Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.

  • Apple
  • Android
  • Windows Phone
  • Android

To get the free app, enter your email address or mobile phone number.

Qty:1
  • List Price: $14.99
  • Save: $1.50 (10%)
FREE Shipping on orders with at least $25 of books.
In Stock.
Ships from and sold by Amazon.com. Gift-wrap available.
Blue Team Handbook: Incid... has been added to your Cart
+ $3.99 shipping
Used: Like New | Details
Sold by Wordery USA
Condition: Used: Like New
Comment: This fine copy should be with you within 10-13 working days. Unfortunately this item will not arrive before Christmas. This title is print on demand.
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See all 3 images

Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber Security Incident Responder. Paperback – August 3, 2014

4.5 out of 5 stars 77 customer reviews

See all formats and editions Hide other formats and editions
Price
New from Used from
Paperback
"Please retry"
$13.49
$10.86 $12.70

Top 20 lists in Books
Top 20 lists in Books
View the top 20 best sellers of all time, the most reviewed books of all time and some of our editors' favorite picks. Learn more
$13.49 FREE Shipping on orders with at least $25 of books. In Stock. Ships from and sold by Amazon.com. Gift-wrap available.
click to open popover

Frequently Bought Together

  • Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber Security Incident Responder.
  • +
  • Rtfm: Red Team Field Manual
  • +
  • The Hacker Playbook 2: Practical Guide To Penetration Testing
Total price: $44.54
Buy the selected items together


Editorial Reviews

About the Author

Don Murdoch, GSE, MBA is a leading information security professional with over 13 years in digital defense. His experience is in non profit, academic, and Fortune 500 settings. He has taught CISSP and intrusion analysis courses for the SANS Institute, and is both the NICCS Incident Response course lead and the ISSAP course lead for ExpandingSecurity.com. Don has numerous InfoSec IT certifications – CISSP, ISSAP, 10 SANS certifications, is a chartered SABSA security architect, and also is certified as a TOGAF Enterprise Architect.
NO_CONTENT_IN_FEATURE


Product Details

  • Paperback: 154 pages
  • Publisher: CreateSpace Independent Publishing Platform; 2 edition (August 3, 2014)
  • Language: English
  • ISBN-10: 1500734756
  • ISBN-13: 978-1500734756
  • Product Dimensions: 6 x 0.4 x 9 inches
  • Shipping Weight: 10.2 ounces (View shipping rates and policies)
  • Average Customer Review: 4.5 out of 5 stars  See all reviews (77 customer reviews)
  • Amazon Best Sellers Rank: #5,173 in Books (See Top 100 in Books)

Customer Reviews

Top Customer Reviews

Format: Paperback
A steal at $15 - Must Have for Incidents, Admins, InfoSec
This is a detailed review of the Blue Team Handbook Incident Response Edition. The book is organized in 35 major topics, each one very focused on a particular topic relating to the cyber security incident response process. For example, the “Using Snort” section has a discussion, practical examples, and real world command line usage of the tool. Sections have varying degree of detail – but they all include advice from a clear expert who has done the job. Two things that are nice. First, the book is well edited, has very good sentences, and no glaring spelling mistakes you would expect from a first edition self-published title. Second, at the end of nearly each section, there’s a tag line which advises how the topic is used for incident response.
From beginning to end:
The book starts with some ideas borrowed from the military – fog of war, etc. Good advice. Next there is an in depth, and practical, treatment of the incident response process, with illustrations. After that, the author provides insightful guidance on reporting through two different templates – one which follows the IR process previously described, and one from the commercial sector. These section both give spot on advice. There is a pretty clear outline of the attack process. This section doesn’t have a lot of depth; it does have a good overview to help an IR person understand how they will be assaulted, in keeping with the IR focus (not pen test focus). There is advice on using GPG, which would likely work well in the academic space. The netcat and crypt cat discussions tell you how to use these tools nicely – and there are some funny pictures for humor.
Read more ›
Comment 23 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Paperback
I recently purchased four incident handling books and one of them was the Blue Team Handbook. The other three books were much larger in volume but this handbook provided so much applicable content in such a condensed fashion that I'm not sure I needed to purchase the other three. This book would be great for both beginners or seasoned professionals.

At this point I've bought a copy of the Blue Team Handbook for every security team member at my organization. Thank you Don Murdoch for putting this handbook together. I highly encourage all security professionals whether red team or blue team to purchase this book.
Comment 16 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Paperback Verified Purchase
Nice companion to the RTFM. I have been in INFOSEC for a while and I found most of the book to be somewhat generic. My feelings may not apply to everyone else though. There seems to be an idea out there that everyone in INFOSEC sits around grepping Snort logs and/or TCP dumps; this simply is not the case. As an incident first responder the job is fairly straight forward: isolate and collect the logs. Everyone has their own methods I guess. Some OS'es require you leave the system connected before collecting logs this book does not cover that aspect. Not everyone can afford a SANS course so in that respect this condensed field guide is a plus+. Simply put; you cannot afford to not have this book. A must buy.
Comment 11 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Paperback Verified Purchase
I was recommended this Handbook by an Incident Responder with over 10 years experience (whom was also recommended it within his professional network). I've been utilizing version 1.0 of this handbook for almost 3 months now and, I must say, it's the perfect field manual not only for Incident Responders but for any class of Information Security Professional. Back in college I started crafting a reference manual of my own wishing I had something like this. I'm happy to see that I wasn't the only person when I was recommended this Handbook. Initially my only wish was for it to have had reference diagrams for common packet headers. However, shortly after that I learned of version 2.0. For that reason, I immediately purchased version 2.0.

Background: 3 years experience as an Information Security Analyst
Comment 4 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Paperback Verified Purchase
Get a printed copy of this book. Because if you need it, the analog world might be the only safe place around. Jokes apart, I appreciated the straightforward style; seems that a script tells more than thousands of words.
Comment 2 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Paperback Verified Purchase
Amazing tool for any InfoSec first responder. Perfect complement to the RTFM (red team field manual) as a professional. Short/ clean to the point, which is what you need when you are in a fight.
Comment 5 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Paperback Verified Purchase
Deep dive of crucial information for when the worst is happening for your organization's information security. Very packed and concise. Loaded with tips and useful information I haven't seen anywhere else.
Comment One person found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Paperback Verified Purchase
I have yet to really work through this book but it looks very promising with the sheer amount of information and procedures. Unfortunately this is not *quite* the book an aspiring penetration tester would find useful.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse

Most Recent Customer Reviews

Set up an Amazon Giveaway

Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber Security Incident Responder.
Amazon Giveaway allows you to run promotional giveaways in order to create buzz, reward your audience, and attract new followers and customers. Learn more
This item: Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber Security Incident Responder.