Cyber Shelf

// Alternatives

Alternatives to Intelligence-Driven Incident Response

Books in our catalog with overlapping topics and a similar reading level to Intelligence-Driven Incident Response. If Intelligence-Driven Incident Response is the wrong fit at intermediate level, start here.

Incident ResponseThreat IntelligenceDefensive

  1. 01 · 2014

    Incident Response and Computer Forensics

    Luttgens, Pepe, and Mandia's working playbook for running an enterprise IR engagement: pre-engagement readiness, evidence acquisition, network and host forensics, and the project-management discipline that separates a controlled response from a panic.

    Intermediate
    4/5Jason T. Luttgens, Matthew Pepe, Kevin Mandia

  2. 02 · 2021

    Designing Secure Software

    Loren Kohnfelder, the original PKI author, on how to weave security thinking through requirements, design, implementation and operations rather than bolt it on at the end.

    Intermediate
    5/5Loren Kohnfelder

  3. 03 · 2014

    Threat Modeling

    Adam Shostack's practitioner-oriented introduction to threat modeling: STRIDE, attack trees, and how to fit the practice into a real software-development lifecycle.

    Intermediate
    5/5Adam Shostack

  4. 04 · 2013

    The Practice of Network Security Monitoring

    Richard Bejtlich's NSM playbook: how to deploy collection sensors, validate that you actually see what you think you see, and build detection workflows around open-source tools.

    Intermediate
    5/5Richard Bejtlich

  5. 05 · 2012

    Practical Malware Analysis

    Still the gold standard textbook for static and dynamic malware analysis on Windows.

    Intermediate
    5/5Michael Sikorski, Andrew Honig

  6. 06 · 2021

    Practical Linux Forensics

    Bruce Nikkel's reference for forensic analysts working post-mortem on Linux images: filesystems, journaling, logs, persistence locations, and the chain of custody discipline around them.

    Intermediate
    4/5Bruce Nikkel

  7. 07 · 2017

    Network Security Through Data Analysis

    Michael Collins on building situational awareness from network telemetry: collection architecture, statistical baseline-setting, and the analytic patterns that turn raw flows into detection.

    Intermediate
    4/5Michael Collins

  8. 08 · 2017

    Zero Trust Networks

    Evan Gilman and Doug Barth's pre-marketing-bubble treatment of zero-trust architecture — what it is when you actually implement it (trust evaluation, device identity, dynamic policy) versus what the vendor pitch turned it into.

    Intermediate
    4/5Evan Gilman, Doug Barth

  9. 09 · 2021

    How Cybersecurity Really Works

    Sam Grubb's gentle, exercise-driven introduction for non-specialists who need a working mental model of attacker behaviour and basic defence.

    Beginner
    4/5Sam Grubb

  10. 10 · 2019

    Foundations of Information Security

    Jason Andress' compact tour of the field: confidentiality / integrity / availability, identification and authentication, network and OS controls, written for newcomers and adjacent disciplines.

    Beginner
    4/5Jason Andress
Back to Intelligence-Driven Incident ResponseWhat to read after Intelligence-Driven Incident Response