Tribe of Hackers - Blue Team

Share on:

Tribe of Hackers Blue Team - Defensive advice from the biggest names in cybersecurity


I am so honored and grateful to be a co-author of the Tribe of Hackers Blue Team book, spearheaded by Marcus J. Carey (@marcusjcarey) and Jennifer Jin (@Jen_Jin). You can pick up your own copy now on: or

The Tribe of Hackers team is back. This new guide is packed with insights on blue team issues from the biggest names in cybersecurity. Inside, dozens of the world’s leading Blue Team security specialists show you how to harden systems against real and simulated breaches and attacks. You’ll discover the latest strategies for blocking even the most advanced red-team attacks and preventing costly losses. The experts share their hard-earned wisdom, revealing what works and what doesn’t in the real world of cybersecurity.

Tribe of Hackers Blue Team goes beyond the bestselling, original Tribe of Hackers book and delves into detail on defensive and preventative techniques. Learn how to grapple with the issues that hands-on security experts and security managers are sure to build into their blue team exercises.

  • Discover what it takes to get started building blue team skills
  • Learn how you can defend against physical and technical penetration testing
  • Understand the techniques that advanced red teamers use against high-value targets
  • Identify the most important tools to master as a blue teamer
  • Explore ways to harden systems against red team attacks
  • Stand out from the competition as you work to advance your cybersecurity career

Authored by leaders in cybersecurity attack and breach simulations, the Tribe of Hackers series is perfect for those new to blue team security, experienced practitioners, and cybersecurity team leaders. Tribe of Hackers Blue Team has the real-world advice and practical guidance you need to advance your information security career and ready yourself for the blue team defense.

My Chapter Summary (from Wiley)

Duncan McAlynn is the founder of Operandis and the host of the podcast series CyberSpeaksLIVE. He is an InfoSec professional with more than 25 years of industry experience. This chapter presents McAlynn’s answers to questions related to the blue team. He defines a blue team as the protectors and defenders of the nation’s corporations, government agencies, nonprofits, and learning institutions. McAlynn believes that teamwork and passion for learning new things are the two core capabilities that a blue team should have. He presents his views on some of the key strengths of an incident response program and some core metrics that a blue team can use to build, measure, and maintain a successful information security program. McAlynn provides his opinion on regulatory compliance and his strategies to communicate the threats he has encountered to nontechnical decision‐makers. He also gives recommendations for managing nontechnical executives’ expectations during a significant ongoing incident.