Members Get 10% Off and Earn Rewards Find Out More
Applied Network Security Monitoring: Collection, Detection, and Analysis

Applied Network Security Monitoring: Collection, Detection, and Analysis

by Chris Sanders, Jason Smith
Applied Network Security Monitoring: Collection, Detection, and Analysis
Add to Wishlist
ISBN-10:
0124172083
ISBN-13:
9780124172081
Pub. Date:
12/05/2013
Publisher:
Elsevier Science
ISBN-10:
0124172083
ISBN-13:
9780124172081
Pub. Date:
12/05/2013
Publisher:
Elsevier Science
Applied Network Security Monitoring: Collection, Detection, and Analysis

Applied Network Security Monitoring: Collection, Detection, and Analysis

by Chris Sanders, Jason Smith

Overview

Applied Network Security Monitoring is the essential guide to becoming an NSM analyst from the ground up. This book takes a fundamental approach to NSM, complete with dozens of real-world examples that teach you the key concepts of NSM.

Network security monitoring is based on the principle that prevention eventually fails. In the current threat landscape, no matter how much you try, motivated attackers will eventually find their way into your network. At that point, it is your ability to detect and respond to that intrusion that can be the difference between a small incident and a major disaster.

The book follows the three stages of the NSM cycle: collection, detection, and analysis. As you progress through each section, you will have access to insights from seasoned NSM professionals while being introduced to relevant, practical scenarios complete with sample data.

If you've never performed NSM analysis, Applied Network Security Monitoring will give you an adequate grasp on the core concepts needed to become an effective analyst. If you are already a practicing analyst, this book will allow you to grow your analytic technique to make you more effective at your job.

Product Details

ISBN-13: 9780124172081
Publisher: Elsevier Science
Publication date: 12/05/2013
Edition description: New Edition
Pages: 496
Product dimensions: 7.40(w) x 9.10(h) x 1.20(d)

About the Author

Chris Sanders is a technology consultant, author, and trainer. Chris serves as senior information security analyst for the Department of Defense as contracted through EWA Government Systems, Inc. In this role Chris is responsible for the management of a team of intrusion detection system analysts examining public and classified networks. His book Practical Packet Analysis is widely respected as one of the best practical use books on its topic and has sold several thousand copies internationally. Along with this, Chris has written and co-written hundreds of articles on the topics centered on network security, packet analysis, intrusion detection, and general network administration. Chris also serves as a SANS mentor training students on intrusion detection in-depth and incident handling.

In 2008, Chris founded the Rural Technology Fund. The RTF is a 501(c)(3) non-profit organization designed to provide scholarship opportunities to students from rural areas pursuing careers in computer technology. The organization also promotes technology advocacy in rural areas through various support programs.

You can read more about Chris on his personal blog located at http://www.chrissanders.org where he posts information regarding his latest projects as well as various technical articles and product reviews

Table of Contents

  1. Introduction to NSM
  2. Driving Data Collection
  3. The Sensor Platform
  4. Full Packet Capture Data
  5. Session Data
  6. Protocol Metadata
  7. Statistical Data
  8. Indicators of Compromise
  9. Target-Based Detection
  10. Signature-Based Detection with Snort
  11. Signature-Based Detection with Suricata
  12. Anomaly-Based Detection with Bro
  13. Early Warning AS&W with Honeypots
  14. Packet Analysis
  15. Friendly Intelligence
  16. Hostile Intelligence
  17. Differential Diagnosis of NSM Events
  18. Incident Morbidity and Mortality
  19. Malware Analysis for NSM

What People are Saying About This

From the Publisher

The essential guide to becoming an NSM analyst from the ground up

From the B&N Reads Blog
Page 1 of

Related Subjects

Computers
Networking & Telecommunications
Security - Computer Networks
Computers
Networking & Telecommunications
Security - Computer Networks

Customer Reviews