Aucun appareil Kindle n'est requis. Téléchargez l'une des applis Kindle gratuites et commencez à lire les livres Kindle sur votre smartphone, tablette ou ordinateur.

  • Apple
  • Android
  • Windows Phone
  • Android

Pour obtenir l'appli gratuite, saisissez votre numéro de téléphone mobile.

Prix Kindle : EUR 26,71

EUR 14,38 (35%)

TVA incluse

Ces promotions seront appliquées à cet article :

Certaines promotions sont cumulables avec d'autres offres promotionnelles, d'autres non. Pour en savoir plus, veuillez vous référer aux conditions générales de ces promotions.

Envoyer sur votre Kindle ou un autre appareil

Envoyer sur votre Kindle ou un autre appareil

Applied Network Security Monitoring: Collection, Detection, and Analysis par [Sanders, Chris, Smith, Jason]
Publicité sur l'appli Kindle

Applied Network Security Monitoring: Collection, Detection, and Analysis Format Kindle

Voir les formats et éditions Masquer les autres formats et éditions
Prix Amazon
Neuf à partir de Occasion à partir de
Format Kindle
"Veuillez réessayer"
EUR 26,71

Descriptions du produit

Revue de presse

"... an extremely informative dive into the realm of network security data collection and analysis...well organized and thought through...I have only positive comments from my study." -The Ethical Hacker Network, Oct 31, 2014

Présentation de l'éditeur

Applied Network Security Monitoring is the essential guide to becoming an NSM analyst from the ground up. This book takes a fundamental approach to NSM, complete with dozens of real-world examples that teach you the key concepts of NSM.

Network security monitoring is based on the principle that prevention eventually fails. In the current threat landscape, no matter how much you try, motivated attackers will eventually find their way into your network. At that point, it is your ability to detect and respond to that intrusion that can be the difference between a small incident and a major disaster.

The book follows the three stages of the NSM cycle: collection, detection, and analysis. As you progress through each section, you will have access to insights from seasoned NSM professionals while being introduced to relevant, practical scenarios complete with sample data.

If you've never performed NSM analysis, Applied Network Security Monitoring will give you an adequate grasp on the core concepts needed to become an effective analyst. If you are already a practicing analyst, this book will allow you to grow your analytic technique to make you more effective at your job.

  • Discusses the proper methods for data collection, and teaches you how to become a skilled NSM analyst
  • Provides thorough hands-on coverage of Snort, Suricata, Bro-IDS, SiLK, and Argus
  • Loaded with practical examples containing real PCAP files you can replay, and uses Security Onion for all its lab examples
  • Companion website includes up-to-date blogs from the authors about the latest developments in NSM

Détails sur le produit

  • Format : Format Kindle
  • Taille du fichier : 7099 KB
  • Nombre de pages de l'édition imprimée : 498 pages
  • Pagination - ISBN de l'édition imprimée de référence : 0124172083
  • Editeur : Syngress; Édition : 1 (26 novembre 2013)
  • Vendu par : Amazon Media EU S.à r.l.
  • Langue : Anglais
  • Synthèse vocale : Activée
  • X-Ray :
  • Word Wise: Non activé
  • Composition améliorée: Non activé
  • Moyenne des commentaires client : Soyez la première personne à écrire un commentaire sur cet article
  • Classement des meilleures ventes d'Amazon: n°249.190 dans la Boutique Kindle (Voir le Top 100 dans la Boutique Kindle)
  •  Voulez-vous faire un commentaire sur des images ou nous signaler un prix inférieur ?

click to open popover

Commentaires en ligne

Il n'y a pas encore de commentaires clients sur
5 étoiles
4 étoiles
3 étoiles
2 étoiles
1 étoile

Commentaires client les plus utiles sur (beta) 4.9 étoiles sur 5 28 commentaires
7 internautes sur 7 ont trouvé ce commentaire utile 
5.0 étoiles sur 5 Written by Analysts for Analysts. 27 mars 2014
Par Danny Akacki - Publié sur
Format: Broché Achat vérifié
Here's what you need to know about Applied NSM.

1. It's an amazingly easy read.

Those of us who have ever been forced into digesting anything ever published by Cisco Press know easy to read textbooks are diamonds in the rough. It's clear the authors of Applied NSM went to great lengths to be as technically thorough as possible while maintaining an easy, entertaining and conversational tone throughout the book. It's the anti "Makes Me Want To Bash My Face Into My Desk Just To Stay Awake" book.

2. The right tool for the job but...

The goal of any analyst is simple but crucial, find evil by any means necessary. To that end you need better weapons than your adversary. In this book Security Onion is your arsenal and the authors perform a deep dive into all wonderful toys Security Onion has to offer. The tools listed within the pages of this book are your ticket to a better way to find the badness lurking on your clients network. That being said...

3. alone will not save you and the authors know it.

Of all the weapons at your disposal in the never-ending hunt for evil, unequivocally the most important is that big spongy thing between your ears. This book isn't just a stack of man pages with a fancy cover thrown on, it provides valuable insight and guidance to aid your own unique thought process and hunting style. On that topic, a special note...

4. Get your mind right.

Chapter 15 "The Analysis Process" should be required reading for both every newbie working in a SOC and every jaded veteran. This chapter could be it's own book and if I have any complaint about Applied NSM it's that this chapter wasn't long enough for me. It's so absolutely crucial I recommend you read it first, then read it again. If you buy the book for no other reason, buy it for Chapter 15.

So that's it, whether you're a n00b looking to find his footing in this industry or a battle tested warrior looking for new ways to catch the bad guys, Applied Network Security Monitoring is an absolute must have. Good hunting!
5 internautes sur 5 ont trouvé ce commentaire utile 
5.0 étoiles sur 5 Excellent guide for starting and expanding a Network Security Pratice. 17 décembre 2013
Par Wesley Allen - Publié sur
Format: Broché
Great book! If you are totally new to the practice of NSM then all you need to get set up, capture some data and start doing some analysis is in here. If you are already doing some NSM work, then this will help you extend and expand into new areas. The authors focus on open source / free programs and utilities, so the only cost to start a IDS is some hardware and your time.

I have been doing security for awhile, but not much focused intrusion detection before my current position. This book really helped "fill in the gaps" in my knowledge of NSM and give me a push in the right direction as far as using SiLK and a couple of the other tools. There is more then enough info to get started, but not to much that would be overly specific to a given setup, so it is still up to you to do a bit of research and dig deeper into the areas that the book introduces that you might want to use in your day to day work. You do need to have the basics of networking, security and TCP/UDP/IP down first, but they do a good job starting slow and building up.

I read through the book pretty quickly to pick up the areas I want to work in more, and will continue to use it as a reference in my work.
3 internautes sur 3 ont trouvé ce commentaire utile 
5.0 étoiles sur 5 Well worth your time 3 avril 2014
Par Michael W Lucas - Publié sur
Format: Format Kindle
Some of Applied Network Security Monitoring will be very familiar to anyone who has read any other security book–I’ve read many times that risk equals impact times probability. Every book on this topic needs this information, however, and Sanders and company cover it in sufficient detail to ground a probie while letting the rest of us easily skim it as a refresher.

Then they take us through selecting data collection points and how they make decisions on where to collect data and what kind of data to collect. Ideally, of course, you collect full packet data everywhere, but in my semi-rural gigabit ISP world I don’t have enough electricity to spin that much disk. Where can you get by with session data, and where do you need full packet capture? ANSM takes you through the choices and the advantages and disadvantages of each, along with some guidance on the hardware needs.

Data is nice, but it’s what you do with the data that makes security analysis interesting. ANSM uses Security Onion as an underlying toolkit. Security Onion is huge, and contains myriad tools for any given purpose. There’s reasons for this–no one NSM tool is a perfect fit for all environments. ANSM chooses their preferred tools, such as Snort, Bro, and SiLK, and takes you through configuring and using them on the SO platform. Their choices give you honeypots and log management and all the functionality you expect.

Throughout the book you’ll find business and tactical advice. How do you organize a security team? How do you foster teamwork, retain staff, and deal with arrogant dweebs such as yours truly? (As an aside, ANSM contains the kindest and most business-driven description of the “give the arrogant guy enough rope to hang himself” tactic that I have ever read.) I’ve been working with the business side of IT for decades now, and ANSM taught me new tricks.

The part of the book that I found most interesting was the section on analysis. What is analysis, anyway? ANSM takes you through both differential analysis and relational analysis, and illustrates them with actual scenarios, actual data. Apparently I’m a big fan of differential diagnosis. I use it everywhere. For every problem. Fortunately, Sanders and crew include guidelines for when to try each type of analysis. I’ll have to try this “relational analysis” thing some time and see what happens.

Another interesting thing about ANSM is how it draws in lots of knowledge and examples from the medical field. Concepts like morbidity and mortality are very applicable to information technology in general, not just network security monitoring, and adding this makes the book both more useful and more interesting.

Applied Network Security Monitoring is a solid overview of the state of security analysis in 2014, and was well worth my time to read. It’s worth your time as well.
5 internautes sur 6 ont trouvé ce commentaire utile 
5.0 étoiles sur 5 Great book on Network Security Monitoring 2 février 2014
Par Ryan Stillions - Publié sur
Format: Format Kindle Achat vérifié
I’m a long time NSM practitioner and I work with Smith & Bianco.
Chris was gracious enough to provide me with a PDF copy of the book for review.
- - - -

Applied NSM is a powerhouse of practitioner knowledge. Divided into three primary sections (Collection, Detection, & Analysis) ANSM focuses on the key staples necessary for establishing a successful NSM program and how to get up and running.

The book weighs in at an impressive 465 pages (including appendixes). However, depending on the readers familiarity with NSM and exposure to other related works on the subject, there could be some overlap.

The areas I found most valuable that contributed new concepts to my “NSM library" included:

Chapter 2’s discussion on the Applied Collection Framework
Chapter 4’s coverage of SiLK for analysis of flow data
Chapter 6’s coverage of LogStash and Kibana
Chapter 10’s coverage on Bro
Chapter 11’s coverage on Anomaly based detection via SiLK tools
Appendix 3 makes for a handy desk side reference if you work with raw packet captures on a daily basis.

For these sections alone, ANSM makes it well worth the purchase and addition to your collection. Speaking of which, all of the proceeds from this book go to several charities, and after having initially reviewed it for free, I still decided to purchase a copy on Kindle to have as a desk side reference and support such great causes.

Great job guys!
2 internautes sur 2 ont trouvé ce commentaire utile 
5.0 étoiles sur 5 Should be read by anyone starting or involved in network security monitoring! 11 juillet 2014
Par Bryon Hundley - Publié sur
Format: Broché
Another outstanding PRACTICAL approach by Chris Sanders accompanied by Jason Smith this round. This book should be required reading for all intrusion analyst and those looking to develop a security monitoring program. The ACF mentioned in the book should be the standard for building a data collection architecture in my opinion. Organizations use the "everything and the kitchen sink" approach all to often (like let's throw everything into Arcsight) without looking at what they should really be collecting and defining out the results that should be achieved.
I am also a strong believer and practitioner of the Threat Centric approach mentioned in the book. It seems the industry is turning in that direction and seeing threats for what they are instead of each falling into a neat category. It's the right approach and this book applies it in a practical manner that makes sense.
Ces commentaires ont-ils été utiles ? Dites-le-nous