In weniger als einer Minute können Sie mit dem Lesen von Applied Network Security Monitoring auf Ihrem Kindle beginnen. Sie haben noch keinen Kindle? Hier kaufen oder mit einer unserer kostenlosen Kindle Lese-Apps sofort zu lesen anfangen.

An Ihren Kindle oder ein anderes Gerät senden


Kostenlos testen

Jetzt kostenlos reinlesen

An Ihren Kindle oder ein anderes Gerät senden

Der Artikel ist in folgender Variante leider nicht verfügbar
Keine Abbildung vorhanden für
Keine Abbildung vorhanden

Applied Network Security Monitoring: Collection, Detection, and Analysis [Kindle Edition]

Chris Sanders , Jason Smith

Kindle-Preis: EUR 29,10 Inkl. MwSt. und kostenloser drahtloser Lieferung über Amazon Whispernet

Kostenlose Kindle-Leseanwendung Jeder kann Kindle Bücher lesen  selbst ohne ein Kindle-Gerät  mit der KOSTENFREIEN Kindle App für Smartphones, Tablets und Computer.

Geben Sie Ihre E-Mail-Adresse oder Mobiltelefonnummer ein, um die kostenfreie App zu beziehen.

Weitere Ausgaben

Amazon-Preis Neu ab Gebraucht ab
Kindle Edition EUR 29,10  
Taschenbuch EUR 38,47  



"... an extremely informative dive into the realm of network security data collection and analysis...well organized and thought through...I have only positive comments from my study." -The Ethical Hacker Network, Oct 31, 2014


Applied Network Security Monitoring is the essential guide to becoming an NSM analyst from the ground up. This book takes a fundamental approach to NSM, complete with dozens of real-world examples that teach you the key concepts of NSM.

Network security monitoring is based on the principle that prevention eventually fails. In the current threat landscape, no matter how much you try, motivated attackers will eventually find their way into your network. At that point, it is your ability to detect and respond to that intrusion that can be the difference between a small incident and a major disaster.

The book follows the three stages of the NSM cycle: collection, detection, and analysis. As you progress through each section, you will have access to insights from seasoned NSM professionals while being introduced to relevant, practical scenarios complete with sample data.

If you've never performed NSM analysis, Applied Network Security Monitoring will give you an adequate grasp on the core concepts needed to become an effective analyst. If you are already a practicing analyst, this book will allow you to grow your analytic technique to make you more effective at your job.

  • Discusses the proper methods for data collection, and teaches you how to become a skilled NSM analyst
  • Provides thorough hands-on coverage of Snort, Suricata, Bro-IDS, SiLK, and Argus
  • Loaded with practical examples containing real PCAP files you can replay, and uses Security Onion for all its lab examples
  • Companion website includes up-to-date blogs from the authors about the latest developments in NSM


  • Format: Kindle Edition
  • Dateigröße: 7425 KB
  • Seitenzahl der Print-Ausgabe: 496 Seiten
  • Verlag: Syngress; Auflage: 1 (26. November 2013)
  • Verkauf durch: Amazon Media EU S.à r.l.
  • Sprache: Englisch
  • Text-to-Speech (Vorlesemodus): Aktiviert
  • X-Ray:
  • Word Wise: Nicht aktiviert
  • Amazon Bestseller-Rang: #248.255 Bezahlt in Kindle-Shop (Siehe Top 100 Bezahlt in Kindle-Shop)

  •  Ist der Verkauf dieses Produkts für Sie nicht akzeptabel?

Mehr über die Autoren

Entdecken Sie Bücher, lesen Sie über Autoren und mehr


Es gibt noch keine Kundenrezensionen auf
5 Sterne
4 Sterne
3 Sterne
2 Sterne
1 Sterne
Die hilfreichsten Kundenrezensionen auf (beta) 0.0 von 5 Sternen  0 Rezensionen
5 von 5 Kunden fanden die folgende Rezension hilfreich
5.0 von 5 Sternen Written by Analysts for Analysts. 27. März 2014
Von Danny Akacki - Veröffentlicht auf
Format:Taschenbuch|Verifizierter Kauf
Here's what you need to know about Applied NSM.

1. It's an amazingly easy read.

Those of us who have ever been forced into digesting anything ever published by Cisco Press know easy to read textbooks are diamonds in the rough. It's clear the authors of Applied NSM went to great lengths to be as technically thorough as possible while maintaining an easy, entertaining and conversational tone throughout the book. It's the anti "Makes Me Want To Bash My Face Into My Desk Just To Stay Awake" book.

2. The right tool for the job but...

The goal of any analyst is simple but crucial, find evil by any means necessary. To that end you need better weapons than your adversary. In this book Security Onion is your arsenal and the authors perform a deep dive into all wonderful toys Security Onion has to offer. The tools listed within the pages of this book are your ticket to a better way to find the badness lurking on your clients network. That being said...

3. alone will not save you and the authors know it.

Of all the weapons at your disposal in the never-ending hunt for evil, unequivocally the most important is that big spongy thing between your ears. This book isn't just a stack of man pages with a fancy cover thrown on, it provides valuable insight and guidance to aid your own unique thought process and hunting style. On that topic, a special note...

4. Get your mind right.

Chapter 15 "The Analysis Process" should be required reading for both every newbie working in a SOC and every jaded veteran. This chapter could be it's own book and if I have any complaint about Applied NSM it's that this chapter wasn't long enough for me. It's so absolutely crucial I recommend you read it first, then read it again. If you buy the book for no other reason, buy it for Chapter 15.

So that's it, whether you're a n00b looking to find his footing in this industry or a battle tested warrior looking for new ways to catch the bad guys, Applied Network Security Monitoring is an absolute must have. Good hunting!
3 von 3 Kunden fanden die folgende Rezension hilfreich
5.0 von 5 Sternen Great book on Network Security Monitoring 2. Februar 2014
Von Ryan Stillions - Veröffentlicht auf
Format:Kindle Edition|Verifizierter Kauf
I’m a long time NSM practitioner and I work with Smith & Bianco.
Chris was gracious enough to provide me with a PDF copy of the book for review.
- - - -

Applied NSM is a powerhouse of practitioner knowledge. Divided into three primary sections (Collection, Detection, & Analysis) ANSM focuses on the key staples necessary for establishing a successful NSM program and how to get up and running.

The book weighs in at an impressive 465 pages (including appendixes). However, depending on the readers familiarity with NSM and exposure to other related works on the subject, there could be some overlap.

The areas I found most valuable that contributed new concepts to my “NSM library" included:

Chapter 2’s discussion on the Applied Collection Framework
Chapter 4’s coverage of SiLK for analysis of flow data
Chapter 6’s coverage of LogStash and Kibana
Chapter 10’s coverage on Bro
Chapter 11’s coverage on Anomaly based detection via SiLK tools
Appendix 3 makes for a handy desk side reference if you work with raw packet captures on a daily basis.

For these sections alone, ANSM makes it well worth the purchase and addition to your collection. Speaking of which, all of the proceeds from this book go to several charities, and after having initially reviewed it for free, I still decided to purchase a copy on Kindle to have as a desk side reference and support such great causes.

Great job guys!
3 von 3 Kunden fanden die folgende Rezension hilfreich
5.0 von 5 Sternen Excellent guide for starting and expanding a Network Security Pratice. 17. Dezember 2013
Von Wesley Allen - Veröffentlicht auf
Great book! If you are totally new to the practice of NSM then all you need to get set up, capture some data and start doing some analysis is in here. If you are already doing some NSM work, then this will help you extend and expand into new areas. The authors focus on open source / free programs and utilities, so the only cost to start a IDS is some hardware and your time.

I have been doing security for awhile, but not much focused intrusion detection before my current position. This book really helped "fill in the gaps" in my knowledge of NSM and give me a push in the right direction as far as using SiLK and a couple of the other tools. There is more then enough info to get started, but not to much that would be overly specific to a given setup, so it is still up to you to do a bit of research and dig deeper into the areas that the book introduces that you might want to use in your day to day work. You do need to have the basics of networking, security and TCP/UDP/IP down first, but they do a good job starting slow and building up.

I read through the book pretty quickly to pick up the areas I want to work in more, and will continue to use it as a reference in my work.
2 von 2 Kunden fanden die folgende Rezension hilfreich
5.0 von 5 Sternen Well worth your time 3. April 2014
Von Michael W Lucas - Veröffentlicht auf
Format:Kindle Edition
Some of Applied Network Security Monitoring will be very familiar to anyone who has read any other security book–I’ve read many times that risk equals impact times probability. Every book on this topic needs this information, however, and Sanders and company cover it in sufficient detail to ground a probie while letting the rest of us easily skim it as a refresher.

Then they take us through selecting data collection points and how they make decisions on where to collect data and what kind of data to collect. Ideally, of course, you collect full packet data everywhere, but in my semi-rural gigabit ISP world I don’t have enough electricity to spin that much disk. Where can you get by with session data, and where do you need full packet capture? ANSM takes you through the choices and the advantages and disadvantages of each, along with some guidance on the hardware needs.

Data is nice, but it’s what you do with the data that makes security analysis interesting. ANSM uses Security Onion as an underlying toolkit. Security Onion is huge, and contains myriad tools for any given purpose. There’s reasons for this–no one NSM tool is a perfect fit for all environments. ANSM chooses their preferred tools, such as Snort, Bro, and SiLK, and takes you through configuring and using them on the SO platform. Their choices give you honeypots and log management and all the functionality you expect.

Throughout the book you’ll find business and tactical advice. How do you organize a security team? How do you foster teamwork, retain staff, and deal with arrogant dweebs such as yours truly? (As an aside, ANSM contains the kindest and most business-driven description of the “give the arrogant guy enough rope to hang himself” tactic that I have ever read.) I’ve been working with the business side of IT for decades now, and ANSM taught me new tricks.

The part of the book that I found most interesting was the section on analysis. What is analysis, anyway? ANSM takes you through both differential analysis and relational analysis, and illustrates them with actual scenarios, actual data. Apparently I’m a big fan of differential diagnosis. I use it everywhere. For every problem. Fortunately, Sanders and crew include guidelines for when to try each type of analysis. I’ll have to try this “relational analysis” thing some time and see what happens.

Another interesting thing about ANSM is how it draws in lots of knowledge and examples from the medical field. Concepts like morbidity and mortality are very applicable to information technology in general, not just network security monitoring, and adding this makes the book both more useful and more interesting.

Applied Network Security Monitoring is a solid overview of the state of security analysis in 2014, and was well worth my time to read. It’s worth your time as well.
2 von 2 Kunden fanden die folgende Rezension hilfreich
5.0 von 5 Sternen Should be read by anyone starting or involved in network security monitoring! 11. Juli 2014
Von Bryon Hundley - Veröffentlicht auf
Another outstanding PRACTICAL approach by Chris Sanders accompanied by Jason Smith this round. This book should be required reading for all intrusion analyst and those looking to develop a security monitoring program. The ACF mentioned in the book should be the standard for building a data collection architecture in my opinion. Organizations use the "everything and the kitchen sink" approach all to often (like let's throw everything into Arcsight) without looking at what they should really be collecting and defining out the results that should be achieved.
I am also a strong believer and practitioner of the Threat Centric approach mentioned in the book. It seems the industry is turning in that direction and seeing threats for what they are instead of each falling into a neat category. It's the right approach and this book applies it in a practical manner that makes sense.
Waren diese Rezensionen hilfreich?   Wir wollen von Ihnen hören.

Kunden diskutieren

Das Forum zu diesem Produkt
Diskussion Antworten Jüngster Beitrag
Noch keine Diskussionen

Fragen stellen, Meinungen austauschen, Einblicke gewinnen
Neue Diskussion starten
Erster Beitrag:
Eingabe des Log-ins

Kundendiskussionen durchsuchen
Alle Amazon-Diskussionen durchsuchen

Ähnliche Artikel finden