OFFRE LISEUSES
Une liseuse achetée = une housse offerte* jusqu'au 21 juin
Dernière sortie
NO TICKET LEFT UNDETECTED: Kerberos Attack Hunting for SOC Teams
No Ticket Left Undetected: Kerberos Attack Hunting for SOC TeamsActive Directory is the backbone of every enterprise network. Kerberos is its authentication engine. And attackers know it better than most defenders. Golden Tickets. Kerberoasting. DCSync. AS-REP Roasting. Pass-the-Ticket. These are not exotic nation-state techniques reserved for advanced red teams - they are standard tools in every attacker's playbook, showing up in ransomware campaigns, insider threat incidents, and APT intrusions every single day.
If your SOC is not actively hunting for them, you are already behind. No Ticket Left Undetected is the practitioner's guide to Kerberos attack detection, written by a SOC Lead with fifteen years of hands-on cybersecurity experience spanning Windows domain penetration testing and enterprise blue team operations. Every concept has been tested in real environments. Every query runs in production. What you will learn: How Kerberos authentication works at the protocol level - and exactly where each attack breaks it The specific Windows Event IDs, field values, and anomaly patterns that expose every major Kerberos attack Production-ready QRadar AQL and Splunk SPL detection queries for every technique covered How to detect AS-REP Roasting, Kerberoasting, Golden Ticket, Silver Ticket, Pass-the-Ticket, Overpass-the-Hash, DCSync, LSASS dumping, and Kerberos delegation abuse A structured triage workflow and SOC playbook that moves from raw alert to confident attribution in minutes A complete master cheat sheet covering the full attack matrix, encryption type reference, and field name mapping across both SIEMs Who this book is for:SOC analysts, threat hunters, detection engineers, and security professionals who work in Windows Active Directory environments and want to move beyond surface-level monitoring into real adversarial detection.
Whether you are preparing for a SOC interview, building detection rules for your organisation, or deepening your Active Directory security knowledge - this book gives you the operational edge. Dual-SIEM coverage: QRadar AQL + Splunk SPL throughout.
If your SOC is not actively hunting for them, you are already behind. No Ticket Left Undetected is the practitioner's guide to Kerberos attack detection, written by a SOC Lead with fifteen years of hands-on cybersecurity experience spanning Windows domain penetration testing and enterprise blue team operations. Every concept has been tested in real environments. Every query runs in production. What you will learn: How Kerberos authentication works at the protocol level - and exactly where each attack breaks it The specific Windows Event IDs, field values, and anomaly patterns that expose every major Kerberos attack Production-ready QRadar AQL and Splunk SPL detection queries for every technique covered How to detect AS-REP Roasting, Kerberoasting, Golden Ticket, Silver Ticket, Pass-the-Ticket, Overpass-the-Hash, DCSync, LSASS dumping, and Kerberos delegation abuse A structured triage workflow and SOC playbook that moves from raw alert to confident attribution in minutes A complete master cheat sheet covering the full attack matrix, encryption type reference, and field name mapping across both SIEMs Who this book is for:SOC analysts, threat hunters, detection engineers, and security professionals who work in Windows Active Directory environments and want to move beyond surface-level monitoring into real adversarial detection.
Whether you are preparing for a SOC interview, building detection rules for your organisation, or deepening your Active Directory security knowledge - this book gives you the operational edge. Dual-SIEM coverage: QRadar AQL + Splunk SPL throughout.
Les livres de Samuel Uwayirungu
25,99 €
34,49 €