Skip to main content
Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber Security Incident Responder.

Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber Security Incident Responder.

Current price: $16.99
This product is not returnable.
Publication Date: August 3rd, 2014
Publisher:
Createspace Independent Publishing Platform
ISBN:
9781500734756
Pages:
164
Usually Ships in 1 to 5 Days

Description

BTHb: INRE - Version 2.2 now available. Voted #3 of the 100 Best Cyber Security Books of All Time by Vinod Khosla, Tim O'Reilly and Marcus Spoons Stevens on BookAuthority.com as of 06/09/2018 The Blue Team Handbook is a "zero fluff" reference guide for cyber security incident responders, security engineers, and InfoSec pros alike. The BTHb includes essential information in a condensed handbook format. Main topics include the incident response process, how attackers work, common tools for incident response, a methodology for network analysis, common indicators of compromise, Windows and Linux analysis processes, tcpdump usage examples, Snort IDS usage, packet headers, and numerous other quick reference topics. The book is designed specifically to share "real life experience", so it is peppered with practical techniques from the authors' extensive career in handling incidents. Whether you are writing up your cases notes, analyzing potentially suspicious traffic, or called in to look over a misbehaving server - this book should help you handle the case and teach you some new techniques along the way.

Version 2.2 updates:
- *** A new chapter on Indicators of Compromise added.
- Table format slightly revised throughout book to improve readability.
- Dozens of paragraphs updated and expanded for readability and completeness.
- 15 pages of new content since version 2.0.

About the Author

Don Murdoch, GSE, MBA is a leading information security professional with over 13 years in digital defense. His experience is in non profit, academic, and Fortune 500 settings. He has taught CISSP and intrusion analysis courses for the SANS Institute, and is both the NICCS Incident Response course lead and the ISSAP course lead for ExpandingSecurity.com. Don has numerous InfoSec IT certifications - CISSP, ISSAP, 10 SANS certifications, is a chartered SABSA security architect, and also is certified as a TOGAF Enterprise Architect.