Email the Author
You can use this page to email Derek Carlin about Blue Team Primer: Detecting A Hacker.
About the Book
Most modern-day businesses are required to have a Penetration Tester or Security Auditor review their systems annually for flaws and holes in their security. The professional tester will generally come onsite and spend on average two to three days on premise for the engagement before departing to write up their report, which will then be handed to IT Security to start remediation efforts.
This book looks at how to maximize the two to three-day window that the Penetration Tester is onsite, focusing not on how the tester finds the flaws, but instead on how the defensive security team can track the tester as they move through the network. The final goal being able to apply these tactical lessons learned to improving continuous monitoring and alerting for adverse behavior.
Topics Covered:
- Reconnaissance
- Scanning & Enumeration
- Gaining Access
- Maintaining Access
- Credential Stealing & Privilege Escalation
- Command & Control
- Data Exfiltration
Note: This book will never reach 100% completion. I expect to update, as new attacks are discovered. Upon purchase, you will receive free updates for life.
About the Author
Derek has spent over 10 years working in the Blue Team security space to include working in a Security Operations Center, as an Incident Responder, as an ISSM in the DOD/FedRAMP space, and as a Cloud Security Architect working with AWS and Azure. Derek has also spent over 6 years concurrently working in the Red Team field as a penetration tester focusing on Internal, External, Web Application, and Cloud Configuration assessments. Derek holds many industry recognized certifications and is an occasional conference speaker.