Blue Team Field Manual (BTFM) is a Cyber Security Incident Response Guide that aligns with the NIST Cybersecurity Framework consisting of the five core functions of Identify, Protect, Detect, Respond, and Recover by providing the tactical steps to follow and commands to use when preparing for, working through and recovering from a Cyber Security Incident.
Good start for first timers in DFIR, seasoned vets might also get a couple new tricks. Advanced techniques are missing, they couod have worked harder on that book. Have no idea why tools such as Redline are missing, rekall and volatility too...
Blue Team Field Manual, don't leave your network alone without giving this to your BOFH lazy lacky number 2 in command.
When you are being attacked, want to guard from an attack, or bed reminders of where that one log file you need for post mortem forensic mining is... The BTFM is the cheat sheet you want on your desk. I use it all the time.
Seriously though, Cybersecurity command line and GUI primary tools for Windows, Unix, Linux. All with explanations and basic to deep examples of use.
Pretty much entirely something to use as refrance material--in the way that you should definitely read up on the topics presented here in other materials that go much further indepth on the topic
A starting point for learning this stuff--and far from sufficient on its own
That being said--there is a large amount of material to further read and get a better understanding
If you want to be all edgy, you will need this as well as the Red Team counterpart
At first I was unsure as to whether this was a red/blue team book, but after a few chapters many good insights and guides had been introduced that shifted my original thought pattern. Small/brief explanations followed by commands would best describe the context of this book. Will buy a tangible copy as well.
Naturally I also have the Red Team Field Manual. I happen to think they're both crucial and I would hope any interested parties and/or teamers would familiarize themselves with both resources. Recommended!
It’s like having a bunch of cheat sheets on pen testing commands on multiple operating systems. It’s one of the items you keep in your backpack or work device for later reference.
Great and straight to the point. This is pretty much a cheat sheet for blue teamers, separated by different type of situations, also OS's are treated by separate, so it is a plus.
I love this command reference style book. Excellent reference for all levels of keeping your environment protected, logged, and playbook start framework for incident response. I hope to see more books like this covering other aspects of
This is just a list of consolidated syntax that someone in an information security/analyst/cyber/aka... "Blue Team" may find useful.
I really didn't get much value out of this book.
If you're reading this review and you are trying to come to a decision point for purchase, if you have an "above average knowledge base" such as a few years experience, a degree, or more than one professional IT certification... I would not recommend this book. You would be better off using free and more accessible online resources, or... you already know the material.