Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your email address or mobile phone number.
Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber Security Incident Responder. Paperback – August 3, 2014
Top 20 lists in Books
View the top 20 best sellers of all time, the most reviewed books of all time and some of our editors' favorite picks. Learn more
Frequently Bought Together
Customers Who Bought This Item Also Bought
About the Author
Top Customer Reviews
This is a detailed review of the Blue Team Handbook Incident Response Edition. The book is organized in 35 major topics, each one very focused on a particular topic relating to the cyber security incident response process. For example, the “Using Snort” section has a discussion, practical examples, and real world command line usage of the tool. Sections have varying degree of detail – but they all include advice from a clear expert who has done the job. Two things that are nice. First, the book is well edited, has very good sentences, and no glaring spelling mistakes you would expect from a first edition self-published title. Second, at the end of nearly each section, there’s a tag line which advises how the topic is used for incident response.
From beginning to end:
The book starts with some ideas borrowed from the military – fog of war, etc. Good advice. Next there is an in depth, and practical, treatment of the incident response process, with illustrations. After that, the author provides insightful guidance on reporting through two different templates – one which follows the IR process previously described, and one from the commercial sector. These section both give spot on advice. There is a pretty clear outline of the attack process. This section doesn’t have a lot of depth; it does have a good overview to help an IR person understand how they will be assaulted, in keeping with the IR focus (not pen test focus). There is advice on using GPG, which would likely work well in the academic space. The netcat and crypt cat discussions tell you how to use these tools nicely – and there are some funny pictures for humor.Read more ›
At this point I've bought a copy of the Blue Team Handbook for every security team member at my organization. Thank you Don Murdoch for putting this handbook together. I highly encourage all security professionals whether red team or blue team to purchase this book.
Background: 3 years experience as an Information Security Analyst
Most Recent Customer Reviews
This is a good read. Even if you don't do IR, its worth your time.Published 18 hours ago by Ashworth
Great reference with a dash of context. A lot of you will probably have a .doc or .txt with some of this stuff in it, but now you don't have to print it all out. Read morePublished 2 months ago by jB
TBH I think this book was probably just written to try and make money from to the hype of the "RTFM" book. Read morePublished 4 months ago by Tom is a nerd
impressive book, very detailed, found some parts difficult to understand, but this is a great book to have on handPublished 6 months ago by daniel gomez