Blue Team Handbook: SOC, SIEM, and Threat Hunting (V1.02): A Condensed Guide for the Security Operations Team and Threat Hunter Paperback – 25 Mar. 2019

So far looks to be my go to book for this topic –Don has done some amazing work here. If I had had this book a few years ago I could have saved myself a tonne of work,Very much like that he has added in not just the detailed technical aspects of a SOC, but also the management/budgetary aspects and working with the business – all well and good designing something but get no budget for it!Don's other IR book was a masterpiece too – read through it in a day and would be a book I’d take on any engagement.These books help contribute so much to the blue team – helps close some distance to the red team!

I work as a blue team security platform engineer.It's very rare in security to be given a list of use cases your SOC should be looking for ; but this book provides just that.There's some use cases here that we haven't thought of and some methodology that has come in handy.In fact I'd argue this book has more value as a blue teamer than some of the more expensive training I've been on!If you defending a network be it in a SOC or not you owe it to yourself to give this book a read.

Small reference book for those times you didn’t prepare or planned for. Small in size but huge in content.

I'm going to buck the trend here and be the first person not to give this book a glowing 5-star review. Purely based on the content I'd say this book is worth a 5-star rating but the overall editing of the book is more like a 3-star rating.It is at times painfully noticeable that this is a self-published title and it could certainly do with a professional editor to improve the overall writing style and flow.As it is, it's more of a brain dump of the author's knowledge put into a roughly logical order making it hard to follow purely because of the poor editing and not because of the subject matter being dealt with.Even without an editor, the text could have done with a bit more proofreading as it has quite a few spelling mistakes as well as oddly formed sentences or omitted words.Let me be quite clear, this isn't a criticism of the raw content and I do believe this book is a good purchase just bear in mind this is a self-published book and therefore not particularly polished.

Arrived promptly.Didn’t think it was a very book as I found it rather unstructured

Rambling collection of thoughts, lacking in form and structure.Semi-useful if you work in IT security operations as long as you have a reasonable idea of what you're doing.It's very low level.