Join our CEO – Eliza-May Austin, a seasoned leader with extensive experience in the field – as she dives into some of the most challenging topics in cyber security. Unlike many books written by authors who simply enjoy writing, Eliza brings her real-world expertise and senior leadership perspective to the table, providing honest and insightful reviews of the texts she has tackled.
In Eliza’s Cyber Security Book Club, you’ll gain valuable perspectives from a true practitioner and leader. So grab a cuppa, get ready to explore cyber security like never before, and embark on a journey through the most critical issues in the field.
WEEK 3: "Blue Team Handbook: SOC, SIEM and Threat Hunting Use Cases" by Don Murdoch
I’d say yes it is. It’s a field guide, so be honest with yourself about how you’re expected to use it. It’s a reference file for quick lookups and definitely not the kind of book you’d curl up under a blanket with a cup of tea to sink into (regardless of the photo I took to accompany this book review!)
It’s evident that the book is written by an experienced person within the cyber security industry, and that’s definitely the benefit of a reference guide like this.
Blue Team Handbook isn’t going to spoon-feed you the answers. For example, it won’t go into massive detail about what a SIEM is or argue the case for why you should make sure you have security logging and monitoring in place. However, it will tell you some key use cases you should consider putting in place.
I particularly enjoyed the to-the-point aspect of the book. It’s not an academic piece, but it doesn’t claim to be. Depending on your role, you could have it on your desk permanently and find yourself dipping into it regularly.
Rating "Blue Team Handbook: SOC, SIEM and Threat Hunting Use Cases"
A well-rounded 3/5 for its simplicity and to-the-point material.
I’d say if you’re new to working in a SOC this is something you can learn a lot from, but equally it’s going to serve you well if you’re a Head of SecOps and just want some inspiration to stay in love with your job on difficult days or need some refreshers. I would also recommend this one to Service Delivery Managers in service providers for pages such as 41-44, which lists various metrics your customers might want to see and what kind of value they add.
You do not need to be technically inclined or have prior experience to appreciate Blue Team Handbook, but it does help! It’s the kind of reference guide you’ll want to flick through prior to your SOC Analyst’s job interview to refresh your brain on ports, packets and protocols.
Technical rating: 3/5
Experience rating: 2/5
Seniority required: 1/5
COMING UP NEXT WEEK…
Watch this space for the next instalment of Eliza’s Cyber Security Book Club!