Cyber Shelf

// Comparison

Applied Network Security Monitoring vs Sécurité et espionnage informatique: Which Should You Read?

Two cybersecurity books on Detection, compared honestly: who each is for, what each does best, and which to read first.

Intermediate
4/52013
Applied Network Security Monitoring

Collection, Detection, and Analysis

Chris Sanders, Jason Smith

A practitioner's walkthrough of building an NSM capability end to end, from deciding what to collect through detection and the analysis workflow that ties it together. The tooling is dated, but the way it teaches you to think about monitoring is not.

Advanced
4/52015
Sécurité et espionnage informatique

Connaissance de la menace APT et du cyberespionnage

Cédric Pernet

A technical French guide to advanced persistent threats and cyber-espionage — how APT campaigns work, how to detect them, and how to defend — by one of France's APT specialists.

Read this if

SOC analysts and aspiring detection engineers who want a structured mental model for collection, detection, and analysis rather than a pile of disconnected tooling tutorials.
Defenders, threat-intel analysts and SOC engineers who want to understand the APT kill chain, attacker tradecraft and detection, from a French practitioner who has hunted these groups.

Skip this if

Anyone hoping for a current toolkit. Skip this if you want hands-on Zeek/Suricata/Elastic configs you can paste today, the commands here have aged out.
Beginners without a security background; it assumes familiarity with networks and incident response, and is aimed at professional defenders.

Key takeaways

  • Collection is a deliberate decision, not a default. Decide what data matters before you drown in everything.
  • The book's split of detection into signature, anomaly, and statistical approaches still maps cleanly onto how modern stacks work.
  • Analysis is a discipline with a workflow, not improvised packet-staring, and that framing is the most durable thing here.
  • One of the first serious French books dedicated to APTs and cyber-espionage.
  • Practitioner-grounded: the attacker lifecycle and the detection/defence response, not vendor marketing.
  • A strong bridge between threat intelligence and hands-on detection engineering for French-speaking defenders.

How they compare

Applied Network Security Monitoring and Sécurité et espionnage informatique are both rated 4/5 in our catalog. Pick by topic preference and reading style rather than by rating.

Applied Network Security Monitoring is pitched at intermediate level. Sécurité et espionnage informatique is pitched at advanced level. Read the easier one first if you're not yet comfortable with the topic.

Applied Network Security Monitoring and Sécurité et espionnage informatique both cover Detection, Defensive, so reading them in sequence reinforces the same material from different angles.

Keep reading

Applied Network Security Monitoring

Alternatives to Applied Network Security MonitoringWhat to read after Applied Network Security Monitoring

Sécurité et espionnage informatique

Alternatives to Sécurité et espionnage informatiqueWhat to read after Sécurité et espionnage informatique

Related topics

DetectionDefensive