SOLDES

Jusqu'à -70% sur une sélection d'articles*

NO TICKET LEFT UNDETECTED: Kerberos Attack Hunting for SOC Teams. 1, #1

Par : Samuel Uwayirungu
Offrir maintenant
Ou planifier dans votre panier
Disponible dans votre compte client Decitre ou Furet du Nord dès validation de votre commande. Le format ePub est :
  • Compatible avec une lecture sur My Vivlio (smartphone, tablette, ordinateur)
  • Compatible avec une lecture sur liseuses Vivlio
  • Pour les liseuses autres que Vivlio, vous devez utiliser le logiciel Adobe Digital Edition. Non compatible avec la lecture sur les liseuses Kindle, Remarkable et Sony
Logo Vivlio, qui est-ce ?

Notre partenaire de plateforme de lecture numérique où vous retrouverez l'ensemble de vos ebooks gratuitement

Pour en savoir plus sur nos ebooks, consultez notre aide en ligne ici
C'est si simple ! Lisez votre ebook avec l'app Vivlio sur votre tablette, mobile ou ordinateur :
Google PlayApp Store
  • FormatePub
  • ISBN8235602885
  • EAN9798235602885
  • Date de parution24/04/2026
  • Protection num.pas de protection
  • Infos supplémentairesepub
  • ÉditeurIoakim Ioakim

Résumé

No Ticket Left Undetected: Kerberos Attack Hunting for SOC TeamsActive Directory is the backbone of every enterprise network. Kerberos is its authentication engine. And attackers know it better than most defenders. Golden Tickets. Kerberoasting. DCSync. AS-REP Roasting. Pass-the-Ticket. These are not exotic nation-state techniques reserved for advanced red teams - they are standard tools in every attacker's playbook, showing up in ransomware campaigns, insider threat incidents, and APT intrusions every single day.
If your SOC is not actively hunting for them, you are already behind. No Ticket Left Undetected is the practitioner's guide to Kerberos attack detection, written by a SOC Lead with fifteen years of hands-on cybersecurity experience spanning Windows domain penetration testing and enterprise blue team operations. Every concept has been tested in real environments. Every query runs in production. What you will learn: How Kerberos authentication works at the protocol level - and exactly where each attack breaks it The specific Windows Event IDs, field values, and anomaly patterns that expose every major Kerberos attack Production-ready QRadar AQL and Splunk SPL detection queries for every technique covered How to detect AS-REP Roasting, Kerberoasting, Golden Ticket, Silver Ticket, Pass-the-Ticket, Overpass-the-Hash, DCSync, LSASS dumping, and Kerberos delegation abuse A structured triage workflow and SOC playbook that moves from raw alert to confident attribution in minutes A complete master cheat sheet covering the full attack matrix, encryption type reference, and field name mapping across both SIEMs Who this book is for:SOC analysts, threat hunters, detection engineers, and security professionals who work in Windows Active Directory environments and want to move beyond surface-level monitoring into real adversarial detection.
Whether you are preparing for a SOC interview, building detection rules for your organisation, or deepening your Active Directory security knowledge - this book gives you the operational edge. Dual-SIEM coverage: QRadar AQL + Splunk SPL throughout.