-
Book Overview & Buying
-
Table Of Contents
-
Feedback & Rating

Effective Threat Investigation for SOC Analysts
By :

Email threats are among the most common types of attacks encountered by Security Operations Center (SOC) analysts, and they often occur multiple times during a working shift. Moreover, malicious emails are often the first step in an attacker’s attempt to gain access to a target environment. Given the increase in these types of threats, SOC analysts and cyber investigators must understand attackers’ techniques to initiate attacks via email and how to investigate and respond to email threats.
The objective of this chapter is to learn why attackers prefer phishing emails to gain initial access, the most common email threats, the most common techniques by attackers to evade detection and trick the victim, how to analyze email secure gateway logs, and how to investigate suspicious emails.
In this chapter, we will cover the following main topics:
Let’s get started!
Change the font size
Change margin width
Change background colour