Applied Incident Response

This book is a bit of an anomaly. Ever since I purchased "Mastering Windows Network Forensics and Investigation" (1st and 2nd editions) years ago, I've been curious as to why the author hadn't published anything further. I was excited to see this book announced and even more so, after having read it, to learn that my anticipation was not in vain. This book is the most valuable book on DFIR that I've ever found. The coverage is comprehensive, thorough, and covers many of the latest "cutting edge" DFIR techniques. With that said, this book is an anomaly in that it is so very valuable but seems to be, as of yet, still widely unknown to the cybersecurity community. I would encourage anyone in (or even interested in) the cybersecurity field to purchase this book and study it thoroughly. Personally, this book is easily near the top of my list of favorites and I will be amazed if it doesn't hold it's title as the most valuable cybersecurity book that I've read this year.

I’m currently enrolled in SANS504 and was looking for some material to supplement my course. I was a little hesitant to purchase this book with it being recently published and not having a ton of reviews. I’m so glad I decided to purchase it! This book is very thorough and you will be a better security professional after reading this. The content of this book is outstanding and complements that SANS material quite nicely. Highly recommended!

I have being performing assessments at a Federal Agency for about 4 years, time for a change. So I order Applied Incident Response and have read about 5 chapters and have been very happy with the book The author is clearly knowledgeable, an "expert" in the subject matter, but many expert write poorly. Steve Anson writes with great clarity which makes reading/learning a pleasure. Additionally, the book is filled with detailed links to tools, articles, books ... to supplement the book. The examples of tools, e.g., Security Onion, the corresponding screenshots and text are perfectly in sync and easy to follow. Great technical content and the book is a pleasure to read.

Some pages stick together.(look atrachment)

A must have, time tested and useful in difficult situations. Of course, if you get where I’m going with that comment. Simplified, even the Exec’s understand it and that’s a huge win when budget season comes.

Overall excellent content on DFIR. A great updated supplement to the Incident Response & Computer Forensics series. I particularly enjoyed the Lateral Movement section as it really solidified my understanding in how to monitor, hunt and investigate common techniques of pivoting within a network.

The inside of the book is brand new but I'm not exactly happy with the quality of the cover. I purchased a book brand new and with Amazon's new packaging, I don't think shipping books out in this helps to my review. I'm disappointed that I paid for a new book yet it came with binding damages...

Probably the best incident response book written! Well written, lots of details. Great book!

This book covers a lot of topics and touches the most important parts. The topics are presented clearly and in a concise manner and it's a great addition to people studying forensics / incident response.

Haven’t read as the print quality is terrible. Pages are stuck together and it’s impossible to read it without destroying the book.