Defensive Security Handbook (2nd Edition): Best Practices for Securing Infrastructure By Amanda Berlin, William F. Reyor III and Lee Brotherston.
Amanda holds an Associate in Computer Information Systems from North Central State College. Today she is a Senior Product Manager of Cybersecurity at Blumira. She is co-host of Brakeing Down Security, provides training for organizations on creating tabletop and incident response playbook programs. In addition, Amanda is CEO and co-founder of Mental Health Hackers, a non-profit organization that aims to raise awareness about mental health issues in the cybersecurity community.
William is the Director of Security at Modus Create. His previously served at The Walt Disney Company, Raytheon Technologies, and as CISO at Fairfield University. Reyor is also a co-founder of Security BSides Connecticut.
Lee holds a BSc in Media Technology from Teesside University, Middlesbrough, North Yorkshire UK. He is the founding security engineer at OpsHelm and has previously worked across multiple sectors: including finance, telecommunications, hospitality, entertainment, and government.
The authors are recognized for extensive real-world experience and leadership in cybersecurity. This is a perfect update to a cyber world filled with ever increasing high-profile hacks, data leaks, and ransomware attacks. For organizations lacking a formal InfoSec program this provides a baseline and is most helpful for the Information Security community.
Seeing the alphabet soup
The book is addressing techniques to confront breaches, compliance, network infrastructure, password management, vulnerability scanning, and penetration testing for starters. There is a ton of great insights that organizational leaders outside of IT should be aware of in order to further protect their teams.
Amanda, William, and Lee provides insights to incident response, disaster recovery, compliance, and physical security solutions. Their learning includes the basics of pen testing via purple teaming. In fact, they address vulnerability management using automated processes and tools as well as IDS, IPS, SOC, logging, and monitoring. This list of critical topics certainly includes the essentials of logging, monitoring, and the use of IDS/IPS and SOCs. Finally, they do not skip hardening advice for both Microsoft and Unix/Linux platforms. They also address purple teaming, the blend of red and blue team exercises to bridge offensive and defensive security testing.
In conclusion, the updated version of The Defensive Security Handbook is a valuable resource for readers new to information security. At the same time seasoned IT professionals seeking to establish a solid knowledge base will benefit as well as organizational leaders who need to understand risk in today’s modern world.