This book teaches readers how to use network security monitoring (NSM) to add a robust layer of protection around their networks. It covers deploying, building, and running an NSM operation using open source software and vendor-neutral tools, and shows how to interpret network evidence from server-side and client-side intrusions. Readers will learn how to determine where to deploy NSM platforms, deploy stand-alone or distributed NSM installations, use command line and graphical packet analysis tools, and integrate threat intelligence into NSM software to identify sophisticated adversaries. The book provides a comprehensive guide to building a security net to detect, contain, and control attacks, and is suitable for readers with no prior experience.
FEATURES
SIMILAR TOOLS
A comprehensive guide to incident response, providing effective techniques for responding to advanced attacks against local and remote network resources.
INE Security offers a range of cybersecurity certifications, including penetration testing, mobile and web application security, and incident response.
A repository of cybersecurity conference presentation slides from Black Hat, Offensivecon, and REcon.
A comprehensive guide to developing an incident response capability through intelligence-based threat hunting, covering theoretical concepts and real-life scenarios.
A comprehensive guide to digital forensics and incident response, covering incident response frameworks, digital forensic techniques, and threat intelligence.
A comprehensive guide to using Metasploit, including searching for modules, specifying exploits and payloads, and using auxiliary modules.
Comprehensive security training platform for web developers, offering hands-on experience with real, vulnerable applications and concrete advice for securing code.
A practical guide to developing a comprehensive security monitoring and incident response strategy, covering incident response fundamentals, threat analysis, and data analysis.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.