Introducing: Blue Team Diaries
I’m super excited to reveal the first installment in a new series of short stories, the Blue Team Diaries. As you can probably guess, the focus is on the Blue Team — the team responsible for monitoring and environment for security problems and responding accordingly.
To create these stories, I’ve drawn on my experiences managing Blue Teams for cloud service providers. For the first time, a series I’ve written is set in the United States, rather than the United Kingdom, which is a relief, because it was starting to get very annoying flipping between American and British English.
What’s interesting about Blue Teaming, is that the best stories occur when everything is working as it should. That’s to say when everything is being protected properly, and nothing escalates to the point where you end up in the headlines. The thing is, aside from possibly being brought up at the annual holiday party, those stories can often go untold, simply because they represent just another day at the office. That’s why I’ve decided to write this series, to shine a light on all the hard work that goes into going unnoticed.
In the first episode of the series, the focus is on the response to one of the most significant software vulnerabilities ever disclosed, Shellshock. Shellshock was a bug discovered in 2014, which permitted remote code execution via a flaw in the Bash shell, the most widely used Linux shell.
As you read through the story, you’ll discover how the team works well together to respond to the issue as quickly as possible.
You’ll also soon learn that Shellshock, despite being the catalyst for the incident response, is not the most significant security issue the team has to deal with that day. And that, my friends, is often the way it goes. When you lift up a rock you haven’t lifted before, you might find a few extra bugs along the way!
I hope you enjoy this series. You can download Shellshocked on Kindle for free this week, here.