Book Release – The Practice of Network Security Monitoring

Book Release – The Practice of Network Security Monitoring

No Starch Press has released, The Practice of Network Security Monitoring authored by Richard Bejtlich, who is the Chief Security Officer at Mandiant.

In a world of ubiquitous connectivity, everyone’s information is at risk. State-sponsored digital spies, organized crime syndicates, and hacktivists seek to steal, profit from, and disrupt that information. Security technologies to stop intruders have largely failed. Can anything be done?...

Richard Bejtlich’s answer to this question is yes. Since 1998, Bejtlich has defended networks from digital intruders. He’s seen attacks against the United States military, government agencies, Internet service providers, telecommunications carriers, universities, manufacturers, and more.

To combat these intrusions, Bejtlich developed a methodology called network security monitoring (NSM). Bejtlich based NSM on his experience as an intelligence officer and computer network defender in the United States Air Force, and proved its worth in the years following his military service.

NSM is a powerful way to detect, respond to, and control intrusions on networks large and small, using open source software and industry-leading practices.

In his new book, The Practice of Network Security Monitoring, (No Starch Press, July 2013, 376  Pages., $49.95, ISBN 9781593275099), Bejtlich explains how to prevail against intruders: Catch them before they cause damage, using an assortment of network-centric tools and techniques.

Kevin Mandia, CEO of Mandiant, calls the book “a critical resource for those tasked with safeguarding corporate secrets from unlawful, unauthorized, or unacceptable activities.”

1. Readers of The Practice of Network Security Monitoring will learn how to:
2. Determine where to deploy NSM platforms, and size them for the monitored networks
3. Deploy stand-alone or distributed NSM installations
4. Use command line and graphical packet analysis tools and NSM consoles
5. Collect, analyze, and escalate indications and warnings when running a Computer Incident Response Team
6. Interpret network evidence from server-side and client-side intrusions
7. Extend NSM software to integrate threat intelligence to identify sophisticated threats

There’s no foolproof way to keep attackers out of networks; determined attackers will get in eventually. NSM is designed to manage the inevitable, and The Practice of Network Security Monitoring will show readers how to build a security net to catch attackers before they inflict serious damage.