Incident Response: Investigating Computer Crime (2002)

If there’s one book that can guide any company or organization wanting to put up a computer emergency response team, this is the one. In Incident Response: Investigating Computer Crime, authors Chris Prosise and Kevin Mandia provide an insider's look at the legal, procedural and technical steps of computer forensics and analysis. This "one-stop" read is filled with understandable information and frequently illustrated with FBI and other real world case studies, which show how to resolve computer security incidents. It focuses on the following topics:

• to evaluate a computer security incident involving insider threat, Internet fraud, ransom letters extortion, unauthorized access, denial of service, theft of information, to name a few
• Ways to determine the best response
• How to implement that strategy, including detailed technical checklists and toolkit
• The role of the response team, legal counsel, and law enforcement.

Charles Keating, Michael Milken, Robert Hanssen - all highly visible criminals whose activities once turned the corporate and diplomatic world upside down. But today...in the information age, there exists a new kind of stealth criminal who is capable of wreaking even greater havoc! In order to catch these cyber criminals, new strategies have been developed by an elite group of computer security specialists. Now two of them are sharing that knowledge with the rest of us.

Prosise and Mandia are two of USA's most respected computer security experts. Both have developed and taught courses, written books and articles on incident response, hacking and network security, and worked with commercial and governmental entities, such as the FBI, State Department, CIA, and NASA. They are featured speakers on incident response at security conferences worldwide.

Companies, individuals, and law enforcement agencies can benefit greatly from the immense guide that this book has to offer. A must have!