Friday, January 31, 2014

A Look at Applied NSM

After my interview with the authors of Applied Network Security Monitoring, lead author Chris Sanders was kind enough to provide me with a preview release of the book. If you haven't pick up a copy yet, I strongly recommend you do.

Applied NSM provides readers with a process for building a production-ready network monitoring system from the ground up. From building sensors, to tuning them, and ultimately to answering, "what do I do with this data and these alarms?", Sanders et al. have laid out a solid foundation for analysts entering the network security profession. Personally, I found the sections on Bro (duh) and open source intelligence the most beneficial. I felt Bianco's practical example of using Bro to monitor a  netblock's unused IP space was a fantastic way to learn the basics of Bro scripting.

Not only is the book great reference material, all the proceeds go to charity, which is quite outstanding. Great job, guys!

No comments:

Post a Comment