Crafting the InfoSec Playbook: Security Monitoring and Incident Response Master Plan

Any good attacker will tell you that expensive security monitoring and prevention tools aren’t enough to keep you secure. This practical book demonstrates a data-centric approach to distilling complex security monitoring, incident response, and threat analysis ideas into their most basic elements. You’ll learn how to develop your own threat intelligence and incident detection strategy, rather than depend on security tools alone. Written by members of Cisco’s Computer Security Incident Response Team, this book shows IT and information security professionals how to create an InfoSec playbook by developing strategy, technique, and architecture.

Book contents:

  1. Incident Response Fundamentals

  2. What Are You Trying to Protect?

  3. What Are the Threats?

  4. A Data-Centric Approach to Security Monitoring

  5. Enter the Playbook

  6. Operationalize!

  7. Tools of the Trade

  8. Queries and Reports

  9. Advanced Querying

  10. I’ve Got Incidents Now! How Do I Respond?

  11. How to Stay Relevant