Goodreads helps you keep track of books you want to read.
Start by marking “The Practice of Network Security Monitoring: Understanding Incident Detection and Response” as Want to Read:
The Practice of Network Security Monitoring: Understanding Incident Detection and Response
Enlarge cover
Rate this book
Clear rating
Open Preview

The Practice of Network Security Monitoring: Understanding Incident Detection and Response

4.06  ·  Rating details ·  234 ratings  ·  19 reviews
Network security is not simply about building impenetrable walls — determined attackers will eventually overcome traditional defenses. The most effective computer security strategies integrate network security monitoring (NSM): the collection and analysis of data to help you detect and respond to intrusions.

In The Practice of Network Security Monitoring, Mandiant CSO Richa
Paperback, 376 pages
Published August 2nd 2013 by No Starch Press (first published July 22nd 2013)
More Details... Edit Details

Friend Reviews

To see what your friends thought of this book, please sign up.

Reader Q&A

To ask other readers questions about The Practice of Network Security Monitoring, please sign up.

Be the first to ask a question about The Practice of Network Security Monitoring

Community Reviews

Showing 1-30
Average rating 4.06  · 
Rating details
 ·  234 ratings  ·  19 reviews

More filters
Sort order
Start your review of The Practice of Network Security Monitoring: Understanding Incident Detection and Response
Feb 09, 2017 rated it liked it
The book:
NoStarch Press as always delivers a well crafted book. High quality paper, elegant font and overall a very nice design.

The content:
Offers a great place to start with NSM. It's well written and coherent. by Bejtlich kept it practical, and to the point avoiding other writer's pitfalls like trying to show off or jumping randomly into different topics. The content is also uniform in terms of it's depth. That is, Bejtlich gives the same amount of attention to the various aspects of NSM.

Aug 21, 2013 rated it liked it
Shelves: cybersecurity
This is a great beginners book. However, it does not go beyond that. Policy and process sections are lacking, however are just as important as technology. ELSA is only covered in elementary level.
Rick Howard
Apr 13, 2014 rated it it was amazing
You can read all of the book reviews in the Cybersecurity Canon here:

Executive Summary

Richard Bejtlich is one of the most respected security practitioners in the community. If he publishes something, we should all take notice. In The Practice of Network Security Monitoring, Bejtlich provides the theory and the hands-on tutorial on how to do network security monitoring the right way. The book is a primer on how to think about network security monitoring and
Nov 14, 2017 rated it it was amazing
Old but still relevant.
Joshua I. James
Jan 22, 2018 rated it it was ok
A good overview, but the contents are now too outdated. Two chapters were still useful.
Michael Larsen
Sep 23, 2013 rated it it was amazing
This certainly fell into my lap at an opportune time. With the various revelations being made about the NSA and its tactics, as well as the upsurge in attention being paid to network and application security in general, this book was a welcome arrival in and of itself. There's a lot of attention paid to the "aftermath" of security breaches. We see a lot of books that talk about what to do after you've been hacked, or tools that can help determine if your application can be penetrated, along with ...more
Jan 17, 2014 rated it liked it
Shelves: security, networks
Network security monitoring (NSM) deals with ways to find intruders on a network and do something about them before they perpetrate any damage to an enterprise. This six-part book complements three previous books on the subject by the same author.

The first part introduces the subject, explaining why it matters to monitor networks and how the required information is best collected. Part two deals with installing Security Onion (SO) software, its effective deployment and configuration.

SO is a Li
May 12, 2015 rated it really liked it
This book is extremely informative if the reader is not at all familiar with NSMs in general. As someone who has a little um, dusty grasp of NSMs, this was nice, as it is kind of a refresher. However, I do feel like most of this could be found in Security Onion's Wiki.

The tone of the book is excellent. There are plenty of useful screenshots to explain exactly what each operation does.

My main concern with the book is actually the acronyms. It seems to be a little unfriendly in terms of "I need to
Robert Lee
Sep 05, 2013 rated it it was amazing
Richard has done such an amazing job with leaning forward in network security; his focus on Network Security Monitoring (NSM) has been extremely helpful to industry beginners as well as professionals. I liked the approachable nature of this book, the cohesive and natural writing style, and the depth of expertise offered. The book should be required reading for beginning to mid level network security professionals and is still a "must read" by everyone else in this industry.
Fuat Ulugay
Aug 04, 2014 rated it it was amazing
Suggesting this book for network security monitoring. You will start with Security Onion and will have a hands on experience. A good and cost free start for NSM. Your only cost will be the time you invest learning NSM.
Moshe Zioni
Very good, thorough, big-steps book. Would expect it to have exercises more than just walk-through scenarios. But, besides that, very good, fundamental book for anyone involved in network monitoring/investigation/analysis or incident response engagement.
Oct 31, 2013 rated it it was amazing
Awesome book! Must read for all security people, especially ones interested in incident response.
Apr 30, 2016 rated it it was amazing
Years later and it still applies. That is how critical this book is. If you are a defender then you MUST read this.
Furkan Çalışkan
Nov 14, 2015 rated it it was amazing
One of the best introduction to NSM books ever.
Aug 07, 2013 rated it really liked it
Useful read for work.
Arun Kumar
Jun 12, 2014 marked it as to-read
it will be good
Dec 23, 2015 rated it really liked it
Very good book to introduce - or advance - your network security monitoring skills.
Nov 21, 2016 rated it it was amazing
Shelves: computers
Awesome, especially for a data junkie like me.
rated it really liked it
Dec 24, 2018
Kevin mills
rated it really liked it
Jul 10, 2017
Melissa Pointer
rated it liked it
Aug 09, 2016
John Nye
rated it really liked it
Aug 06, 2017
rated it it was ok
Jan 15, 2018
Joshua Disneyq
rated it liked it
Jul 05, 2017
Magen Wu
rated it really liked it
Jan 03, 2014
rated it really liked it
Jan 19, 2015
rated it really liked it
Jul 15, 2019
Rodolfo X. Salinas Jr.
rated it really liked it
Aug 31, 2016
rated it did not like it
Sep 08, 2016
Kal Rerty
rated it it was amazing
Sep 17, 2015
« previous 1 3 4 5 6 7 8 next »
There are no discussion topics on this book yet. Be the first to start one »

Readers also enjoyed

  • The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage
  • Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
  • Intelligence-Driven Incident Response: Outwitting the Adversary
  • Incident Response & Computer Forensics
  • Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers
  • Threat Intelligence and Me: A Book for Children and Analysts
  • Open Source Intelligence Techniques: Resources for Searching and Analyzing Online Information
  • Scada and Me: A Book for Children and Management
  • The Children of Húrin
  • Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems
  • Computer Forensics Library Boxed Set
  • Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning
  • Spam Nation: The Inside Story of Organized Cybercrime — from Global Epidemic to Your Front Door
  • The Spy Who Came In from the Cold
  • Mastering Kali Linux
  • The Phoenix Project: A Novel About IT, DevOps, and Helping Your Business Win
  • The Silmarillion
  • 31 Days Before Your Ccent Certification Exam: A Day-By-Day Review Guide for the Icnd1 (100-101) Certification Exam
See similar books…

Goodreads is hiring!

If you like books and love to build cool products, we may be looking for you.
Learn more »

News & Interviews

Are you having a difficult time reading these days? If so, you're not alone. Since the pandemic began, I've found it harder to concentrate on...
40 likes · 16 comments