Foreword

Learning how to build and operate a network security monitoring infrastructure is a daunting task. Chris Sanders and his team of authors have crafted a framework for NSM, and provide the reader with a codified plan to put network security monitoring into practice.

Medium and large organizations are being crushed by the amount of data they are collecting. With event counts exceeding 100 million events in some instances, having a monitoring infrastructure and standard operating procedures that can scale is critical.

Seek and ye shall find: the inverse is also true. It makes no sense to collect data, and potentially even do the detection, but skip on the analysis. This book you hold in your hands gives you the keys to each of the steps ...