Mehr lesen
As cyberthreats become more sophisticated and alert volumes rise, security teams need more than just tools--they need strategy, structure, and field-tested guidance. Following the success of the original print edition, this updated digital edition of
Blue Team Handbook: SOC, SIEM, and Threat Hunting is still the essential resource for building, optimizing, and managing modern detection engineering practices and security operations centers.
This practical guide distills over 20 years of frontline cybersecurity experience into an actionable playbook for analysts, SOC managers, architects, detection engineers, and threat hunters. Author Don Murdoch delivers expert insights designed to help teams improve quickly. Whether you're refining your current operations or launching a SOC from scratch, this book empowers you with proven, real-world techniques to defend against today's most persistent threats.
- Build and organize SOC teams for maximum operational impact
- Understand how to launch and execute a comprehensive telemetry, audit data, and SIEM deployment strategy
- Create effective SOC use cases, including risk-based alerting
- Develop and apply meaningful metrics to evaluate SOC effectiveness, analyst performance, and SIEM utility
- Identify advanced threats using real-world threat hunting techniques
Über den Autor / die Autorin
Don Murdoch, GSE, MBA is a leading information security professional with over 20 years in cyber response and digital defense. His experience is in non profit, academic, and Fortune 500 settings. He has taught CISSP, Security Architecture, and intrusion analysis courses for the SANS Institute, and is both the NICCS Incident Response course lead and the ISSAP course lead for ExpandingSecurity.com. Don has numerous InfoSec IT certifications - CISSP, ISSAP, 33 SANS certifications, a GSE, is a chartered SABSA security architect, and also is certified as a TOGAF Enterprise Architect.
