SANS SEC450/MGT551 Links and Book List

1. Technical/Analysis/Threat Intel Books:
2. MITRE SOC Book - Top 10 Strategies of a World Class CSOC - http://sec450.com/top10
3. Blue Team Handbook - http://www.blueteamhandbook.com/
4. Intelligence Driven Threat Defense - http://sec450.com/intel
5. Crafting the Infosec Playbook - http://sec450.com/playbook
6. Psychology of Intelligence Analysis - https://www.cia.gov/static/9a5f1162fd0932c29bfed1c030edf4ae/Pyschology-of-Intelligence-Analysis.pdf
7.  
8. Management Books:
9. How to Measure Anything in Cybersecurity Risk - https://www.howtomeasureanything.com/cybersecurity/
10. The Goal - https://www.amazon.com/Goal-Process-Ongoing-Improvement/dp/0884271951
11. Statistical Process Control for Managers - https://www.amazon.com/Statistical-Process-Control-Managers-Victor/dp/1606498460
12. The 4 Disciplines of Execution - https://www.franklincovey.com/the-4-disciplines/
13. Measure What Matters - https://www.whatmatters.com/
14. The ONE Thing - https://the1thing.com/
15. Drive - The Surprising Truth about What Motivates Us - https://www.danpink.com/books/drive/
16.  
17. Open-Source SOC Tools:
18. TheHive - https://thehive-project.org/
19. MISP - https://misp-project.org/
20. Arkime - https://arkime.com/
21. Suricata - https://suricata.io/
22. Pi-Hole - https://pi-hole.net/
23. Elastic Stack - https://www.elastic.co/
24. Node Red Workflow Automation - https://nodered.org/
25.  
26. Other Videos / Tools Links:
27. MITRE ATT&CK - http://sec450.com/attack
28. ATT&CK Navigator - http://sec450.com/navigator
29. Rob Joyce (NSA TAO) Talk - http://sec450.com/tao
30. JPCERT Commands Abused by Attackers - http://sec450.com/jpcert
31.  
32. Other Guidance:
33. MS Priv. Access Management Guidance - http://aka.ms/privsec
34. PowerShell Logging Guidance - http://sec450.com/powershell