Solutions Review finds the Highest-Rated Threat Hunting books available on Amazon right now. You need to add these to your collection today.
Solutions Review frequently shares our finds for essential cybersecurity titles and books every InfoSec professional and IT security team should have on the shelf. Here’s one of our lists.
For this list, we wanted to zoom in on a specific branch of cybersecurity – Threat Hunting – and share the highest-rated titles on the subject. These books qualify for this list by being about threat hunting specifically and having a four-star rating on Amazon at minimum.
These books are intended for beginners and experts alike and are written by authors with proficiency and/or recognition in the field of cybersecurity.
The Highest Rated Threat Hunting Books Available on Amazon
Book Title: Practical Threat Intelligence and Data-Driven Threat Hunting: A hands-on guide to threat hunting with the ATT&CK™ Framework and open-source tools
Our Take: Valentina Palacín is a cyber threat intelligence analyst who specializes in tracking Advanced Persistent Threats (APTs) worldwide. That expertise shines through in the text.
Description: This book is not only an introduction for those who don’t know much about cyber threat intelligence (CTI) and TH world, but also a guide for those with more advanced knowledge of other cybersecurity fields who are looking to implement a TH program from scratch. You will start by exploring what threat intelligence is and how it can be used to detect and prevent cyber threats. As you progress, you’ll learn how to collect data, along with understanding it by developing data models. The book will also show you how to set up an environment for TH using open-source tools. Later, you will focus on how to plan a hunt with practical examples, before going on to explore the MITRE ATT&CK framework.
Book Title: Cybersecurity Blue Team Toolkit
Our Take: Nadean H. Tanner has 20 in technology, including a trainer and consultant in advanced cybersecurity for Fortune 500 companies as well as the U.S. Department of Defense.
Description: Thanks to author Nadean Tanner’s wide array of experience from teaching at a University to working for the Department of Defense, the Cybersecurity Blue Team Toolkit strikes the perfect balance of substantive and accessible, making it equally useful to those in IT or management positions across a variety of industries. This handy guide takes a simple and strategic look at best practices and tools available to both cybersecurity management and hands-on professionals, whether they be new to the field or looking to expand their expertise.
Book Title: Blue Team Handbook: SOC, SIEM, and Threat Hunting (V1.02): A Condensed Guide for the Security Operations Team and Threat Hunter
Our Take: Don Murdoch has over 17 years of information and network security experience, ranging from intrusion detection and response to establishing an MSSP.
Description: Don Murdoch has implemented five major platforms, integrated over one hundred data sources into various platforms, and ran an MSSP practice for two years. This book covers the topics below using a “zero fluff” approach as if you hired him as a security consultant and were sitting across the table with him (or her). The book begins with a discussion for professionals to help them build a successful business case and a project plan, decide on SOC tier models, anticipate and answer tough questions you need to consider when proposing a SOC, and considerations in building a logging infrastructure. The book goes through numerous data sources that feed a SOC and SIEM and provides specific real-world guidance on how to use those data sources to the best possible effect.
Our Take: Scott J Roberts works for GitHub as a security professional, and Rebekah Brown has spent more than a decade working in the intelligence community. Their knowledge is essential.
Description: Using a well-conceived incident response plan in the aftermath of an online security breach enables your team to identify attackers and learn how they operate. But, only when you approach incident response with a cyber threat intelligence mindset will you truly understand the value of that information. With this practical guide, you’ll learn the fundamentals of intelligence analysis, as well as the best ways to incorporate these techniques into your incident response process.
Book Title: Malware Analysis and Detection Engineering: A Comprehensive Approach to Detect and Analyze Modern Malware
Our Take: Abhijit Mohanta is an independent cybersecurity consultant and corporate trainer and Anoop Saldanha is one of the core authors of the Suricata Intrusion Detection and Prevention System, funded by the US Department of Homeland Security (DHS) and US Navy’s SPAWAR.
Description: The book starts with an introduction to malware analysis and reverse engineering to provide insight on the different types of malware and also the terminology used in the anti-malware industry. You will know how to set up an isolated lab environment to safely execute and analyze malware. You will learn about malware packing, code injection, and process hollowing plus how to analyze, reverse, classify, and categorize malware using static and dynamic tools. You will be able to automate your malware analysis process by exploring detection tools to modify and trace malware programs, including sandboxes, IDS/IPS, anti-virus, and Windows binary instrumentation.
Those were our picks for the highest-rated threat hunting books available on Amazon now. For more on enterprise cybersecurity, check out our SIEM Buyer’s Guide.
- More Expert Commentary and Coverage of the GetHealth Exposure - September 14, 2021
- GetHealth Platform Misconfiguration Exposes 61 Million Fitness-Tracking Records - September 13, 2021
- Panther Labs Releases State of SIEM 2021 Report - September 13, 2021