Goodreads helps you keep track of books you want to read.
Start by marking “The Practice of Network Security Monitoring: Understanding Incident Detection and Response” as Want to Read:
The Practice of Network Security Monitoring: Understanding Incident Detection and Response
Enlarge cover
Rate this book
Clear rating
Open Preview

The Practice of Network Security Monitoring: Understanding Incident Detection and Response

4.03  ·  Rating details ·  203 ratings  ·  19 reviews
Network security is not simply about building impenetrable walls — determined attackers will eventually overcome traditional defenses. The most effective computer security strategies integrate network security monitoring (NSM): the collection and analysis of data to help you detect and respond to intrusions.

In The Practice of Network Security Monitoring, Mandiant CSO Richa
...more
Paperback, 376 pages
Published August 2nd 2013 by No Starch Press (first published July 22nd 2013)
More Details... edit details

Friend Reviews

To see what your friends thought of this book, please sign up.

Reader Q&A

To ask other readers questions about The Practice of Network Security Monitoring, please sign up.

Be the first to ask a question about The Practice of Network Security Monitoring

Community Reviews

Showing 1-30
4.03  · 
Rating details
 ·  203 ratings  ·  19 reviews


More filters
 | 
Sort order
Julio
Feb 09, 2017 rated it liked it
The book:
NoStarch Press as always delivers a well crafted book. High quality paper, elegant font and overall a very nice design.

The content:
Offers a great place to start with NSM. It's well written and coherent. by Bejtlich kept it practical, and to the point avoiding other writer's pitfalls like trying to show off or jumping randomly into different topics. The content is also uniform in terms of it's depth. That is, Bejtlich gives the same amount of attention to the various aspects of NSM.

Also
...more
Ilya
Aug 21, 2013 rated it liked it
Shelves: cybersecurity
This is a great beginners book. However, it does not go beyond that. Policy and process sections are lacking, however are just as important as technology. ELSA is only covered in elementary level.
Rick Howard
Apr 13, 2014 rated it it was amazing
You can read all of the book reviews in the Cybersecurity Canon here:https://paloaltonetworks.com/threat-r...

Executive Summary

Richard Bejtlich is one of the most respected security practitioners in the community. If he publishes something, we should all take notice. In The Practice of Network Security Monitoring, Bejtlich provides the theory and the hands-on tutorial on how to do network security monitoring the right way. The book is a primer on how to think about network security monitoring and
...more
Mayank
Nov 14, 2017 rated it it was amazing
Old but still relevant.
Joshua James
Jan 22, 2018 rated it it was ok
Shelves: calibre
A good overview, but the contents are now too outdated. Two chapters were still useful.
Michael Larsen
Sep 23, 2013 rated it it was amazing
This certainly fell into my lap at an opportune time. With the various revelations being made about the NSA and its tactics, as well as the upsurge in attention being paid to network and application security in general, this book was a welcome arrival in and of itself. There's a lot of attention paid to the "aftermath" of security breaches. We see a lot of books that talk about what to do after you've been hacked, or tools that can help determine if your application can be penetrated, along with ...more
BCS
Jan 17, 2014 rated it liked it
Shelves: security, networks
Network security monitoring (NSM) deals with ways to find intruders on a network and do something about them before they perpetrate any damage to an enterprise. This six-part book complements three previous books on the subject by the same author.

The first part introduces the subject, explaining why it matters to monitor networks and how the required information is best collected. Part two deals with installing Security Onion (SO) software, its effective deployment and configuration.

SO is a Linu
...more
Glenda
May 12, 2015 rated it really liked it
This book is extremely informative if the reader is not at all familiar with NSMs in general. As someone who has a little um, dusty grasp of NSMs, this was nice, as it is kind of a refresher. However, I do feel like most of this could be found in Security Onion's Wiki.

The tone of the book is excellent. There are plenty of useful screenshots to explain exactly what each operation does.

My main concern with the book is actually the acronyms. It seems to be a little unfriendly in terms of "I need to
...more
Robert Lee
Sep 05, 2013 rated it it was amazing
Richard has done such an amazing job with leaning forward in network security; his focus on Network Security Monitoring (NSM) has been extremely helpful to industry beginners as well as professionals. I liked the approachable nature of this book, the cohesive and natural writing style, and the depth of expertise offered. The book should be required reading for beginning to mid level network security professionals and is still a "must read" by everyone else in this industry.
Fuat Ulugay
Aug 04, 2014 rated it it was amazing
Suggesting this book for network security monitoring. You will start with Security Onion and will have a hands on experience. A good and cost free start for NSM. Your only cost will be the time you invest learning NSM.
Moshe Zioni
Very good, thorough, big-steps book. Would expect it to have exercises more than just walk-through scenarios. But, besides that, very good, fundamental book for anyone involved in network monitoring/investigation/analysis or incident response engagement.
Takedown
Oct 31, 2013 rated it it was amazing
Awesome book! Must read for all security people, especially ones interested in incident response.
Randy
Apr 30, 2016 rated it it was amazing
Years later and it still applies. That is how critical this book is. If you are a defender then you MUST read this.
Furkan Çalışkan
Nov 14, 2015 rated it it was amazing
One of the best introduction to NSM books ever.
Matthew
Aug 07, 2013 rated it really liked it
Useful read for work.
Arun Kumar
Jun 12, 2014 marked it as to-read
it will be good
Jean-François
Dec 23, 2015 rated it really liked it
Very good book to introduce - or advance - your network security monitoring skills.
Jorg
Nov 21, 2016 rated it it was amazing
Shelves: computers
Awesome, especially for a data junkie like me.
Matt
rated it really liked it
Dec 24, 2018
Kevin mills
rated it really liked it
Jul 10, 2017
Melissa Pointer
rated it liked it
Aug 09, 2016
John Nye
rated it really liked it
Aug 06, 2017
Rob
rated it it was ok
Jan 15, 2018
Joshua Disneyq
rated it liked it
Jul 05, 2017
Magen Wu
rated it really liked it
Jan 03, 2014
Patrick
rated it really liked it
Jan 19, 2015
Rodolfo X. Salinas Jr.
rated it really liked it
Aug 31, 2016
Merger
rated it did not like it
Sep 08, 2016
Kal Rerty
rated it it was amazing
Sep 17, 2015
Fu
rated it really liked it
Sep 21, 2013
« previous 1 3 4 5 6 7 next »
There are no discussion topics on this book yet. Be the first to start one »

Readers also enjoyed

  • Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems
  • Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
  • The Tangled Web: A Guide to Securing Modern Web Applications
  • The TCP/IP Guide: A Comprehensive, Illustrated Internet Protocols Reference
  • Metasploit: The Penetration Tester's Guide
  • Counter Hack Reloaded: A Step-By-Step Guide to Computer Attacks and Effective Defenses
  • The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory
  • Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning
  • Gray Hat Python: Python Programming for Hackers and Reverse Engineers
  • Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers
  • Rootkits: Subverting the Windows Kernel
  • Stealing the Network: How to Own an Identity
  • SSH Mastery: OpenSSH, PuTTY, Tunnels and Keys
  • Network Warrior
  • The Hacker Playbook 2: Practical Guide To Penetration Testing
  • Windows® Internals, Part 1: Covering Windows Server® 2008 R2 and Windows 7
  • File System Forensic Analysis
  • Stealing the Network: How to Own a Continent
See similar books…

Goodreads is hiring!

If you like books and love to build cool products, we may be looking for you.
Learn more »