Home Forums Kamanja Forums Use Cases & Samples security book: "Blue Team Handbook: Incident Response Edition"

This topic contains 0 replies, has 1 voice, and was last updated by  Greg Makowski 1 year, 9 months ago.

  • Author
  • #19832 Reply

    Greg Makowski

    If you are interested in preparing for what to do during a hacking incident, what to do during the event, how to protect, how to investigate – this would be a good book, The “Blue Team Handbook: Incident Response Edition” on Amazon, (rated 4.6 / 5 stars by 83 people).  or the author, with the table of contents and events.

    You may ask, “why BLUE team?”  For security, there are red-team (attack) vs. blue-team (defense) exercises to validate security, find holes and address issues. From Wikipedia, on red teams:

    red team is an independent group that challenges an organization to improve its effectiveness. The United States intelligence community (military and civilian) has red teams that explore alternative futures and write articles as if they were foreign world leaders.[citation needed] Little formal doctrine or publications about Red Teaming in the military exist.[1]

    Private business, especially those heavily invested as government contractors/defense contractors such as IBM and SAIC, and U.S. government agencies such as the CIA, have long used Red Teams. Red Teams in the United States armed forces were used much more frequently after a 2003 Defense Science Review Board recommended them to help prevent the shortcomings that led up to the attacks of September 11, 2001. The U.S. Army then stood up a service-level Red Team, the Army Directed Studies Office, in 2004. This was the first service-level Red Team and until 2011 was the largest in the DoD.[1]

Reply To: security book: "Blue Team Handbook: Incident Response Edition"
Your information: