The Practice of Network Security Monitoring
This book teaches readers how to use network security monitoring (NSM) to add a robust layer of protection around their networks. It covers deploying, building, and running an NSM operation using open source software and vendor-neutral tools, and shows how to interpret network evidence from server-side and client-side intrusions. Readers will learn how to determine where to deploy NSM platforms, deploy stand-alone or distributed NSM installations, use command line and graphical packet analysis tools, and integrate threat intelligence into NSM software to identify sophisticated adversaries. The book provides a comprehensive guide to building a security net to detect, contain, and control attacks, and is suitable for readers with no prior experience.
FEATURES
SIMILAR TOOLS
A repository of CTF challenges and resources from various cybersecurity competitions.
Comprehensive cheat sheet for SQLite SQL injection techniques and payloads.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Deliberately vulnerable CI/CD environment with 11 challenges to practice security.
ENISA Training Resources offers online training material for cybersecurity specialists, covering technical areas such as artefact handling and analysis.
A network of physical and online cyber warfare ranges for training and testing
A cybersecurity challenge where you play the role of an incident response consultant investigating an intrusion at Precision Widgets of North Dakota.
A blog post discussing the differences between Solaris Zones, BSD Jails, VMs, and containers, with the author arguing that containers are not a real thing.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.