Applied Network Security Monitoring: Collection, Detection, and Analysis (Paperback)

Chris Sanders, Jason Smith

  • 出版商: Syngress Media
  • 出版日期: 2013-12-05
  • 售價: $1,850
  • 貴賓價: 9.5$1,758
  • 語言: 英文
  • 頁數: 496
  • 裝訂: Paperback
  • ISBN: 0124172083
  • ISBN-13: 9780124172081
  • 相關分類: 資訊安全
  • 海外代購書籍(需單獨結帳)

買這商品的人也買了...

商品描述

Applied Network Security Monitoring is the essential guide to becoming an NSM analyst from the ground up. This book takes a fundamental approach, complete with real-world examples that teach you the key concepts of NSM. 

Network security monitoring is based on the principle that prevention eventually fails. In the current threat landscape, no matter how much you try, motivated attackers will eventually find their way into your network. At that point, your ability to detect and respond to that intrusion can be the difference between a small incident and a major disaster.

The book follows the three stages of the NSM cycle: collection, detection, and analysis. As you progress through each section, you will have access to insights from seasoned NSM professionals while being introduced to relevant, practical knowledge that you can apply immediately.

  • Discusses the proper methods for planning and executing an NSM data collection strategy
  • Provides thorough hands-on coverage of Snort, Suricata, Bro-IDS, SiLK, PRADS, and more
  • The first book to define multiple analysis frameworks that can be used for performing NSM investigations in a structured and systematic manner
  • Loaded with practical examples that make use of the Security Onion Linux distribution
  • Companion website includes up-to-date blogs from the authors about the latest developments in NSM, complete with supplementary book materials
If you've never performed NSM analysis, Applied Network Security Monitoring will help you grasp the core concepts needed to become an effective analyst. If you are already working in an analysis role, this book will allow you to refine your analytic technique and increase your effectiveness.

You will get caught off guard, you will be blind sided, and sometimes you will lose the fight to prevent attackers from accessing your network. This book is about equipping you with the right tools for collecting the data you need, detecting malicious activity, and performing the analysis that will help you understand the nature of an intrusion. Although prevention can eventually fail, NSM doesn't have to.

** Note: All author royalties from the sale of Applied NSM are being donated to a number of charities selected by the authors.

商品描述(中文翻譯)

《應用網路安全監控》是一本從基礎開始成為NSM分析師的必備指南。本書以基本的方法為基礎,並提供實際案例,教授您NSM的關鍵概念。

網路安全監控是基於預防最終失敗的原則。在當前的威脅環境中,無論您如何努力,有動機的攻擊者最終都會找到進入您的網路的方法。此時,您檢測和回應入侵的能力可能成為小事件和重大災難之間的區別。

本書遵循NSM循環的三個階段:收集、檢測和分析。隨著您進入每個部分,您將獲得經驗豐富的NSM專業人員的見解,同時介紹您可以立即應用的相關實用知識。

- 討論規劃和執行NSM數據收集策略的正確方法
- 提供對Snort、Suricata、Bro-IDS、SiLK、PRADS等工具的全面實踐覆蓋
- 第一本定義了多種分析框架的書籍,可用於以結構化和系統化的方式進行NSM調查
- 充滿實用示例,利用Security Onion Linux發行版
- 附帶網站包括作者關於NSM最新發展的博客,以及補充書籍材料

如果您從未進行過NSM分析,《應用網路安全監控》將幫助您掌握成為有效分析師所需的核心概念。如果您已經在分析角色中工作,本書將幫助您完善分析技巧並提高效率。

您將會被措手不及,您將會被偷襲,有時您將無法阻止攻擊者訪問您的網路。本書旨在為您提供收集所需數據、檢測惡意活動和進行分析的正確工具,以幫助您了解入侵的性質。儘管預防最終可能失敗,但NSM不必如此。

**註:《應用網路安全監控》的所有作者版稅將捐贈給作者選擇的多個慈善機構。**