#1,112 in Computers & technology books
Use arrows to jump to the previous/next product
Reddit mentions of The Tao of Network Security Monitoring: Beyond Intrusion Detection
Sentiment score: 3
Reddit mentions: 6
We found 6 Reddit mentions of The Tao of Network Security Monitoring: Beyond Intrusion Detection. Here are the top ones.
Buying options
View on Amazon.comor
- Plastic Blank Badge - 10 Pack with white pin (UNASSEMBLED)
- 1/16" Thick; UV Stable Plastic
- Satin Brushed Silver front Black Back
- Badge Measures: 1" X 3"
- Delivered with PIN and plate unassembled giving buyer option to engrave or use label
Features:
Specs:
Height | 9 Inches |
Length | 7 Inches |
Number of items | 1 |
Weight | 2.84616780242 Pounds |
Width | 1.75 Inches |
It really depends on what niche you're looking on covering. It's difficult, I feel, to brush up on "infosec" to any level of practical proficiency without focusing on a few subsets. Based on your interests, I would recommend the following books.
General Hacking:
Hacking Exposed
The Art of Exploitation
The Art of Deception
Intrusion Detection / Incident Response:
Network Flow Analysis
The Tao of Network Security Monitoring
Practical Intrusion Analysis
Real Digital Forensics
Reverse Engineering:
Reversing: Secrets of Reverse Engineering
The Ida Pro Book
Malware Analyst Cookbook
Malware Forensics
Digital Forensics:
File System Forensic Analysis
Windows Forensic Analysis
Real Digital Forensics
The Rootkit Arsenal
Hope this helps. If you're a University student, you might have access to Safari Books Online, which has access to almost all of these books, and more. You can also purchase a personal subscription for like $23 a month. It's a bit pricey, but they have an awesome library of technical books.
One book my technical lead gave me when I first started in a junior position is https://www.amazon.com/Tao-Network-Security-Monitoring-Intrusion/dp/0321246772/ Essential reading.
the tao of network security monitoring explains a framework for stitching together different pieces of network security data into a process for investigation (the follow-up is also good).
yes, the thing you want is called 'full packet', and yes, it usually involves just sniffing, saving, and indexing all traffic at your network ingress/egress. there's some good open source frameworks like moloch for doing that, or if you've got money kicking around, something like solera or netwitness will do the trick nicely.
I missed your bit about books and training question- try checking out some stuff like this http://www.amazon.com/The-Tao-Network-Security-Monitoring/dp/0321246772
There's a new SANS class on Security Architecture: http://www.sans.org/sec530
I also suggest Richard Bejtlich's book, The Tao of Network Security Monitoring. It isn't specifically on "security architecture", but it does talk about how to architect your network, which is basically the same thing. https://smile.amazon.com/Tao-Network-Security-Monitoring-Intrusion/dp/0321246772/
I believe I've heard good things about The Tao of Network Security Monitoring, but haven't had a chance to read it myself. In the description lists a few other books the author recommends.