Data Engineering for Cybersecurity: Build Secure Data Pipelines with Free and Open-Source Tools
暫譯: 網路安全數據工程：使用免費和開源工具構建安全數據管道

Name: Data Engineering for Cybersecurity: Build Secure Data Pipelines with Free and Open-Source Tools
Price: 1748 TWD
Availability: OnlineOnly
Author: Bonifield, James
ISBN: 1718504020

Bonifield, James

出版商: No Starch Press
出版日期: 2025-08-26
售價: $1,840
貴賓價: 9.5 折 $1,748
語言: 英文
頁數: 344
裝訂: Quality Paper - also called trade paper
ISBN: 1718504020
ISBN-13: 9781718504028
相關分類: Message Queue、Penetration-test、Ansible

海外代購書籍(需單獨結帳)

商品描述

Turn raw logs into real intelligence.

Security teams rely on telemetry--the continuous stream of logs, events, metrics, and signals that reveal what's happening across systems, endpoints, and cloud services. But that data doesn't organize itself. It has to be collected, normalized, enriched, and secured before it becomes useful. That's where data engineering comes in.

In this hands-on guide, cybersecurity engineer James Bonifield teaches you how to design and build scalable, secure data pipelines using free, open source tools such as Filebeat, Logstash, Redis, Kafka, and Elasticsearch and more. You'll learn how to collect telemetry from Windows including Sysmon and PowerShell events, Linux files and syslog, and streaming data from network and security appliances. You'll then transform it into structured formats, secure it in transit, and automate your deployments using Ansible.

You'll also learn how to:

Encrypt and secure data in transit using TLS and SSH
Centrally manage code and configuration files using Git
Transform messy logs into structured events
Enrich data with threat intelligence using Redis and Memcached
Stream and centralize data at scale with Kafka
Automate with Ansible for repeatable deployments

Whether you're building a pipeline on a tight budget or deploying an enterprise-scale system, this book shows you how to centralize your security data, support real-time detection, and lay the groundwork for incident response and long-term forensics.

商品描述(中文翻譯)

將原始日誌轉化為真正的智慧。

安全團隊依賴於遙測——持續流動的日誌、事件、指標和信號，這些都揭示了系統、端點和雲服務中發生的事情。但這些數據不會自動組織起來。它必須在變得有用之前被收集、標準化、豐富和保護。這就是數據工程的作用。

在這本實用指南中，網路安全工程師 James Bonifield 教你如何使用免費的開源工具，如 Filebeat、Logstash、Redis、Kafka 和 Elasticsearch 等，設計和構建可擴展且安全的數據管道。你將學會如何從 Windows 收集遙測數據，包括 Sysmon 和 PowerShell 事件、Linux 文件和 syslog，以及來自網路和安全設備的串流數據。然後，你將把這些數據轉換為結構化格式，在傳輸過程中進行安全保護，並使用 Ansible 自動化你的部署。

你還將學會如何：

使用 TLS 和 SSH 加密和保護傳輸中的數據

使用 Git 集中管理代碼和配置文件

將雜亂的日誌轉換為結構化事件

使用 Redis 和 Memcached 豐富數據的威脅情報

使用 Kafka 以大規模串流和集中數據

使用 Ansible 自動化可重複的部署

無論你是在緊縮預算下構建管道，還是在部署企業級系統，本書都將教你如何集中你的安全數據，支持實時檢測，並為事件響應和長期取證奠定基礎。

作者簡介

James Bonifield has over a decade of experience analyzing malicious activity, implementing data pipelines, and training others in the security industry. He has built enterprise-scale log solutions, automated detection workflows, and led analyst teams investigating major cyber threat actors. Bonifield holds numerous certifications and enjoys spending time with his family, traveling, and tinkering with all things security and Python related.