Table of Contents
- Introduction to the Threat Landscape
- Understanding the Attack Life Cycle
- Phases of an Efficient Incident Response on Windows Infrastructure
- Endpoint Forensic Evidence Collection
- Gaining Access to the Network
- Establishing a Foothold
- Network and Key Assets Discovery
- Network Propagation
- Data Collection and Exfiltration
- Impact
- Threat Hunting and Analysis of TTPs
- Incident Containment, Eradication, and Recovery
- Incident Investigation Closure and Reporting
