A few weeks ago while teaching SANS FOR578 one of my students asked a great question by a student: What books or papers should a new cyber threat intelligence analyst read first? It’s a question I’d meant to answer before so instead of just sending back an email (I mean, I emailed back, HI MATT, but along with that) I figured I’d write up my list and have something to reference next time I get asked....
I’ve been lucky enough to play in a number of computer attack & defend (sometimes only one or the other) Capture The Flags. They’ve been some of the best learning experiences I’ve ever had and a ton of fun. It really compresses all of cyber security, minus that boring policy stuff, into a smaller time frame. Even with all the benefits there is one tough part: you can’t always spend a weekend in a friends basement with a pallet of Redbull or on the floor at DefCon CTF....