Search
Close this search box.
document.body.classList.toggle('menu-open', show); // Add 'menu-open' class to body.
Search
Close this search box.

Blue Team Handbook – Eliza’s Cyber Security Book Club

th4ts3cur1ty.company - Meet The Team - Eliza
Written By Eliza-May Austin
August 29, 2024

Join our CEO – Eliza-May Austin, a seasoned leader with extensive experience in the field – as she dives into some of the most challenging topics in cyber security. Unlike many books written by authors who simply enjoy writing, Eliza brings her real-world expertise and senior leadership perspective to the table, providing honest and insightful reviews of the texts she has tackled.

In Eliza’s Cyber Security Book Club, you’ll gain valuable perspectives from a true practitioner and leader. So grab a cuppa, get ready to explore cyber security like never before, and embark on a journey through the most critical issues in the field.

WEEK 3: "Blue Team Handbook: SOC, SIEM and Threat Hunting Use Cases" by Don Murdoch

“Blue Team Handbook: SOC, SIEM and Threat Hunting Use Cases” by Don Murdoch stems back to 2018; not a lifetime ago but in technology, things move so fast that it raises the question, “is this book still worth it?”.

I’d say yes it is. It’s a field guide, so be honest with yourself about how you’re expected to use it. It’s a reference file for quick lookups and definitely not the kind of book you’d curl up under a blanket with a cup of tea to sink into (regardless of the photo I took to accompany this book review!)

It’s evident that the book is written by an experienced person within the cyber security industry, and that’s definitely the benefit of a reference guide like this.

Blue Team Handbook isn’t going to spoon-feed you the answers. For example, it won’t go into massive detail about what a SIEM is or argue the case for why you should make sure you have security logging and monitoring in place. However, it will tell you some key use cases you should consider putting in place.

I particularly enjoyed the to-the-point aspect of the book. It’s not an academic piece, but it doesn’t claim to be. Depending on your role, you could have it on your desk permanently and find yourself dipping into it regularly.

Rating "Blue Team Handbook: SOC, SIEM and Threat Hunting Use Cases"

A well-rounded 3/5 for its simplicity and to-the-point material.

I’d say if you’re new to working in a SOC this is something you can learn a lot from, but equally it’s going to serve you well if you’re a Head of SecOps and just want some inspiration to stay in love with your job on difficult days or need some refreshers. I would also recommend this one to Service Delivery Managers in service providers for pages such as 41-44, which lists various metrics your customers might want to see and what kind of value they add.

You do not need to be technically inclined or have prior experience to appreciate Blue Team Handbook, but it does help! It’s the kind of reference guide you’ll want to flick through prior to your SOC Analyst’s job interview to refresh your brain on ports, packets and protocols.

Technical rating: 3/5 

Experience rating: 2/5

Seniority required: 1/5

OVERALL RATING

COMING UP NEXT WEEK…

Watch this space for the next instalment of Eliza’s Cyber Security Book Club!

Like what you see? Share with a friend!

th4ts3cur1ty.company - Meet The Team - Eliza

This article is written by

Eliza-May Austin

CEO

Eliza exudes a captivating, no-nonsense demeanour that defines the services provided by th4ts3cur1ty company. As a proud Yorkshire woman, she boasts an impressive expertise in tea, gravy, and local hiking trails. Clients value Eliza’s practical, assertive stance on security, especially in challenging situations. Quietly dubbed the “Winston Wolfe of cyber”, she navigates complex conditions with a calm and strategic approach. Trust her to handle security matters with finesse and to get you out of a bind with determined resolve.