What do you think?
Rate this book
Tribe of Hackers Blue Team: Tribal Knowledge from the Best in Defensive Cybersecurity
Blue Team defensive advice from the biggest names in cybersecurity
The Tribe of Hackers team is back. This new guide is packed with insights on blue team issues from the biggest names in cybersecurity. Inside, dozens of the world’s leading Blue Team security specialists show you how to harden systems against real and simulated breaches and attacks. You’ll discover the latest strategies for blocking even the most advanced red-team attacks and preventing costly losses. The experts share their hard-earned wisdom, revealing what works and what doesn’t in the real world of cybersecurity.
Tribe of Hackers Blue Team goes beyond the bestselling, original Tribe of Hackers book and delves into detail on defensive and preventative techniques. Learn how to grapple with the issues that hands-on security experts and security managers are sure to build into their blue team exercises.
Discover what it takes to get started building blue team skills Learn how you can defend against physical and technical penetration testing Understand the techniques that advanced red teamers use against high-value targets Identify the most important tools to master as a blue teamer Explore ways to harden systems against red team attacks Stand out from the competition as you work to advance your cybersecurity career Authored by leaders in cybersecurity attack and breach simulations, the Tribe of Hackers series is perfect for those new to blue team security, experienced practitioners, and cybersecurity team leaders. Tribe of Hackers Blue Team has the real-world advice and practical guidance you need to advance your information security career and ready yourself for the blue team defense.
The Tribe of Hackers team is back. This new guide is packed with insights on blue team issues from the biggest names in cybersecurity. Inside, dozens of the world’s leading Blue Team security specialists show you how to harden systems against real and simulated breaches and attacks. You’ll discover the latest strategies for blocking even the most advanced red-team attacks and preventing costly losses. The experts share their hard-earned wisdom, revealing what works and what doesn’t in the real world of cybersecurity.
Tribe of Hackers Blue Team goes beyond the bestselling, original Tribe of Hackers book and delves into detail on defensive and preventative techniques. Learn how to grapple with the issues that hands-on security experts and security managers are sure to build into their blue team exercises.
Discover what it takes to get started building blue team skills Learn how you can defend against physical and technical penetration testing Understand the techniques that advanced red teamers use against high-value targets Identify the most important tools to master as a blue teamer Explore ways to harden systems against red team attacks Stand out from the competition as you work to advance your cybersecurity career Authored by leaders in cybersecurity attack and breach simulations, the Tribe of Hackers series is perfect for those new to blue team security, experienced practitioners, and cybersecurity team leaders. Tribe of Hackers Blue Team has the real-world advice and practical guidance you need to advance your information security career and ready yourself for the blue team defense.
- GenresTechnologyNonfiction
358 pages, Kindle Edition
Published August 19, 2020
29 people are currently reading
227 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 4 of 4 reviews
April 13, 2022
As with Tribe of Hackers, I was underwhelmed, but more so with this one, because it contains fewer resource recommendations and less about infosec culture. It has a lot of network defense advice. It's a collection of written interviews with 54 blue teamers.
Questions answered by interviewees
• How do you define a blue team?
• What are two core capabilities that a blue team should have?
• What are some of the key strengths of an incident response program?
• How can blue teamers learn, practice, and grow?
• How do you reward good blue teaming work?
• What are some core metrics that a blue team can use to build, measure, and maintain a successful information security program?
• Where would you start if you were the only information security staff member at a small to medium-sized business with a primitive security infrastructure?
• What is the most bang-for-your-buck security control?
• Has your organization implemented any deception technologies?
• Where should an organization use cryptography?
• How do you approach data governance and other methods of reducing your data footprint?
• What is your opinion on compliance?
• Is there a framework that aligns the activities or functions performed by the blue team with regulatory compliance requirements?
• How do you engage all the different units of an organization to maximize defense?
• What strategies do you use to communicate the threats you encounter to nontechnical decision-makers?
• What recommendations do you have for managing nontechnical executives' expectations during a significant ongoing incident?
Quotes
Questions answered by interviewees
• How do you define a blue team?
• What are two core capabilities that a blue team should have?
• What are some of the key strengths of an incident response program?
• How can blue teamers learn, practice, and grow?
• How do you reward good blue teaming work?
• What are some core metrics that a blue team can use to build, measure, and maintain a successful information security program?
• Where would you start if you were the only information security staff member at a small to medium-sized business with a primitive security infrastructure?
• What is the most bang-for-your-buck security control?
• Has your organization implemented any deception technologies?
• Where should an organization use cryptography?
• How do you approach data governance and other methods of reducing your data footprint?
• What is your opinion on compliance?
• Is there a framework that aligns the activities or functions performed by the blue team with regulatory compliance requirements?
• How do you engage all the different units of an organization to maximize defense?
• What strategies do you use to communicate the threats you encounter to nontechnical decision-makers?
• What recommendations do you have for managing nontechnical executives' expectations during a significant ongoing incident?
Quotes
The reason we pivoted from the term information security to cyber years ago was in part to acknowledge that this domain is no longer confined to an IT function. There are real-world physical, privacy, financial, safety, and operational risks and impacts when an attack occurs.
January 12, 2021
There are 12 primary colors on the color wheel. They already covered red, and now authors Marcus J. Carey and Jennifer Jin are back with Tribe of Hackers Blue Team: Tribal Knowledge from the Best in Defensive Cybersecurity (Wiley). Good news is that there’s many colors remaining.
As the title notes tribal knowledge, the authors pose many questions to over 50 security professionals. While a blue team generally refers to an internal security team that works to ensure adequate security controls in place, the definition is far from written in stone. To which many of the professionals interviewed give their ideas of what it is.
While many people may think that information security is black and what. What is fascinating to see here is the divergence of opinions and approaches by the various contributors.
While there is plenty of security software and hardware vendors that want you to think that all you need to do for security is to get their products in a rack in your data center or your cloud instance, the reality is far from that. To which Carey and Lin have many penetrating (no pun intended) questions that force the reader to think about how they want to ensure their infrastructure is secure.
Some of these questions include:
• What would you start with if you were the only information security staff member at a small to medium-sized business with a primitive security infrastructure?
• How do you reward good blue teaming work?
• Where should an organization use cryptography
• What is your opinion on compliance
• What is the most bang for your buck security control
One of the book's common themes is the notion that security has to be a community effort. To which Eddie Clark (chapter 11) said that it never ceases to amaze him how helpful people in the information security space can be.
Another point reiterated numerous times is that your security team has to be adequately compensated. Obviously, there will be much variance depending on the person's experience, location, industry, and more. But a recurrent problem in the industry is that far too many security professionals are not adequately compensated.
And for those that are perpetually complaining about the difficulties of finding security staff, much of the problem is that the firms that are having the most significant challenges are the ones that refuse to pay market rates. As I wrote in The fallacy of the information security skill shortage, any firm that is willing to adequately compensate their security teams will, for the most part, not have significant problems finding people to join their security team.
Many people go to Gartner for high-level strategic advice. In Tribe of Hackers Blue Team, the authors bring the collected wisdom from the trenches of the people who are actually doing security, know how to do it, and how to make it work.
There is obviously a lot more to be covered than just what is written here. The book takes on the blue team approach of building a defensive infrastructure for the organization. In their previous work Tribe of Hackers Red Team, the experts there discussed the role of an external adversary.
I have this book on my list of the Best Information Security Books of 2020; this is an excellent read and should also be on your reading list.
As the title notes tribal knowledge, the authors pose many questions to over 50 security professionals. While a blue team generally refers to an internal security team that works to ensure adequate security controls in place, the definition is far from written in stone. To which many of the professionals interviewed give their ideas of what it is.
While many people may think that information security is black and what. What is fascinating to see here is the divergence of opinions and approaches by the various contributors.
While there is plenty of security software and hardware vendors that want you to think that all you need to do for security is to get their products in a rack in your data center or your cloud instance, the reality is far from that. To which Carey and Lin have many penetrating (no pun intended) questions that force the reader to think about how they want to ensure their infrastructure is secure.
Some of these questions include:
• What would you start with if you were the only information security staff member at a small to medium-sized business with a primitive security infrastructure?
• How do you reward good blue teaming work?
• Where should an organization use cryptography
• What is your opinion on compliance
• What is the most bang for your buck security control
One of the book's common themes is the notion that security has to be a community effort. To which Eddie Clark (chapter 11) said that it never ceases to amaze him how helpful people in the information security space can be.
Another point reiterated numerous times is that your security team has to be adequately compensated. Obviously, there will be much variance depending on the person's experience, location, industry, and more. But a recurrent problem in the industry is that far too many security professionals are not adequately compensated.
And for those that are perpetually complaining about the difficulties of finding security staff, much of the problem is that the firms that are having the most significant challenges are the ones that refuse to pay market rates. As I wrote in The fallacy of the information security skill shortage, any firm that is willing to adequately compensate their security teams will, for the most part, not have significant problems finding people to join their security team.
Many people go to Gartner for high-level strategic advice. In Tribe of Hackers Blue Team, the authors bring the collected wisdom from the trenches of the people who are actually doing security, know how to do it, and how to make it work.
There is obviously a lot more to be covered than just what is written here. The book takes on the blue team approach of building a defensive infrastructure for the organization. In their previous work Tribe of Hackers Red Team, the experts there discussed the role of an external adversary.
I have this book on my list of the Best Information Security Books of 2020; this is an excellent read and should also be on your reading list.
April 19, 2025
Hello everyone, I’m recommending Webroot Cyber security service for all your cryptocurrency and digital assets recovery. I was one of their clients and I was able to recover my funds with their help. Truly, they are the best when it comes to cryptocurrency recovery. I had invested my money into a cryptocurrency trading platform that crashed earlier this month, I contacted Webroot Cyber Security after coming across their website, and they were able to recover my funds from the crashed platform. If you wish to contact them, you can reach them via the following information. Webroothacker@ gmail com
June 18, 2021
A sequel to the original Tribe of Hackers with more focus on cyber defense interviewing blue teams in the trenches
Displaying 1 - 4 of 4 reviews