When Netmux first released the Operator Handbook, I
had to check it out. I had some initial impressions, but wanted to take some
time to refine my thoughts on it before putting together a full review of the
book. The book review will be a bit short, but that’s because this is a rather
straightforward book.
I think the first things to know is that this book is strictly a reference.
There’s nothing to read and learn things from in a cohesive way. It would be
like reading a dictionary or a theasaurus – while you might learn things
reading it, it’s not going to be in any meaningful way. There’s lots of things
you can learn on a particular very narrow topic, but it is mostly organized to
be “in the moment”, not as a “learning in advance” kind of thing.
The second thing to know is that unless you’re regularly in environments that
don’t allow you to bring electronics in (e.g, heavily restricted customer
sites), you really want this book in electronic format for quick searching and
copy/paste. In fact, the tagline on the cover is “SEARCH.COPY.PASTE.L33T:)”.
This is obviously a lot easier from the digital version. (Though I have to
admit, I love the cover of the physical book – it’s got a robust feel and a
cool “find it quick” yellow color.)
I rather suspect this book is inspired by books like the Red Team Field
Manual, the Blue Team Field
Manual, and Netmux’s own Hash Crack: Password
Cracking Manual. When you crack it open, you’ll
immediately see the similarities – very task focused, intended to get something
done quickly, rather than a focus on the underlying theory or background.
I’ve actually referred to the book a couple of times while doing operations.
Some of the things in it would be easily obtained elsewhere (e.g., a quick
Google search for “nmap cheatsheet” gets you much the same information), but
many other things would require distillation of the information into a more
consumable format, and Netmux has already done that.
Many of the items in the book are also transformed into a security mindset –
e.g., interacting with cloud platforms like AWS or GCP. Rather than trying to
provide the information necessary to operate those platforms, the books focuses
on the aspects relevant to security practitioners. The book also contains links
to additional references, which is yet another reason you want to have this in
a digital format. Some kind of URL shortener links would have been a nice touch
for the print version.
One thing that I really want to applaud in this book is that there is a
reference for mental health in the book. Whether or not the information
security industry has a particular predisposition for mental health issues, I
absolutely love the normalization of discussing mental health issues.
While there is content for both Red and Blue teamers, like so many resources, it
seems to tend to the Red. Maybe it’s only my perception as a Red Teamer, maybe
some of the contents I perceive as “Red” are also useful to Blue teamers. I’d
love to hear from someone on the Blue side as to how they find the book contents
for their role – any takers?
Overall, I think this is a useful book. A lot of effort clearly went into
curating the content and covering the wide variety of topics that is included in
it’s 123 references. There’s probably nothing ground-breaking in it, but it’s
just presented so well that it’s totally worth having.
