

#box-pro-ellipsis-173457821740721{-webkit-line-clamp:2;}Episode 3 - NIST SP 800-61 Computer Security Incident Handling Guide (Detection)

Episode 3 - NIST SP 800-61 Computer Security Incident Handling Guide (Detection)

Episode 3 - NIST SP 800-61 Computer Security Incident Handling Guide (Detection)