Martin G. Nystrom

Martin G. Nystrom

Senior Manager, Cisco Active Threat Analytics

Research Triangle Park, North Carolina

Areas of Expertise:

  • security incident response
  • breach detection
  • cyber investigations
  • cyber threat intelligence application
  • network security
  • system security
  • web security
  • speaking
  • training
  • writing
Martin G. Nystrom is the senior manager for Cisco's Active Threat Analytics managed security service. From SOCs in the US, APAC, and EMEAR, Martin's team provides 24x7 expert monitoring and investigation to detect and contain advanced cyber security threats on customer networks. As part of his role, Martin provides guidance for incident response and security initiative to executive customers. Martin built his security career by providing security architecture guidance for enterprise projects. Once he saw that the real fun was in discovering, hunting, and responding to cyber breaches, Martin became one of the founding members of Cisco CSIRT, leading and developing the team toward global SOC coverage and advanced tooling as a premiere CERT. He received a bachelor's degree from Iowa State University, a master's degree from NC State University, and maintains a CISSP certification since 2004. He is the author of O'Reilly's SQL Injection Defenses, and co-author of Security Monitoring. He is a frequent conference speaker, and was honored on the Java One Rock Star Wall of Fame. He enjoys speaking at FIRST and Cisco Live (formerly Cisco Networkers) conferences. Most of Martin's papers and presos can be found on his web site at

Security Monitoring Security Monitoring
by Chris Fry, Martin G. Nystrom
February 2009
Print: $44.99
Ebook: $35.99

SQL Injection Defenses SQL Injection Defenses
by Martin G. Nystrom
March 2007
Ebook: $9.99

Webcast: Security Monitoring
July 15, 2009
How well does your enterprise stand up against today's sophisticated security threats? In this webcast, security experts from Cisco Systems demonstrate how to detect damaging security incidents on your global network--first by teaching you which assets...

"For those looking for an across-the-board overview, Security Monitoring provides a very practical and real-world detailed perspective of how to create a security monitoring program that can deal with today’s exceedingly complex and sophisticated security threats."
--Ben Rothke, Security Management

"Examples offer specifics, not generalities, and provide all the keys to monitoring a network system in a pick highly recommended for any programmer's collection."
--James A. Cox, California Bookwatch: The Computer Shelf

"It isn't a text book, it isn't a light book to read at the airport and it isn't for those seeking an overview of network security. The book was never meant to be any of those things, it was written by techies to help other techies and in this respect, it fulfills its promise."
--Jonathan Newell, Pro Security Zone

"There are many good books that discuss the basics of systems administration. This is not one of those books. This book is much deeper and more specific and fills a niche that I think needed to be filled...I think this book belongs on the shelf of anyone who has any responsibility for the security of systems, whether that responsibility is ultimate or partial. There is a lot in here, and anyone working in the field is sure to benefit in some way from the information."
--Matthew Helmke,

"This is a great guide for the novice getting started in web development or the DBA who needs a quick reference to find specific information...And for 9.99 its worth every penny!"
--Frank Stepanski