"We share the challenges you face; we're on the hook for security, and have to prioritize resources to make it happen," write Nystrom and Fry. They've based their book on their years of experience conducting incident response to keep Cisco's global network secure.
"We like reading authentic books—the ones that don't try to sell us gear or consulting services—and we've endeavored to write this book with that angle," they explain. "This book aims to share our experience, successes, and failures to improve security monitoring with targeted techniques."
Security Monitoring offers six steps to improve network monitoring, which will help readers:
- Develop Policies: define rules, regulations, and monitoring criteria
- Know Your Network: build knowledge of your infrastructure with network telemetry
- Select Your Targets: define the subset of infrastructure to be monitored
- Choose Event Sources: identify event types needed to discover policy violations
- Feed and Tune: collect data, generate alerts, and tune systems using contextual information
- Maintain Dependable Event Sources: prevent critical gaps in collecting and monitoring events
Security Monitoring illustrates these steps with detailed examples designed to help readers learn to select and deploy the best techniques for monitoring their own enterprise networks.
This book is from practitioners for practitioners. The authors are approaching the topic of security monitoring from a very practical and hands-on perspective.
– Raffael Marty, chief security strategist, Security Visualization
For a review copy or more information please email firstname.lastname@example.org. Please include your delivery address and contact information.
Chris Fry a security investigator for Cisco Systems Computer Security Incident Response Team (CSIRT), joined Cisco in 1997 as an IT analyst specializing in production services support. He spent four years as a network engineer within Cisco IT gaining enterprise network knowledge and a unique insight into monitoring production networks
Martin Nystrom is a Member of Technical Staff (MTS) for the Computer Security Incident Response Team (CSIRT) at Cisco Systems. He leads the global security monitoring team and provides guidance for incident response and security initiatives.
For more information about the book, including table of contents, index, author bios, and cover graphic, see: http://www.oreilly.com/catalog/9780596518165
Chris Fry, Martin Nystrom
ISBN: 9780596518165, 246 pages, Book Price: $44.99 USD, £34.50 GBP
PDF Price: $35.99 USD
O’Reilly Media spreads the knowledge of innovators through its books, online services, magazines, and conferences. Since 1978, O’Reilly Media has been a chronicler and catalyst of cutting-edge development, homing in on the technology trends that really matter and spurring their adoption by amplifying “faint signals” from the alpha geeks who are creating the future. An active participant in the technology community, the company has a long history of advocacy, meme-making, and evangelism.