Account

Company

  Menu
Large Image

Blue Team Guide to Threat Hunting: Attack Techniques, Understanding Normal, and Persistent Hunting

by

(10 reviews)

Get It Preview
FREE $9.99 Save 100%

Share This

Description

You bought a plot of land, rented a bulldozer, dug out what one might think was a very deep hole for a pool, set up your prefab bunker running completely off solar panels, pushed the dirt back on top, and settled down in your nice comfy command center. But then you find out highly effective advanced persistent threats are slowly positioning themselves for the long game, and your country needs you to help in this war of the future. And you believe in the cause and stand ready to fight for your country for the sake of your family and loved ones.

..Or maybe you are a normal person and work in security and want to understand the inner workings of the security products you work with instead of reading another book that talks about vague general ideas. You might respond to alerts and wonder why these rules were created, or how you can really feel confident if an alert is a false positive or something much more nefarious. Perhaps you are new to security and want to improve your skillsets. Maybe you are a security engineer or architect, but aren't sure how to fully triage an alert and want to gain a deeper understanding. If any of this sounds interesting, then this is for you.

What this does is walk through several attack techniques, malware reports, or other mechanisms, shows how to go beyond simple ephemeral IOCs like ips, urls, and hashes. It shows several examples of translating reports and techniques into more efficient and longer lasting detections with much broader coverage. It covers some other hunting methodologies, and takes the approach of knowing what normal looks like. Even if you are not normal. Oh and lots of bonus content... random scattered thoughts, pro tips, and dad jokes.

I am also calling out CISA to level up your game, shape the industry, and write more efficient rules higher on the pyramid of pain. Your reports are good, they often have TTPs and tools, but the majority of your subscribers are just going to take your precanned rulesets which only contain IPs and hashes and plug them in. Start pushing Sigma rules. Don't worry this book shows you how to write higher level rules, and even how to turn those rules into standalone PowerShell rules in case it is needed. You do good work but it's time to evolve.

Tag This Book

This Book Has Been Tagged
It hasn't. Be the first to tag this book!

Our Recommendation

Get It This book is free, possibly only for a limited time.

Notify Me When The Price...

  • If I'm already tracking this book

to track this book on eReaderIQ.

Track These Authors

to track Cyber Panda on eReaderIQ.

  • to be notified each time the price drops on any book by Cyber Panda.
  • to stop tracking Cyber Panda.

Price Summary

  • We started tracking this book on December 22, 2023.
  • This book was $0.00 when we started tracking it.
  • The price of this book has changed 13 times in the past 868 days.
  • The current price of this book is FREE last checked 20 minutes ago.
  • The lowest price to date was FREE last reached on May 7, 2026.
  • This book has been FREE 6 times since we started tracking it.
  • The highest price to date was $9.99 last reached on February 3, 2026.
  • This book has been $9.99 6 times since we started tracking it.
  • This book is currently at its lowest price since we started tracking it.

Genres

Additional Info

  • Text-to-Speech: Disabled
  • Lending: Disabled
  • Print Length: 159 Pages
  • File Size: 252 KB

We last verified the price of this book about 20 minutes ago. At that time, the price was $0.00. This price is subject to change. The price displayed on the Amazon.com website at the time of purchase is the price you will pay for this book. Please confirm the price before making any purchases.