Book review: Managing Cyber Risk

Managing cyber risk is the book for those looking to understand this new enterprise risk from a strategic perspective. The book was written by a cyber risk expert for managers and senior executives, although practitioners can also benefit from reading it. The book covers everything a senior stakeholder in an organisation needs to know to…

Book Review: Industrial Network Security

Some months ago doing a research for a job assignment, I ended up in scadahacker.com which is an ICS specific cyber security blog. Among the books the blog recommends is Industrial Network Security, I did not think about it twice and bought it. I was not familiar enough with the area to understand it, so…

Intelligence-Driven Incident Response, book review.

  Intelligence Driven Incident Response is a great book that provides insight into the evolving field of Defense Intelligence. This book is about the missing link between your cyber defense operations teams, threat intelligence and intelligence to provide the organization with full spectrum defensive capabilities. The book is an extensive walkthrough that will take the reader…

Cyber Deception: Building the scientific foundation

Looking to understand better cybe deception systems and current state of this technology, I made a thorough search in internet fiding this books in Amazon. The books is a compendium of different research papers aimed at defining cyber depection, its capabilities and technicalities to design them. If you are interested specifically in the design of…

Network Threat Hunting Books

  Here I leave you what are the best books I have ever read for network threat hunting – security monitoring. These books at the time I read them help me to get back on my feet after some long time without firing wireshark and seeing and nice packet capture. I recommend them as they…

Book: Android Malware and Analysis by Ken Dunham.

I needed  to get an intro to Android Malware Analysis and some of the tools you can use for Analysis. This books is very easy to read and provides a good foundation to start doing Android Malware Analysis. It covers current malware landscape until 2014 an existing techniques and tools in static and dynamic analysis….

Book: Incident Response & Computer Forensics 3rd edition

As part of the training I took this year, GCFA ( https://www.sans.org/course/advanced-incident-response-threat-hunting-training) I was given this book together with the course. Thumbs up for the people at SANS again. I came across this book, a lot before I attended my GCFA training however I never bought it, I believe I did not see benefits in it…

Book: Learn about firewall design, Juniper Networks

Mini-book oriented to firewall design. The book explains very well the role that the company policy plays when designing the firewall. It is a very easy to read, well written and a refresher if you are studying firewall design and monitoring. I particularly used it to refresh and get ideas on those indicators that are interesting…

Malware forensics field guide for Windows Systems

All good books deserve a reference and this one is one of them. Malware forensics field guide for Windows systems.   The book is very easy to read and mainly practical. It goes from describing the general IR process to advance subjects such as memory forensics, live and dead analysis of windows systems and malware…