Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber Security Incident Responder.: 1

Perfect to keep in your desk draw and whip out when needed, hugely helpful book to have during an incident and to keep around for reference. I would also recommend the following book Blue Team Field Manual (BTFM) (RTFM)

Enjoyable read, good humoured and very informative, a must have for any one in incident response. A good read with great planning and execution tips for the rest of us No point getting RTFM without this book

Very good for professionals working in incident response and information security in general.

Great book, perfect for anyone starting in the Blue Team/CSIRT/SIEM and even for those already with some experience in the field. Short and concise, a must have in your desk.

Great book for the beginner, which most of us are. We know it all, this tells us to think again. Recommended for my year 1 undergraduate forensic computing students.

What can I say - this book summarises the processes of Incidence Response in a clear, concise with no ambiguity. Packed with with commands and tool lists to aid you beginners and expert alike through the IR process. For the size and price of this book - It is surely a one of a kind companion.

If you dont know the difference between a Blue Team, a Red Team, a Tiger Team or a Gibson is, then you don't need this book.. However if you do know the difference then you need this to make your life; from either an offense or defence perspective, that little bit easier..

This book is better suited for managers than 'coal face' people. It talks about incident response at quite a high level and doesn't get into the weeds enough. When you compare this to the Red Team Field Manual you will notice they cannot be compared, which is quite sad. If you need a reference book to do your job, use the RTFM, or The Way of the Packet this is a book you give to your boss when s/he asks you to explain your job.

Great book as a guide

This book is quite good. Condensed commands and references to what needs to be looked at from an Incident Response perspective. I would highly recommend this to anyone willing to add to their knowledge. Please be aware, this book is not for learning Incident Response, but for bring a structure to how you handle these incidents/cases.

Questo libro ha lo scopo di fornire un approccio rapido verso la difesa da eventuali attacchi informatici. Offre diversispunti per mettere insiemeuna procedura per definire/catalogare l'incidente fino ad offrire comandi e software per scoprire chi, come e quando è riuscito a creare una breccia nel sistema. Sono ancora ai primi capitoli, ma giá da lì ho scoperto alcune vulnerabilità di cui non ero a conoscenza. Con poche direttive aggiunte ad apache, ho un sistema più sicuro. Davvero, gli spunti e gli strumenti per analizzare la propria infrastruttura sono molti. Più lo leggo, più mi appassiono al versante "sicurezza". Consigliato a chi gestisce server e reti aziendali. Essendo un libriccino veloce, non si può dire di non avere tempo per leggerlo!

Really great SOC uses-cases, very good to start guide for SOC engineers/managers. Great indepth coverage of basics and concepts critical for SOC/SIEM/D&R guys. Would really recommend this book to OT Cybersecurity Engineers or anyone from cys detection. As you can see from TOC, the micro topics, are covered, basics are always so critical in cybersecurity field. If you cannot apply fundamental into your program/projects, it's no use. So do get this guide. Handy and easy to digest! Highly recommended! :) cheers!

A real must have for all those involved in IR procedures design, a very useful summary for those who work in cyber security in general and want to have a