The Practice of Network Security Monitoring et plus d'un million d'autres livres sont disponibles pour le Kindle d'Amazon. En savoir plus
EUR 49,71
  • Tous les prix incluent la TVA.
Il ne reste plus que 4 exemplaire(s) en stock (d'autres exemplaires sont en cours d'acheminement).
Expédié et vendu par Amazon.
Emballage cadeau disponible.
Quantité :1
The Practice of Network S... a été ajouté à votre Panier
Amazon rachète votre
article EUR 14,60 en chèque-cadeau.
Vous l'avez déjà ?
Repliez vers l'arrière Repliez vers l'avant
Ecoutez Lecture en cours... Interrompu   Vous écoutez un extrait de l'édition audio Audible
En savoir plus
Voir les 2 images

The Practice of Network Security Monitoring - Understanding Incident Detection and Response (Anglais) Broché – 26 juillet 2013

Voir les 2 formats et éditions Masquer les autres formats et éditions
Prix Amazon Neuf à partir de Occasion à partir de
Format Kindle
"Veuillez réessayer"
"Veuillez réessayer"
EUR 49,71
EUR 30,64 EUR 31,99

Offres spéciales et liens associés

Produits fréquemment achetés ensemble

The Practice of Network Security Monitoring - Understanding Incident Detection and Response + Rtfm: Red Team Field Manual + Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation
Prix pour les trois: EUR 105,72

Acheter les articles sélectionnés ensemble

Descriptions du produit

The Practice of Network Security Monitoring: Understanding Incident Detection and Response Network security is not simply about building impenetrable walls - determined attackers will eventually overcome traditional defenses. The most effective computer security strategies integrate network security monitoring (NSM): the collection and analysis of data to help you detect and respond to intrusions. In The Practice of Network Security Monitoring, Mandiant CSO Richard Bejtlich shows you h... Full description

Vendez cet article - Prix de rachat jusqu'à EUR 14,60
Vendez The Practice of Network Security Monitoring - Understanding Incident Detection and Response contre un chèque-cadeau d'une valeur pouvant aller jusqu'à EUR 14,60, que vous pourrez ensuite utiliser sur tout le site Les valeurs de rachat peuvent varier (voir les critères d'éligibilité des produits). En savoir plus sur notre programme de reprise Amazon Rachète.

Détails sur le produit

  • Broché: 376 pages
  • Editeur : No Starch Press (26 juillet 2013)
  • Langue : Anglais
  • ISBN-10: 1593275099
  • ISBN-13: 978-1593275099
  • Dimensions du produit: 17,8 x 3,8 x 23,5 cm
  • Moyenne des commentaires client : 4.0 étoiles sur 5  Voir tous les commentaires (1 commentaire client)
  • Classement des meilleures ventes d'Amazon: 56.176 en Livres anglais et étrangers (Voir les 100 premiers en Livres anglais et étrangers)
  •  Souhaitez-vous compléter ou améliorer les informations sur ce produit ? Ou faire modifier les images?

En savoir plus sur l'auteur

Découvrez des livres, informez-vous sur les écrivains, lisez des blogs d'auteurs et bien plus encore.

Dans ce livre (En savoir plus)
Parcourir les pages échantillon
Couverture | Copyright | Table des matières | Extrait | Index | Quatrième de couverture
Rechercher dans ce livre:

Quels sont les autres articles que les clients achètent après avoir regardé cet article?

Commentaires en ligne

4.0 étoiles sur 5
5 étoiles
4 étoiles
3 étoiles
2 étoiles
1 étoiles
Voir le commentaire client
Partagez votre opinion avec les autres clients

Commentaires client les plus utiles

Par Florent le 18 juin 2014
Format: Broché Achat vérifié
Il s'agit d'un livre type listing d'outils, et en particulier security onion.
J'attendais de Richard un vrai retour d'expérience avec des cas d'étude complexes, mais là c'est vraiment la base pure et dure de la mise en place d'un système de monitoring.

Intéressant, mais sans plus. Ca ne restera pas un livre culte.
Remarque sur ce commentaire Avez-vous trouvé ce commentaire utile ? Oui Non Commentaire en cours d'envoi...
Merci pour votre commentaire. Si ce commentaire est inapproprié, dites-le nous.
Désolé, nous n'avons pas réussi à enregistrer votre vote. Veuillez réessayer

Commentaires client les plus utiles sur (beta) 32 commentaires
15 internautes sur 15 ont trouvé ce commentaire utile 
Best book in the network monitoring genre yet 6 septembre 2013
Par Stephen Northcutt - Publié sur
Format: Broché
If you are in cyber security this is a must read. It starts off with a preface by Todd Heberlein, the guy who started the craft of network monitoring. Richard spares us the rehash of things like the TCP 3 way handshake and jumps into actionable content very quickly. The book is the best resource for tools I have seen anywhere. The charts, diagrams, and screen shots bring the information to life. It was particularly great to see the focus on Security Onion.

The favorite part for me was the Collection, Analysis, Escalation and Resolution section. Mr. Bejtlich has a lot of experience in incident response and I am thankful he is willing to share his insights.

My advice is that you buy the book, read it, download Security Onion and learn to use some of the tools.
23 internautes sur 29 ont trouvé ce commentaire utile 
You must read this book 19 août 2013
Par Michael W. Lucas - Publié sur
Format: Broché
Most computer books are badly written. The information in the book is fine (usually, hopefully), but the actual craft of writing is poor. They read like computer programs. This isn't surprising, as most computer books are written by computer professionals. By the time you're good enough at a computing topic to write a book about it, your brain automatically arranged things in machine-friendly order. That's human nature. The downside of this, however, is that most computing books lack the things that make books interesting to human beings. We readers grit our teeth and plow through them because we need the information.

I'm pleased to say that Richard Bejtlich's The Practice of Network Security Monitoring is not one of those books. The damn thing is actually readable. By normal people.

That's a vague assertion. How about a metric? Season 6 of Burn Notice just hit Netflix streaming. I watched a few episodes Saturday. They ended on a tense cliffhanger, but I finally had to go to bed. Sunday, I finished reading this book before seeing how Westin and company got out of their fix. (Okay, that's not exactly a metric, but it's a good sign.)

Bejtlich graduated from Harvard and the Air Force Academy graduate. He led CIRT teams in the Air Force, built a security team at General Electric, and is now Chief Security Officer at Mandiant. He's on television as an electronic security guru. And for the last decade-plus, he's been beating the drum about intelligent attackers and the need for a holistic approach to security. When everybody else was going on about firewalls and antivirus and access controls and penetration testing, he wrote books like The Tao of Network Security Monitoring arguing that we need to think about network defense as an ongoing activity. He made absurd claims like "prevention eventually fails" and "there are smart people slowly breaking into your network," lumping these into an overall practice called Network Security Monitoring.

Time has proved that he was right.

Books like Tao and Extrusion Detection had a lot about the business process of security. They had specific examples of how to respond to security incidents. Other books, like my own Network Flow Analysis, cover using a specific tool that's usable in a NSM context. But there hasn't been a good book on how to deploy real security monitoring in your organization, across all tools -- and, just as importantly, how to get buy-in from the business side on this.

The Practice of Network Security Monitoring does all that and more.

The book starts with an overview of the NSM philosophy and practice, and what makes it different from the conventional "we respond to intrusions" perspective. He spends some time going over the Security Onion toolkit. For those readers not familiar with SO Security Onion is to security monitoring what PfSense is for firewalls -- an integrated toolkit built atop a free operating system. You can build everything you need for NSM without Security Onion, but like PfSense, why bother?

Richard gives a brief overview of the various tools in SO, from Sguil to Bro to Snort to Xplico and on and on and on. While you can hook these tools together yourself so they operate more or less seamlessly, again, SO has done all the work for you.

The best part of the book, however, is where Bejtlich takes us through two security incidents. He uses various Security Onion tools to dissect the data from an intrusion response system alert. He backtracks both a client-side and a server-side intrusion, and shows how to accurately scope the intrusion. Was only one server broken into? What data was stolen? What action can you take in response?

What really makes this book work is that he humanizes the security events. Computing professionals think that their job is taking care of the machine. That's incorrect. Their main job is to interface between human beings and the computer. Sometimes this takes the form of implementing a specification from a written document, or solving a bug, or figuring out why your SSL web site is running slowly. Maybe most of your professional skill lies in running the debugger. That's fine, and your skill is admirable. But the reason you get paid is because you interact with other human beings.

Bejtlich pays attention to this human interface. The security incidents happen because people screw up. And they screw up in believable ways -- I read the server compromise walkthrough and thought "This could be me." (Actually, it probably has been me, I just didn't know it.) Deploying network security monitoring takes hardware, which means you need money and staff. Bejtlich advises the reader on how to approach this conversation, using metrics that competent managers understand. His scenarios include discouragement and even fear. If you've ever worked in intrusion response, you know those emotions are very much a part of cleaning up.

But he shows you how to deal with those problems and the attendant emotions: with data.

He even demonstrates practical, real-world examples in how to get that data when the tools fail.

Humanizing a tech book is no easy task. Most authors fail, or don't even try. But Bejtlich pulls it off. He applies "prevention eventually fails" to both the people and the software, and the result is both readable and useful.

Is this book perfect for me? No. The sections on how to install Security Onion are written so that Windows administrators can use them. I don't need that level of detail. But the end result is that tPoNSM is usable by people unfamiliar with Unix-like systems, so I can't really fault him for that.

tPoNSM is useful for anyone interested in the security of their own network. Many of the tools can actually be used outside of a security context, to troubleshoot network and system problems. Deploying NSM not only means you can quickly identify, contain, and remediate intrusions, it gives you insight into the network as a whole. You might start off looking for intrusions, but you'll end up with a more stable network as a side effect.

Now if you'll excuse me, there's another dozen or so episodes of Burn Notice that need watching.
7 internautes sur 8 ont trouvé ce commentaire utile 
best book ever in my life for network security monitoring 13 août 2013
Par Dark Angel - Publié sur
Format: Broché
This book covers almost everything from network security monitoring perspective. It also covers basic things such as Session Data, Transaction Data, Statistical Data and Metadata. What I most like is Chapter 4, "Distributed Deployment". I remember that I spent tons of time for trouble shootings to finalize all distributed server plus sensor systems. This chapter makes network engineers' life easier than before. Other than WireShark, it covers Xplico, one of open source network forensic analysis tool and Network Miner. I haven't used these tools before for my e forensic. However, I realized that these tools are pretty useful tools to save my time and visualize stuffs from my research. I like his approcahses for Servier Side Compromise and Client Side Compromise. I completely agree with his methdologies to investigate those on their own way. Don't forget to refer the following chapters regarding SO SCRIPTS and CONFIGURATION. Even if those were placed at last chapter, you will use those information usefully anytime if you want.
5 internautes sur 6 ont trouvé ce commentaire utile 
Very well-written, informative, and entertaining 22 août 2013
Par B. S. Wilson - Publié sur
Format: Format Kindle
This was a technical text I had been waiting to get my hands on for some time. Having heard Richard Bejtlich speak and give various presentations, I knew that his delivery and style would make network security monitoring fun to learn about. I wasn't disappointed.

I would say that my all-time favorite IT security book traditionally has been "Network Intrusion Detection (3rd Edition)" by Stephen Northcutt. I have read and re-read it several times not due to the highly technical and pertinent subject matter, but because of the flowing style that makes the book readable. "The Practice of Network Security Monitoring" has just eclipsed the top of my favorites list.

All-in-all, Bejtlich does an amazing job not only defining network security monitoring and explaining how it will benefit an organization, but he ties in current concepts like cloud computing, the relationship among network security monitoring and more traditional defenses such as Firewalls, DLP, DRM, anti-malware, etc. He explains in detail how network security monitoring can be integrated into your environment, and everything from how to get started to how to interpret the data you'll collect.

If you're looking to start a network security monitoring operation at your company, this is the book to read. If you're an IT security professional who wants a more in-depth look at how network security monitoring can help you, this is the book to read. If you're at all interested in computer penetrations, the hows and whys, or how best to defend against them, this is the book to read.

Again, this is a great book for professionals and beginners alike. I highly recommend it!
2 internautes sur 2 ont trouvé ce commentaire utile 
Bejtlich does it again - PoNSM is THE BOOK on network monitoring 10 janvier 2014
Par Sean E. Connelly - Publié sur
Format: Broché
For going on close to two decades, Richard Bejtlich has been leading expert on networking monitor. He has been the author of many important books and articles focusing on different elements of proper cybersecurity, along with his posts on Twitter, his blog and interviews. Richard is the rare expert that can discuss cybersecurity on both a strategic and a tactical level.

In Richard Bejtlich's latest book, `The Practice of Network Security Monitoring' (PoNSM), he walks the readers through various cyber data breaches, detailing how to scope the intrusion and take rapid corrective action. He details how to architect a complete networking monitor solution, from sensor deployment, to data aggregation and analysis. PoNSM demonstrates how to use critical open source tools, including Wireshark, Xplico and Sguil, among others. There must be upwards of 100 screen-shots, demonstrating what information to focus on when analyzing information in these tools.

PoNSM is an invaluable resource for anyone interested in network monitoring. I cannot imagine a better source on the subject of NSM.

I give PoNSM 5 pings out of 5:
Ces commentaires ont-ils été utiles ? Dites-le-nous


Souhaitez-vous compléter ou améliorer les informations sur ce produit ? Ou faire modifier les images?