Reddit Reddit reviews The Tao of Network Security Monitoring: Beyond Intrusion Detection

We found 6 Reddit comments about The Tao of Network Security Monitoring: Beyond Intrusion Detection. Here are the top ones, ranked by their Reddit score.

Computers & Technology
Books
Computer & Technology Certification Guides
CompTIA
The Tao of Network Security Monitoring: Beyond Intrusion Detection
Check price on Amazon

6 Reddit comments about The Tao of Network Security Monitoring: Beyond Intrusion Detection:

u/[deleted] · 18 pointsr/netsec

It really depends on what niche you're looking on covering. It's difficult, I feel, to brush up on "infosec" to any level of practical proficiency without focusing on a few subsets. Based on your interests, I would recommend the following books.

General Hacking:

Hacking Exposed

The Art of Exploitation

The Art of Deception



Intrusion Detection / Incident Response:

Network Flow Analysis

The Tao of Network Security Monitoring

Practical Intrusion Analysis

Real Digital Forensics


Reverse Engineering:

Reversing: Secrets of Reverse Engineering

The Ida Pro Book

Malware Analyst Cookbook

Malware Forensics



Digital Forensics:

File System Forensic Analysis

Windows Forensic Analysis

Real Digital Forensics

The Rootkit Arsenal


Hope this helps. If you're a University student, you might have access to Safari Books Online, which has access to almost all of these books, and more. You can also purchase a personal subscription for like $23 a month. It's a bit pricey, but they have an awesome library of technical books.

u/Julznova · 4 pointsr/netsecstudents

One book my technical lead gave me when I first started in a junior position is https://www.amazon.com/Tao-Network-Security-Monitoring-Intrusion/dp/0321246772/ Essential reading.

u/0x7262 · 3 pointsr/AskNetsec

the tao of network security monitoring explains a framework for stitching together different pieces of network security data into a process for investigation (the follow-up is also good).

yes, the thing you want is called 'full packet', and yes, it usually involves just sniffing, saving, and indexing all traffic at your network ingress/egress. there's some good open source frameworks like moloch for doing that, or if you've got money kicking around, something like solera or netwitness will do the trick nicely.

u/ftnwo · 2 pointsr/AskNetsec

I missed your bit about books and training question- try checking out some stuff like this http://www.amazon.com/The-Tao-Network-Security-Monitoring/dp/0321246772

u/markjx · 2 pointsr/netsecstudents

There's a new SANS class on Security Architecture: http://www.sans.org/sec530

I also suggest Richard Bejtlich's book, The Tao of Network Security Monitoring. It isn't specifically on "security architecture", but it does talk about how to architect your network, which is basically the same thing. https://smile.amazon.com/Tao-Network-Security-Monitoring-Intrusion/dp/0321246772/

u/oregonsysadmin · 1 pointr/AskNetsec

I believe I've heard good things about The Tao of Network Security Monitoring, but haven't had a chance to read it myself. In the description lists a few other books the author recommends.