SOC Analyst candidates and students who would like to sharpen their Blue Team skills can benefit from the books in order to improve themselves and have information on this subject. In this article, we will talk about 3 different books that cover basic topics to introduce to the blue team subject.
Title: Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber Security Incident Responder
Target Audience: Student and SOC Analyst Tier 1
Level: Beginner
Authors: Don Murdoch
About the book: The book begins with an explanation of the incident response steps. In the following sections, all the stages of the actions taken by the attacker from the first entry to the system until exiting the system are detailed in order to understand the logic of the hacker. Then, information about host-based analysis and network-based analysis is given.
Title: The Practice of Network Security Monitoring: Understanding Incident Detection and Response
Target Audience: Student and SOC Analyst Tier 1
Level: Beginner
Authors: Richard Bejtlich
About the book: In this book, Network Security Monitoring (NSM) subject is mainly explained along with its practices. A blue team candidate can get practical experiences that correspond to real-life through the “Security Onion”. The book includes how the network traffic is collected and to analyze the traffic with a security-oriented approach. Some of the tools used in the book are as follows:
Title: Jump-start Your SOC Analyst Career: A Roadmap to Cybersecurity Success
Target Audience: Student and SOC Analyst Tier 1
Level: Beginner
Authors: Tyler E. Wall and Jarrett Rodrick
About the book: This book covers subjects like the needs of a SOC analyst to be able to start his career, and the technical knowledge he/she needs to know for this. The book is an introductory resource even for candidates who don’t know about what a SOC analyst is. The terms that he/she will encounter when he/she becomes a SOC analyst are covered in this book. In the last part of the book, we see a detailed presentation of the lives of real SOC analysts.
