THE PRACTICE OF NETWORK SECURITY MONITORING

Network Security Monitoring (NSM) is the the collection, analysis, and escalation of indications and warnings to detect and respond to intrusions. The Practice of Network Security Monitoring teaches IT and security staff how to leverage powerful NSM tools and concepts to identify threats quickly and effectively. Author Richard Bejtlich is a recognized expert in NSM and shares his 15 years of incident handling experience with the reader. In addition to teaching you how to use key monitoring tools, Bejtlich demonstrates a holistic way of thinking about detecting, responding to, and containing intruders. The Practice of Network Security Monitoring assumes no prior experience with network security monitoring, and covers designing, deploying, building, and running an NSM operation. The book focuses on open source software and vendor-neutral tools, avoiding costly and inflexible solutions.