Windows Security Expert Harlan Carvey Offers Latest Tools to Analyze and Investigate Windows 7 Systems
Waltham, MA, March 28, 2012 – While large-scale computer attacks grab the headlines (think Iran’s experience with Stuxnet), it is often the less spectacular that cause the biggest headaches. On Tuesday, March 13th, Microsoft issued a patch for a vulnerability in its Remote Desktop Protocol. Less than 48 hours later, an attack exploiting the vulnerability appeared on a Chinese site and the attack seemed to be based on a Microsoft proof-of-concept exploit.
In Windows Forensic Analysis Toolkit: Advanced Analysis Techniques for Windows 7, 3rd Edition, Windows security legend Harlan Carvey provides security professionals with the processes and tools necessary to analyze and investigate Windows 7 systems. In this wholly revised book, Carvey reveals the core investigative concepts that are central to every digital forensic analysis. He shows how the best response is an immediate response once an incident is detected: being prepared is half the battle. Carvey describes how best to use Window 7’s new files and data structures. He shows security professionals how to find and use timeline analysis and the process for detecting malware with an acquired image.
Carvey has created more than a new edition, he has produced what amounts to a new book that complements Windows Forensic Analysis Toolkit, 2nd Ed., which focuses primarily on XP. “When I sat down to write this book, I wanted to take a different approach from the second edition; that is rather than starting with the manuscript from the previous edition and adding new material, I wanted to start over completely and write an entirely new book, creating a companion book to the second edition,” said Carvey. “The book is not intended to replace the second edition, but instead to be a companion edition to be used alongside the second edition.”
The author presents real-life experiences from the trenches, making the material realistic and showing the why behind the how. Carvey amplifies his main points with:
- Practical hands-on insider tips that can be used during an investigation including open source freely available tools, and recommendations on commercial software that can be deployed during an investigation.
- Warnings to help the reader overcome potential pitfalls during an investigation and are based on the author’s experiences in the field.
- Notes to provide helpful background information when appropriate.
Also, the companion and toolkit materials, previously stored on a CD, are now hosted online. This material consists of electronic printable checklists, cheat sheets, free custom tools, and walk-through demos.
# # #
About the author
Harlan Carvey (CISSP) is a Vice President of Advanced Security Projects with Terremark Worldwide, Inc. Terremark is a leading global provider of IT infrastructure and “cloud computing” services, based in Miami, FL. Harlan is a key contributor to the Engagement Services practice, providing disk forensics analysis, consulting, and training services to both internal and external customers. Harlan has provided forensic analysis services for the hospitality industry, financial institutions, as well as federal government and law enforcement agencies. Harlan’s primary areas of interest include research and development of novel analysis solutions, with a focus on Windows platforms. Harlan holds a bachelor’s degree in electrical engineering from the Virginia Military Institute and a master’s degree in the same discipline from the Naval Postgraduate School. Harlan resides in Northern Virginia with his family.
Windows Forensic Analysis Toolkit, 3rd Ed.
By Harlan Carvey
Basics of Digital Forensics
By John Sammons
Syngress,an imprint of Elsevier Science & Technology Books,provides books for professionals who want theoretical as well as tactical information on securing in the digital world. Whether you are complying with regulations, breaking or protecting a system, or analyzing a system and extracting evidence, we have high quality expert advice to make you better at what you do. Syngress publishes in the areas of Digital Forensics, Hacking and Penetration Testing, Certification, IT Security and Administration, and more.
About Elsevier Science & Technology Books
Elsevier Science & Technology Books has provided award-winning, leading-edge data and education resources to information professionals worldwide. By delivering world-class solutions both in print and online, Elsevier S&T Books is proud to play an essential role in some of the most distinguished scientific and technology communities in existence today. From economics and public health to microbiology and genetics, we have a wide variety of books and ebooks online for you to choose from.
Elsevier is a global information analytics company that helps institutions and professionals progress science, advance healthcare and improve performance for the benefit of humanity. Elsevier provides digital solutions and tools in the areas of strategic research management, R&D performance, clinical decision support, and professional education; including ScienceDirect, Scopus, ClinicalKey and Sherpath. Elsevier publishes over 2,500 digitized journals, including The Lancet and Cell, more than 35,000 e-book titles and many iconic reference works, including Gray's Anatomy. Elsevier is part of RELX Group, a global provider of information and analytics for professionals and business customers across industries. www.elsevier.com
Publicity Manager, Elsevier Science & Technology Books
+1 781 313 4726