Reddit reviews Blue Team Field Manual (BTFM) (RTFM)
We found 8 Reddit comments about Blue Team Field Manual (BTFM) (RTFM). Here are the top ones, ranked by their Reddit score.
Reddit reviews Blue Team Field Manual (BTFM) (RTFM)We found 8 Reddit comments about Blue Team Field Manual (BTFM) (RTFM). Here are the top ones, ranked by their Reddit score.
The blue team field manual is a great book
Edit:
Here's the link
https://www.amazon.com/dp/154101636X/ref=cm_sw_r_cp_api_gz4-zbSCWC8E4
The Blue Team Field Manual and The Blue Team Handbook: Incident Response Edition.
> This topic really needs a full book treatment to do well. Unfortunately like most security topics there just aren’t any great books to point to that I know of.
What about the Blue Team Field Manual?
If you are referring to security in general, I don't think there will ever be? Our field fluctuates way to much. The moment we get something on paper, its already outdated.
It looks like you're moreso interested in blue team work. To tell you the truth, I'm more on the offensive side of things, but I'm sure I can still provide some help here. From what I can tell, it seems as though you already have a pretty solid base to work from based on the area you're looking at. Professor Messer provides some high quality videos that would serve as useful to you, as you would need to be pretty well rounded (although not quite expected to master all of these things) to get an infosec position. The network+ and security+ videos may be more useful in this context, but feel free to disregard the topics you know strongly and pursue the ones you're interested in. CompTIA also has the CSA+ which has a heavy focus on analyst concepts. While having certifications aren't a bad thing at all, it's not always necessary if you have the equivalent knowledge (I'd do a few job searches, and build out a "learning syllabus" from there, based on the responsibilities and requirements).
Speaking of which, in your case I would look for related entry level positions. I'm not quite sure where you are in terms of experience via internships / jobs, but assuming you didn't have infosec / IT experience yet, I would look into tier 1 SOC/NOC positions as I would imagine that it would provide the most carryover, considering your skillset and interests.
A few extra resources:
https://www.linkedin.com/pulse/breaking-cybersecurity-field-derek-carlin - Pretty solid career roadmap
https://www.cybrary.it/ - Several free courses, much higher quality than many of the udemy options (Also, don't worry about any of their certifications, they're not of high value compared to the knowledge you gain)
https://www.vulnhub.com/faq/#ptestnext - The most competent defenders that I've known, usually had a basic understanding of the offensive side of things as well. I noticed that you've done some offsec work during your courses, so this would be a good way to cultivate those skills a bit.
https://www.youtube.com/playlist?list=PLtGnc4I6s8dssa8hF4yMTAa4BrSJCSwux - Linux: again, just to show that you're well rounded
https://www.amazon.com/Blue-Team-Field-Manual-BTFM/dp/154101636X - BTFM: A pretty solid usage of 15ish dollars in your situation
Also, almost forgot to mention that the sidebar on here, and /r/netsec has a pretty solid list of resources.
Best of luck, and feel free to message me if you have any more questions, or need clarification on anything.
There are a ton of different things you can do on the defensive side. The path here is a bit less defined because you can specialize in each of these areas with out ever really touching the other ones. But I think these are the most important skills as a defender, so I’ll break it up into three smaller chunks. For the most part, defender/Blue-team concepts draw from these skills, I’ve setup the courses in order, as some of these skills may feed into other areas.
IR:
Forensics:
Reverse Engineering (Dynamic and Static):
I know there’s not a lot of certs here, and unfortunately, that’s how it is across the blue team. Certs here are usually very vendor-specific, and not applicable to defense as a whole. Those certifications exist, but I’m not listing them here.
If people are interested, I can also do a similar write-up on Mobile Forensics and Cloud Forensics (which is my direct background).
Lastly, here are some of my favorite news sources across the InfoSec community -
News Sources
Sorry this has taken me so long to get too. Been busy.
First, understand that Kali is nothing mote than a collection of tools. Its those tools that you are actually wanting to learn.
KaliTutorials is one place you can start.
Also, there is an abundance of videos on YouTube and if you are serious about wanting to learn penetration testing/security makes sure you book mark Irongeek
Like I said earlier, by the time books are written, edited, and published, they can often be out of date.
If you do want to understand some of the basics, here are books you should look at:
Metasploit: The Penetration Tester's Guide
rtfm
btfm
Basic Security Testing with Kali Linux 2 I havent read this one but I have heard good things
The Hacker Playbook
[The Hacker Playbook 2] (https://www.amazon.com/Hacker-Playbook-Practical-Penetration-Testing/dp/1512214566/ref=pd_sim_14_4?_encoding=UTF8&pd_rd_i=1512214566&pd_rd_r=2HDYK8BDM5MR8PV03JG8&pd_rd_w=kiAl7&pd_rd_wg=fAjYi&psc=1&refRID=2HDYK8BDM5MR8PV03JG8)
Also a good list of resources can be found here: cybrary.it
I'd be very surprised if you haven't heard or got these given your certs! Either way highly recommend the Blue Team Field Manual and Red Team Field Manual
https://www.amazon.com/Blue-Team-Field-Manual-BTFM/dp/154101636X/ref=sr_1_1?ie=UTF8&qid=1506698119&sr=8-1&keywords=blue+team+field+manual