The latest book by Sparc FLOW happily coincided with a few days off I had France.
This book comes from the perspective of a forensic analyst tasked with the initial response after a security incident has been identified at a (fictional) bank.
As with the other books in the series there’s a familiar feeling of excitement as you are taken through the process of the investigation/response including interactions with the banks employees some of who are feeling a little defensive, worried that something they are responsible for contributed to the breach.
The book clearly demonstrates how to use tools to perform memory and disk analysis on both physical and virtual devices to hunt for malicious code as well as key places where an attacker may have altered systems to gain persistence.
There are clear benefits to anyone in software dev or operations teams to understand how systems can be forensically examined after a breach in order to know what you really should be doing now so that if (or when) your systems get breached you are in the best position to answer questions like: what data did the attacker exfiltrate and how did they get a foothold into the network.
Investigate Like A Rockstar is available in paperback or Kindle format from Amazon.