Inhaltsangabe
EDR, demystified! Stay a step ahead of attackers with this comprehensive guide to understanding the attack-detection software running on Microsoft systems—and how to evade it.
Nearly every enterprise uses an Endpoint Detection and Response (EDR) agent to monitor the devices on their network for signs of an attack. But that doesn't mean security defenders grasp how these systems actually work. This book demystifies EDR, taking you on a deep dive into how EDRs detect adversary activity. Chapter by chapter, you’ll learn that EDR is not a magical black box—it’s just a complex software application built around a few easy-to-understand components.
The author uses his years of experience as a red team operator to investigate each of the most common sensor components, discussing their purpose, explaining their implementation, and showing the ways they collect various data points from the Microsoft operating system. In addition to covering the theory behind designing an effective EDR, each chapter also reveals documented evasion strategies for bypassing EDRs that red teamers can use in their engagements.
Die Inhaltsangabe kann sich auf eine andere Ausgabe dieses Titels beziehen.
Über die Autorin bzw. den Autor
Matt Hand is an experienced red team operator with over a decade of experience. His primary areas of focus are in vulnerability research and EDR evasion where he spends a large amount of time conducting independent research, developing tooling, and publishing content. Matt is currently a Service Architect at SpecterOps where he focuses on improving the technical and execution capabilities of the Adversary Simulation team, as well as serving as a subject matter expert on evasion tradecraft.
„Über diesen Titel“ kann sich auf eine andere Ausgabe dieses Titels beziehen.
Suchergebnisse für Evading EDR: The Definitive Guide to Defeating Endpoint...
Beispielbild für diese ISBN
Evading EDR: The Definitive Guide to Defeating Endpoint Detection Systems.
Anbieter: HPB-Red, Dallas, TX, USA
Verkäuferbewertung 5 von 5 Sternen
paperback. Zustand: Good. Connecting readers with great books since 1972! Used textbooks may not include companion materials such as access codes, etc. May have some wear or writing/highlighting. We ship orders daily and Customer Service is our top priority! Bestandsnummer des Verkäufers S_438448880
Gebraucht kaufen
EUR 33,95
EUR 3,18 Versand
Versand innerhalb von USA
Versand innerhalb von USA
Anzahl: 1 verfügbar
Beispielbild für diese ISBN
Evading EDR: The Definitive Guide to Defeating Endpoint Detection Systems.
Anbieter: Bellwetherbooks, McKeesport, PA, USA
Verkäuferbewertung 5 von 5 Sternen
paperback. Zustand: Very Good. Very Good Condition - May show some limited signs of wear and may have a remainder mark. Pages and dust cover are intact and not marred by notes or highlighting. Bestandsnummer des Verkäufers mon0000009068
Gebraucht kaufen
EUR 33,95
EUR 3,35 Versand
Versand innerhalb von USA
Versand innerhalb von USA
Anzahl: 2 verfügbar
Foto des Verkäufers
Evading Edr : The Definitive Guide to Defeating Endpoint Detection Systems.
Anbieter: GreatBookPrices, Columbia, MD, USA
Verkäuferbewertung 5 von 5 Sternen
Zustand: New. Bestandsnummer des Verkäufers 45751777-n
Neu kaufen
EUR 35,25
EUR 2,24 Versand
Versand innerhalb von USA
Versand innerhalb von USA
Anzahl: 15 verfügbar
Beispielbild für diese ISBN
EvadingEDR Format: Paperback
Anbieter: INDOO, Avenel, NJ, USA
Verkäuferbewertung 5 von 5 Sternen
Zustand: New. Bestandsnummer des Verkäufers 9781718503342
Neu kaufen
EUR 37,56
Versand gratis
Versand innerhalb von USA
Versand innerhalb von USA
Anzahl: Mehr als 20 verfügbar
Beispielbild für diese ISBN
Evading EDR (Paperback)
Verlag:
No Starch Press,US, San Francisco, 2023
ISBN 10: 1718503342
ISBN 13: 9781718503342
Neu
Paperback
Anbieter: Grand Eagle Retail, Bensenville, IL, USA
Verkäuferbewertung 5 von 5 Sternen
Paperback. Zustand: new. Paperback. EDR, demystified! Stay a step ahead of attackers with this comprehensive guide to understanding the attack-detection software running on Microsoft systems-and how to evade it.EDR, demystified! Stay a step ahead of attackers with this comprehensive guide to understanding the attack-detection software running on Microsoft systems-and how to evade it.Nearly every enterprise uses an Endpoint Detection and Response (EDR) agent to monitor the devices on their network for signs of an attack. But that doesn't mean security defenders grasp how these systems actually work. This book demystifies EDR, taking you on a deep dive into how EDRs detect adversary activity. Chapter by chapter, you'll learn that EDR is not a magical black box-it's just a complex software application built around a few easy-to-understand components.The author uses his years of experience as a red team operator to investigate each of the most common sensor components, discussing their purpose, explaining their implementation, and showing the ways they collect various data points from the Microsoft operating system. In addition to covering the theory behind designing an effective EDR, each chapter also reveals documented evasion strategies for bypassing EDRs that red teamers can use in their engagements. "Introduces readers to the most common components of EDR systems, including function hooking, callback notifications, Event Tracing for Windows, and filesystem minifilters, by explaining how they are implemented and how they collect various data points. Covers documented evasion strategies for bypassing detections and describes how defenders might protect themselves"-- Shipping may be from multiple locations in the US or from the UK, depending on stock availability. Bestandsnummer des Verkäufers 9781718503342
Foto des Verkäufers
Evading Edr : The Definitive Guide to Defeating Endpoint Detection Systems.
Anbieter: GreatBookPrices, Columbia, MD, USA
Verkäuferbewertung 5 von 5 Sternen
Zustand: As New. Unread book in perfect condition. Bestandsnummer des Verkäufers 45751777
Gebraucht kaufen
EUR 35,56
EUR 2,24 Versand
Versand innerhalb von USA
Versand innerhalb von USA
Anzahl: 15 verfügbar
Beispielbild für diese ISBN
EvadingEDR Format: Paperback
Anbieter: INDOO, Avenel, NJ, USA
Verkäuferbewertung 5 von 5 Sternen
Zustand: As New. Unread copy in mint condition. Bestandsnummer des Verkäufers RH9781718503342
Gebraucht kaufen
EUR 37,88
Versand gratis
Versand innerhalb von USA
Versand innerhalb von USA
Anzahl: Mehr als 20 verfügbar
Beispielbild für diese ISBN
Evading EDR
Anbieter: PBShop.store US, Wood Dale, IL, USA
Verkäuferbewertung 5 von 5 Sternen
PAP. Zustand: New. New Book. Shipped from UK. Established seller since 2000. Bestandsnummer des Verkäufers DB-9781718503342
Foto des Verkäufers
Evading EDR: The Definitive Guide to Defeating Endpoint Detection Systems.
Anbieter: ChristianBookbag / Beans Books, Inc., Westlake, OH, USA
Verkäuferbewertung 5 von 5 Sternen
paperback. Zustand: New. New with remainder mark. Buy multiples from our store to save on shipping. Bestandsnummer des Verkäufers 2509150059
Neu kaufen
EUR 37,86
EUR 3,35 Versand
Versand innerhalb von USA
Versand innerhalb von USA
Anzahl: 3 verfügbar
Beispielbild für diese ISBN
Evading EDR
Anbieter: PBShop.store UK, Fairford, GLOS, Vereinigtes Königreich
Verkäuferbewertung 4 von 5 Sternen
PAP. Zustand: New. New Book. Shipped from UK. Established seller since 2000. Bestandsnummer des Verkäufers DB-9781718503342
Neu kaufen
EUR 36,37
EUR 5,75 Versand
Versand von Vereinigtes Königreich nach USA
Versand von Vereinigtes Königreich nach USA
Anzahl: 6 verfügbar