Threat investigation quick reference chart

When conducting a threat investigation, I have a quick reference chart that I keep stored between my ears. The problem is that location isn’t helpful to those I work with or assist. I put together a documented quick reference with my common go-to tools based on the SANS PICERL approach.

In case you are interested, here is what I normally think about when investigating an incident or actor. Hope it helps!

Threat investigation.PDF

MD5: 88d869978eae6cd5946e5484f4ec0256

Virus Total scan: https://www.virustotal.com/gui/file/e5b796db82ca3314873e6594ab34948a08a459901a0c9ee8de003af48c6b44ee/details

Leave a Reply

Your email address will not be published. Required fields are marked *

one × 4 =

This site uses Akismet to reduce spam. Learn how your comment data is processed.