Synopsis
EDR, demystified! Stay a step ahead of attackers with this comprehensive guide to understanding the attack-detection software running on Microsoft systems—and how to evade it.
Nearly every enterprise uses an Endpoint Detection and Response (EDR) agent to monitor the devices on their network for signs of an attack. But that doesn't mean security defenders grasp how these systems actually work. This book demystifies EDR, taking you on a deep dive into how EDRs detect adversary activity. Chapter by chapter, you’ll learn that EDR is not a magical black box—it’s just a complex software application built around a few easy-to-understand components.
The author uses his years of experience as a red team operator to investigate each of the most common sensor components, discussing their purpose, explaining their implementation, and showing the ways they collect various data points from the Microsoft operating system. In addition to covering the theory behind designing an effective EDR, each chapter also reveals documented evasion strategies for bypassing EDRs that red teamers can use in their engagements.
Les informations fournies dans la section « Synopsis » peuvent faire référence à une autre édition de ce titre.
À propos de l?auteur
Matt Hand is an experienced red team operator with over a decade of experience. His primary areas of focus are in vulnerability research and EDR evasion where he spends a large amount of time conducting independent research, developing tooling, and publishing content. Matt is currently a Service Architect at SpecterOps where he focuses on improving the technical and execution capabilities of the Adversary Simulation team, as well as serving as a subject matter expert on evasion tradecraft.
Les informations fournies dans la section « A propos du livre » peuvent faire référence à une autre édition de ce titre.
Résultats de recherche pour Evading EDR: The Definitive Guide to Defeating Endpoint...
Image fournie par le vendeur
Evading Edr : The Definitive Guide to Defeating Endpoint Detection Systems.
Vendeur : GreatBookPrices, Columbia, MD, Etats-Unis
Évaluation du vendeur 5 sur 5 étoiles
Etat : New. N° de réf. du vendeur 45751777-n
Acheter neuf
EUR 35,11
Expédition à EUR 2,22
Expédition nationale : Etats-Unis
Expédition nationale : Etats-Unis
Quantité disponible : 15 disponible(s)
Image d'archives
Evading EDR (Paperback)
Edité par
No Starch Press,US, San Francisco, 2023
ISBN 10 : 1718503342
ISBN 13 : 9781718503342
Neuf
Paperback
Vendeur : Grand Eagle Retail, Bensenville, IL, Etats-Unis
Évaluation du vendeur 5 sur 5 étoiles
Paperback. Etat : new. Paperback. EDR, demystified! Stay a step ahead of attackers with this comprehensive guide to understanding the attack-detection software running on Microsoft systems-and how to evade it.EDR, demystified! Stay a step ahead of attackers with this comprehensive guide to understanding the attack-detection software running on Microsoft systems-and how to evade it.Nearly every enterprise uses an Endpoint Detection and Response (EDR) agent to monitor the devices on their network for signs of an attack. But that doesn't mean security defenders grasp how these systems actually work. This book demystifies EDR, taking you on a deep dive into how EDRs detect adversary activity. Chapter by chapter, you'll learn that EDR is not a magical black box-it's just a complex software application built around a few easy-to-understand components.The author uses his years of experience as a red team operator to investigate each of the most common sensor components, discussing their purpose, explaining their implementation, and showing the ways they collect various data points from the Microsoft operating system. In addition to covering the theory behind designing an effective EDR, each chapter also reveals documented evasion strategies for bypassing EDRs that red teamers can use in their engagements. "Introduces readers to the most common components of EDR systems, including function hooking, callback notifications, Event Tracing for Windows, and filesystem minifilters, by explaining how they are implemented and how they collect various data points. Covers documented evasion strategies for bypassing detections and describes how defenders might protect themselves"-- Shipping may be from multiple locations in the US or from the UK, depending on stock availability. N° de réf. du vendeur 9781718503342
Acheter neuf
EUR 37,41
Livraison gratuite
Expédition nationale : Etats-Unis
Expédition nationale : Etats-Unis
Quantité disponible : 1 disponible(s)
Image d'archives
EvadingEDR Format: Paperback
Vendeur : INDOO, Avenel, NJ, Etats-Unis
Évaluation du vendeur 5 sur 5 étoiles
Etat : New. N° de réf. du vendeur 9781718503342
Acheter neuf
EUR 37,43
Livraison gratuite
Expédition nationale : Etats-Unis
Expédition nationale : Etats-Unis
Quantité disponible : Plus de 20 disponibles
Image fournie par le vendeur
Evading Edr : The Definitive Guide to Defeating Endpoint Detection Systems.
Edité par
No Starch Press, 2023
ISBN 10 : 1718503342
ISBN 13 : 9781718503342
Ancien ou d'occasion
Couverture souple
Vendeur : GreatBookPrices, Columbia, MD, Etats-Unis
Évaluation du vendeur 5 sur 5 étoiles
Etat : As New. Unread book in perfect condition. N° de réf. du vendeur 45751777
Acheter D'occasion
EUR 35,31
Expédition à EUR 2,22
Expédition nationale : Etats-Unis
Expédition nationale : Etats-Unis
Quantité disponible : 15 disponible(s)
Image d'archives
EvadingEDR Format: Paperback
Vendeur : INDOO, Avenel, NJ, Etats-Unis
Évaluation du vendeur 5 sur 5 étoiles
Etat : As New. Unread copy in mint condition. N° de réf. du vendeur RH9781718503342
Acheter D'occasion
EUR 37,60
Livraison gratuite
Expédition nationale : Etats-Unis
Expédition nationale : Etats-Unis
Quantité disponible : Plus de 20 disponibles
Image d'archives
Evading EDR: The Definitive Guide to Defeating Endpoint Detection Systems.
Edité par
No Starch Press, 2023
ISBN 10 : 1718503342
ISBN 13 : 9781718503342
Ancien ou d'occasion
paperback
Vendeur : HPB-Red, Dallas, TX, Etats-Unis
Évaluation du vendeur 5 sur 5 étoiles
paperback. Etat : Good. Connecting readers with great books since 1972! Used textbooks may not include companion materials such as access codes, etc. May have some wear or writing/highlighting. We ship orders daily and Customer Service is our top priority! N° de réf. du vendeur S_438448880
Acheter D'occasion
EUR 35,04
Expédition à EUR 3,16
Expédition nationale : Etats-Unis
Expédition nationale : Etats-Unis
Quantité disponible : 1 disponible(s)
Image d'archives
Evading EDR: The Definitive Guide to Defeating Endpoint Detection Systems.
Edité par
No Starch Press, 2023
ISBN 10 : 1718503342
ISBN 13 : 9781718503342
Ancien ou d'occasion
paperback
Vendeur : Bellwetherbooks, McKeesport, PA, Etats-Unis
Évaluation du vendeur 5 sur 5 étoiles
paperback. Etat : Very Good. Very Good Condition - May show some limited signs of wear and may have a remainder mark. Pages and dust cover are intact and not marred by notes or highlighting. N° de réf. du vendeur mon0000009068
Acheter D'occasion
EUR 35,03
Expédition à EUR 3,33
Expédition nationale : Etats-Unis
Expédition nationale : Etats-Unis
Quantité disponible : 2 disponible(s)
Image d'archives
Evading EDR
Vendeur : PBShop.store US, Wood Dale, IL, Etats-Unis
Évaluation du vendeur 5 sur 5 étoiles
PAP. Etat : New. New Book. Shipped from UK. Established seller since 2000. N° de réf. du vendeur DB-9781718503342
Acheter neuf
EUR 40,82
Livraison gratuite
Expédition nationale : Etats-Unis
Expédition nationale : Etats-Unis
Quantité disponible : 6 disponible(s)
Image fournie par le vendeur
Evading EDR: The Definitive Guide to Defeating Endpoint Detection Systems.
Vendeur : ChristianBookbag / Beans Books, Inc., Westlake, OH, Etats-Unis
Évaluation du vendeur 5 sur 5 étoiles
paperback. Etat : New. New with remainder mark. Buy multiples from our store to save on shipping. N° de réf. du vendeur 2509150059
Acheter neuf
EUR 37,59
Expédition à EUR 3,33
Expédition nationale : Etats-Unis
Expédition nationale : Etats-Unis
Quantité disponible : 3 disponible(s)
Image d'archives
Evading EDR
Vendeur : PBShop.store UK, Fairford, GLOS, Royaume-Uni
Évaluation du vendeur 4 sur 5 étoiles
PAP. Etat : New. New Book. Shipped from UK. Established seller since 2000. N° de réf. du vendeur DB-9781718503342
Acheter neuf
EUR 36,53
Expédition à EUR 5,77
Expédition depuis Royaume-Uni vers Etats-Unis
Expédition depuis Royaume-Uni vers Etats-Unis
Quantité disponible : 6 disponible(s)