Blue Team HandLivre: SOC, SIEM, and Threat Hunting (V1.02): A Condensed Guide for the Security Operations Team and Threat Hunter (Kindle)


5 thoughts on “Blue Team HandLivre: SOC, SIEM, and Threat Hunting (V1.02): A Condensed Guide for the Security Operations Team and Threat Hunter (Kindle)

  1. says: characters Blue Team Handbook: SOC, SIEM, and Threat Hunting (V1.02): A Condensed Guide for the Security Operations Team and Threat Hunter Don Murdoch, GSE #99 ó 3 free read Blue Team HandLivre: SOC, SIEM, and Threat Hunting (V1.02): A Condensed Guide for the Security Operations Team and Threat Hunter (Kindle)

    Blue Team HandLivre: SOC, SIEM, and Threat Hunting (V1.02): A Condensed Guide for the Security Operations Team and Threat Hunter (Kindle) I'm going to buck the trend here and be the first person not to give this book a glowing 5 star review Purely based on the content I'd say this book is worth a 5 star rating but the overall editing of the book is like a 3 star rating

  2. says: Blue Team HandLivre: SOC, SIEM, and Threat Hunting (V1.02): A Condensed Guide for the Security Operations Team and Threat Hunter (Kindle)

    Blue Team HandLivre: SOC, SIEM, and Threat Hunting (V1.02): A Condensed Guide for the Security Operations Team and Threat Hunter (Kindle) So far looks to be my go to book for this topic –Don has done some amazing work here If I had had this book a few years ago I could have saved myself a tonne of workVery much like that he has added in not just the detailed technica

  3. says: Blue Team HandLivre: SOC, SIEM, and Threat Hunting (V1.02): A Condensed Guide for the Security Operations Team and Threat Hunter (Kindle)

    Blue Team HandLivre: SOC, SIEM, and Threat Hunting (V1.02): A Condensed Guide for the Security Operations Team and Threat Hunter (Kindle) I work as a blue team security platform engineerIt's very rare in security to be given a list of use cases your SOC should be looking for ; but this book provides just thatThere's some use cases here that we haven't thought of and some methodology that has come in handyIn fact I'd argue this book has value as a blue teamer than some

  4. says: Blue Team HandLivre: SOC, SIEM, and Threat Hunting (V1.02): A Condensed Guide for the Security Operations Team and Threat Hunter (Kindle)

    Blue Team HandLivre: SOC, SIEM, and Threat Hunting (V1.02): A Condensed Guide for the Security Operations Team and Threat Hunter (Kindle) Small reference book for those times you didn’t prepare or planned for Small in size but huge in content

  5. says: free read ☆ eBook or Kindle ePUB ó Don Murdoch, GSE #99 Blue Team HandLivre: SOC, SIEM, and Threat Hunting (V1.02): A Condensed Guide for the Security Operations Team and Threat Hunter (Kindle) Don Murdoch, GSE #99 ó 3 free read

    Blue Team HandLivre: SOC, SIEM, and Threat Hunting (V1.02): A Condensed Guide for the Security Operations Team and Threat Hunter (Kindle) Don Murdoch, GSE #99 ó 3 free read characters Blue Team Handbook: SOC, SIEM, and Threat Hunting (V1.02): A Condensed Guide for the Security Operations Team and Threat Hunter Arrived promptlyDidn’t think it was a very book as I found it rather unstructured

Leave a Reply

Your email address will not be published. Required fields are marked *

Arrived promptlyDidn t think it was a very book as I found it rather unstructured So far looks to be my go to book for this topic Don I found it rather unstructured So far looks to be my go to book for this topic Don done some amazing work here If I had had this book a few years ago I could have save. Blue Team Handbook SOC SIEM and Threat Hunting Use Cases is having an amazing impact on Security Operations worldwide BTHbSOCTH is the go to guiding book for new staff at a top 10 MSSP integrated into University curriculum and cited in top ten courses from a major information security training company This listing is for V102BTHbSOCTH provides the security practitioner with numerous field notes on building a security operations team managing SIEM and mining data sources to get the maximum amount of information out of them with a threat hunting approach The author shares his fifteen years of experience with SIEMs and security operations is a no frills just information format Don Murdoch has implemented five major platforms integrated over one hundred data sources into various platforms and ran an MSSP practice for two yearsThis book covers the topics below using a “zero fluff” approach as if you hired him as a security consultant and were sitting across the table with him or herThe book begins with a discussion for professionals to help them build a successful business case and a project plan decide on SOC tier models anticipate and answer tough uestions you need to consider when proposing a SOC and considerations in building a logging infrastructure The book goes through numerous data sources that feed a SOC and SIEM and provides specific real world guidance on how to use those data sources to best possible effect Most of the examples presented were implemented in one organization or another These uses cases explain on what to monitor how to use a SIEM and how to use the data coming into the platform both uestions that Don found is often answered poorly by many vendors Several business concepts are also introduced because they are often overlooked by IT value chain PESTL and SWOT Major sections includeAn inventory of Security Operations Center SOC ServicesMetrics with a focus on objective measurements for the SOC for analysts and for SIEM'sSOC staff onboarding training topics and desirable skills Along these lines there is a chapter on a day in the life of a SOC analystMaturity analysis for the SOC and

THE LOG MANAGEMENT PROGRAM APPLYING A 
log management program Applying a Hunt mindset to the SOC A full use case template that was used within two major Fortune 500 companies and is in active use by one major SIEM vendor along with a complete example of how to build a SOC and SIEM focused use case You can see the corresponding discussion of this chapter on YouTube Just search for the 2017 Security Onion conference for the presentationCritical topics in deploying SIEM based on experience deploying five different technical platforms for nineteen different organizations in education nonprofit and commercial enterprises from 160 to 30000 personnelUnderstanding why SIEM deployments fail with actionable compensators Real life experiences getting data into SIEM platforms and the considerations for the many different ways to provide data Issues relating to time time management and time zones. T no budget for itDon s other IR book was a masterpiece too read through it in a day and would be a book I d take on any engagementThese masterpiece too read through it in a day and would be a book I d take on any engagementThese help contribute so much to the blue team helps close some distance to the red tea. Blue Team Handbook SOC SIEM and Threat Hunting Use Cases is having an amazing impact on Security Operations worldwide BTHbSOCTH is the go to guiding book for new staff at a top 10 MSSP integrated into University curriculum and cited in top ten courses from a major information security training company This listing is for V102BTHbSOCTH provides the security practitioner with numerous field notes on building a security operations team managing SIEM and mining data sources to get the maximum amount of information out of them with a threat hunting approach The author shares his fifteen years of experience with SIEMs and security operations is a no frills just information format Don Murdoch has implemented five major platforms integrated over one hundred data sources into various platforms and ran an MSSP practice for two yearsThis book covers the topics below using a “zero fluff” approach as if you hired him as a security consultant and were sitting across the table with him or herThe book begins with a discussion for professionals to help them build a successful business case and a project plan decide on SOC tier models anticipate and answer tough uestions you need to consider when proposing a SOC and considerations in building a logging infrastructure The book goes through numerous data sources that feed a SOC and SIEM and provides specific real world guidance on how to use those data sources to best possible effect Most of the examples presented were implemented in one organization or another These uses cases explain on what to monitor how to use a SIEM and how to use the data coming into the platform both uestions that Don found is often answered poorly by many vendors Several business concepts are also introduced because they are often overlooked by IT value chain PESTL and SWOT Major sections includeAn inventory of Security Operations Center SOC ServicesMetrics with a focus on objective measurements for the SOC for analysts and for SIEM'sSOC staff onboarding training topics and desirable skills Along these lines there is a chapter on a day in the life of a SOC analystMaturity analysis for the SOC and the log management program Applying a Threat Hunt mindset to the SOC A Full Use A full use template that was used within two major Fortune 500 companies and is in active use by one major SIEM vendor along with in active use by one major SIEM vendor along with complete example of how to build a SOC and SIEM focused use case You can see the corresponding discussion of this chapter on YouTube Just search for the 2017 Security Onion conference for the presentationCritical topics in deploying SIEM based on experience deploying five different technical platforms for nineteen different organizations in education nonprofit and commercial enterprises from 160 to 30000 personnelUnderstanding why SIEM deployments fail with actionable compensators Real life experiences getting data into SIEM platforms and the considerations for the many different ways to provide data Issues relating to time time management and time zones.

characters Blue Team Handbook: SOC, SIEM, and Threat Hunting (V1.02): A Condensed Guide for the Security Operations Team and Threat Hunter

Blue Team Handbook: SOC, SIEM, and Threat Hunting (V1.02): A Condensed Guide for the Security Operations Team and Threat HunterD myself a tonne of workVery much like that he has in not just the detailed technical aspects of a SOC also the managementbudgetary aspects and working with the business aspects of a SOC but also the managementbudgetary aspects and working with the business well and good designing something but ge. Blue Team Handbook SOC SIEM and Threat Hunting Use Cases is having an amazing impact on Security Operations worldwide BTHbSOCTH is the go to guiding book for new staff at a top 10 MSSP integrated into University curriculum and cited in top ten courses from a major information security training company This listing is for V102BTHbSOCTH provides the security practitioner with numerous field notes on building a security operations team managing SIEM and mining data sources to get the maximum amount of information out of them with a threat hunting approach The author shares his fifteen years of experience with SIEMs and security operations is a no frills just information format Don Murdoch has implemented five major platforms integrated over one hundred data sources into various platforms and ran an MSSP practice for two yearsThis book covers the topics below using a “zero fluff” approach as if you hired him as a security consultant and were sitting across the table with him or herThe book begins with a discussion for professionals to help them build a successful business case and a project plan decide on SOC tier models anticipate and answer tough uestions you need to consider when proposing a SOC and considerations in building a logging infrastructure The book goes through numerous data sources that feed a SOC and SIEM and provides specific real world guidance on how to use those data sources to best possible effect Most of the examples presented were implemented in one organization or another These uses cases explain on what to monitor how to use a SIEM and how to use the data coming into the platform both uestions that Don found is often answered poorly by many vendors Several business concepts are also introduced because they are often overlooked by IT value chain PESTL and SWOT Major sections includeAn inventory of Security Operations Center SOC ServicesMetrics with a focus on objective measurements for the SOC for analysts and for SIEM'sSOC staff onboarding training topics and desirable skills Along these lines there is a chapter on a day in the life of a SOC analystMaturity analysis for the SOC and the log management program Applying a Threat Hunt mindset to the SOC A full use case template that was used within two major Fortune 500 companies and is in active use by one major SIEM vendor along with a complete example of how to build a SOC and SIEM focused use case You can see the corresponding discussion of this chapter on YouTube Just search for the 2017 Security Onion conference for the presentationCritical topics in deploying SIEM based on experience deploying five different technical platforms for nineteen different organizations in education nonprofit and commercial enterprises from 160 to 30000 personnelUnderstanding why SIEM deployments fail with actionable compensators Real life experiences getting data into SIEM platforms and the considerations for the many different ways to provide data Issues relating to time time management and time zones.