In my quest to deepen my understanding of red team operations and adversary emulation, I stumbled upon the book, Adversarial Tradecraft in Cybersecurity by Dan Borges. To be honest, its title immediately caught my attention (yes, I am guilty of judging the book by cover but it turned out to be a good decision ). This book provides actionable guidance for both attackers and defenders. I got it through the Humble Bundle by Packt. It was published in June 2021.

Content Overview

Each chapter is divided into two subsections, offensive and defensive perspectives, making it a comprehensive guide for professionals on both sides of the cybersecurity spectrum.

The book begins with an introduction to adversarial operations and the principles of computer conflict, exploring core concepts like deception, humanity. It guides readers through the essentials of planning, setting up infrastructure, and equipping teams with the necessary tools.

It then covers techniques, from both, offensive and defensive perspectives, to gain a tactical edge by remaining undetected, blending into the opponent’s techniques, and discerning the motivations and capabilities of other actors. It also delves into tampering with opponents' abilities to detect your presence and using advanced research to conclude operations effectively.

Throughout the text, the book covers practical examples that cater to a wide audience, from penetration testers and red teamers to incident responders and security engineers.

Salient Features

• Each chapter presents both offensive and defensive viewpoints, providing a holistic understanding of adversarial operations.

• The content is grounded in the author’s extensive experience, offering valuable, actionable insights.

• The book introduces a plethora of tools spanning offensive, defensive, and forensic domains, many of which were new to me.

• It highlights the importance of deception strategies in both offense and defense, a critical yet often underemphasized aspect of cybersecurity.

• The book offers numerous techniques and strategies applicable to offense-defense game type scenarios.

• It serves as a valuable resource for experienced cybersecurity professionals, including CISOs and managers, and is excellent for a quick refresher on key concepts, tools, and techniques.

Not so salient Features

• The book’s breadth of concepts can be daunting for newcomers to the field, despite clear explanations.

• Many strategies are tailored to simulated offense-defense game type scenarios and may have constrained applicability in practical settings.

• While informative, the book could have been structured better to enhance readability and flow.

My rating 4.0 / 5.0

Join our book club on Discord and share your views on this book (or any other security book of your choice).

Other book reviews

• The Cybersecurity Manager's Guide by Todd Barnum

• Practical Social Engineering by Joe Gray

• Ethical Hacking by Daniel G. Graham

• How to Hack Like a GHOST by Sparc Flow

• How to Hack Like a LEGEND by Sparc Flow

• CCSP for dummies by Arthur J. Deane

• Cyber Warfare – Truth, Tactics, and Strategies by Dr. Chase Cunningham

• Practical Threat Intelligence and Data-Driven Threat Hunting by Valentina Costa-Gazcón

• Hacking APIs by Corey Ball

• Penetration Testing Azure for Ethical Hackers by David Okeyode, Karl Fosaaen

• Pentesting Azure Applications by Matt Burrough

• Red Team Development and Operations by Joe Vest and James Tubberville

• Container Security by Liz Rice

• Web Application Security by Andrew Hoffman