Applied Network Security Monitoring: Collection, Detection, and Analysis (Anglais) Broché – 5 décembre 2013
|Neuf à partir de||Occasion à partir de|
- Choisissez parmi 17 000 points de collecte en France
- Les membres du programme Amazon Prime bénéficient de livraison gratuites illimitées
- Trouvez votre point de collecte et ajoutez-le à votre carnet d’adresses
- Sélectionnez cette adresse lors de votre commande
Les clients ayant acheté cet article ont également acheté
Description du produit
Revue de presse
"... an extremely informative dive into the realm of network security data collection and analysis...well organized and thought through...I have only positive comments from my study." -The Ethical Hacker Network, Oct 31, 2014
Présentation de l'éditeur
Applied Network Security Monitoring is the essential guide to becoming an NSM analyst from the ground up. This book takes a fundamental approach to NSM, complete with dozens of real-world examples that teach you the key concepts of NSM.
Network security monitoring is based on the principle that prevention eventually fails. In the current threat landscape, no matter how much you try, motivated attackers will eventually find their way into your network. At that point, it is your ability to detect and respond to that intrusion that can be the difference between a small incident and a major disaster.
The book follows the three stages of the NSM cycle: collection, detection, and analysis. As you progress through each section, you will have access to insights from seasoned NSM professionals while being introduced to relevant, practical scenarios complete with sample data.
If you've never performed NSM analysis, Applied Network Security Monitoring will give you an adequate grasp on the core concepts needed to become an effective analyst. If you are already a practicing analyst, this book will allow you to grow your analytic technique to make you more effective at your job.
- Discusses the proper methods for data collection, and teaches you how to become a skilled NSM analyst
- Provides thorough hands-on coverage of Snort, Suricata, Bro-IDS, SiLK, and Argus
- Loaded with practical examples containing real PCAP files you can replay, and uses Security Onion for all its lab examples
- Companion website includes up-to-date blogs from the authors about the latest developments in NSM
Aucun appareil Kindle n'est requis. Téléchargez l'une des applis Kindle gratuites et commencez à lire les livres Kindle sur votre smartphone, tablette ou ordinateur.
Pour obtenir l'appli gratuite, saisissez votre numéro de téléphone mobile.
Détails sur le produit
Si vous vendez ce produit, souhaitez-vous suggérer des mises à jour par l'intermédiaire du support vendeur ?
|5 étoiles (0%)|
|4 étoiles (0%)|
|3 étoiles (0%)|
|2 étoiles (0%)|
|1 étoile (0%)|
Commentaires client les plus utiles sur Amazon.com
I’m a long time NSM practitioner and I work with Smith & Bianco.
Chris was gracious enough to provide me with a PDF copy of the book for review.
- - - -
Applied NSM is a powerhouse of practitioner knowledge. Divided into three primary sections (Collection, Detection, & Analysis) ANSM focuses on the key staples necessary for establishing a successful NSM program and how to get up and running.
The book weighs in at an impressive 465 pages (including appendixes). However, depending on the readers familiarity with NSM and exposure to other related works on the subject, there could be some overlap.
The areas I found most valuable that contributed new concepts to my “NSM library" included:
Chapter 2’s discussion on the Applied Collection Framework
Chapter 4’s coverage of SiLK for analysis of flow data
Chapter 6’s coverage of LogStash and Kibana
Chapter 10’s coverage on Bro
Chapter 11’s coverage on Anomaly based detection via SiLK tools
Appendix 3 makes for a handy desk side reference if you work with raw packet captures on a daily basis.
For these sections alone, ANSM makes it well worth the purchase and addition to your collection. Speaking of which, all of the proceeds from this book go to several charities, and after having initially reviewed it for free, I still decided to purchase a copy on Kindle to have as a desk side reference and support such great causes.
Great job guys!
Would recommend to friends working in a SOC
The depth and breadth of this text walks you through the establishment of an NSM capability through the staffing of a SOC and the processes one should consider implementing to run a successful NSM practice.
All the examples in the text are accompanied by a practical demonstration utilizing Security Onion which is a self contained NSM environment which has been successfully implemented in numerous enterprises.
The books covers the technical aspects of NSM without sacrificing the management aspect of running an NSM. Additionally, incident responders will also find value in this text. It includes topics related to post event log analysis as well is the use of netflow data in the day to day operation of NSM.
If you practice NSM, manage a SOC or are just curious, this is the book to read.
Gives a solid foundation to just about every aspect of NSM, anyone looking to start in this field or if your already in it, I would recommend this book.
A few mistakes here and there, but nothing you can't read past.