Carvey describes how best to use Window 7’s new files and data structures. He shows security professionals how to find use timeline analysis and the process for detecting malware with an acquired image.
Waltham, MA (PRWEB) March 28, 2012
While large-scale computer attacks grab the headlines (think Iran’s experience with Stuxnet), it is often the less spectacular that cause the biggest headaches. On Tuesday, March 13th, Microsoft issued a patch for a vulnerability in its Remote Desktop Protocol. Less than 48 hours later, an attack exploiting the vulnerability appeared on a Chinese site and the attack seemed to be based on a Microsoft proof-of-concept exploit.
In Windows Forensic Analysis Toolkit: Advanced Analysis Techniques for Windows 7, 3rd Edition, Windows security legend Harlan Carvey provides security professionals with the processes and tools necessary to analyze and investigate Windows 7 systems. In this wholly revised book, Carvey reveals the core investigative concepts that are central to every digital forensic analysis. He shows how the best response is an immediate response once an incident is detected: being prepared is half the battle. Carvey describes how best to use Window 7’s new files and data structures. He shows security professionals how to find use timeline analysis and the process for detecting malware with an acquired image.
Carvey has created more than a new edition, he has produced what amounts to a new book that complements Windows Forensic Analysis Toolkit, 2nd Ed., which focuses primarily on XP. “When I sat down to write this book, I wanted to take a different approach from the second edition; that is rather than starting with the manuscript from the previous edition and adding new material, I wanted to start over completely and write an entirely new book, creating a companion book to the second edition,” said Carvey. “The book is not intended to replace the second edition, but instead to be a companion edition to be used alongside the second edition.”
The author presents real-life experiences from the trenches, making the material realistic and showing the why behind the how. Carvey amplifies his main points with:
- Practical hands-on insider tips that can be used during an investigation including open source freely available tools, and recommendations on commercial software that can be deployed during an investigation.
- Warnings to help the reader overcome potential pitfalls during an investigation and are based on the author’s experiences in the field.
- Notes to provide helpful background information when appropriate.
Also, the companion and toolkit materials, previously stored on a CD, are now hosted online. This material consists of electronic printable checklists, cheat sheets, free custom tools, and walk-through demos.
About the Author
Harlan Carvey (CISSP) is a Vice President of Advanced Security Projects with Terremark Worldwide, Inc. Terremark is a leading global provider of IT infrastructure and “cloud computing” services, based in Miami, FL. Harlan is a key contributor to the Engagement Services practice, providing disk forensics analysis, consulting, and training services to both internal and external customers. Harlan has provided forensic analysis services for the hospitality industry, financial institutions, as well as federal government and law enforcement agencies. Harlan’s primary areas of interest include research and development of novel analysis solutions, with a focus on Windows platforms. Harlan holds a bachelor’s degree in electrical engineering from the Virginia Military Institute and a master’s degree in the same discipline from the Naval Postgraduate School. Harlan resides in Northern Virginia with his family.
Windows Forensic Analysis Toolkit, 3rd Ed.
By Harlan Carvey
March 2012 | Softcover | 274 pp
69.95 USD | 50.95 EUR | 42.99 GBP
Basics of Digital Forensics
By John Sammons
Feb 2012 | Softcover | 184 pp
29.95 USD | 21.95 EUR | 18.99 GBP
Syngress, an imprint of Elsevier Science & Technology Books, provides books for professionals who want theoretical as well as tactical information on securing in the digital world. Whether you are complying with regulations, breaking or protecting a system, or analyzing a system and extracting evidence, we have high quality expert advice to make you better at what you do. Syngress publishes in the areas of Digital Forensics, Hacking and Penetration Testing, Certification, IT Security and Administration, and more.
Elsevier Science & Technology Books has provided award-winning, leading-edge data and education resources to information professionals worldwide. By delivering world-class solutions both in print and online, Elsevier S&T Books is proud to play an essential role in some of the most distinguished scientific and technology communities in existence today. From economics and public health to microbiology and genetics, we have a wide variety of books and ebooks online for you to choose from.
Elsevier is a world-leading provider of scientific, technical and medical information products and services. The company works in partnership with the global science and health communities to publish more than 2,000 journals, including The Lancet and Cell, and close to 20,000 book titles, including major reference works from Mosby and Saunders. Elsevier’s online solutions include SciVerse ScienceDirect, SciVerse Scopus, Reaxys, MD Consult and Mosby’s Nursing Suite, which enhance the productivity of science and health professionals, and the SciVal suite and MEDai’s Pinpoint Review, which help research and health care institutions deliver better outcomes more cost-effectively.
A global business headquartered in Amsterdam, Elsevier employs 7,000 people worldwide. The company is part of Reed Elsevier Group PLC, a world-leading publisher and information provider, which is jointly owned by Reed Elsevier PLC and Reed Elsevier NV.