13. Analyst Training Program
Tools are helpful, but they're only as effective as the people who wield them. This chapter suggests skills needed to perform NSM. These ideas are based on my experiences leading and training analysts in military and commercial settings. The ultimate goal is to produce a security professional—a person on the path to awareness of all aspects of network security. Because this book addresses NSM, in this chapter I emphasize skills for identifying and validating network traffic.
While it's possible to achieve some success performing NSM without becoming a security professional, appreciation for these principles promotes enduring success. It's not enough to focus on decoding packet traces and inspecting odd TCP flags. ...
Get The Tao of Network Security Monitoring Beyond Intrusion Detection now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
