Book excerpt: "There are two kinds of companies: those that have been breached and those that do not know it yet." The company calling us just discovered an anomaly on their most critical systems. Our job is to conduct a deep forensic analysis, perform threat assessment, and uncover all malware programs left by hackers. Digital Forensics We follow the attacker's footprint across a variety of systems and create an infection timeline to help us understand their motives. We go as deep as memory analysis, perfect disk copy, threat hunting and malware analysis while sharing insights into real crisis management. Rebuilding systems Finally, we tackle the most important issues of any security incident response: how to kick the attackers out of the systems and regain trust in machines that have been breached. For those that read hacking books like the "Art of Exploitation" or "How to Hack Like a Pornstar," you finally get to experience what it feels like to be on the other side of the Firewall!