Cyber Shelf

// What to read next

What to read after Practical Packet Analysis

Where to go after Practical Packet Analysis, picked from our catalog. The next step up from beginner level, weighted toward the topics this book covers.

NetworkingProtocol AnalysisDefensive

  1. 01 · 2013

    The Practice of Network Security Monitoring

    Richard Bejtlich's NSM playbook: how to deploy collection sensors, validate that you actually see what you think you see, and build detection workflows around open-source tools.

    Intermediate
    5/5Richard Bejtlich

  2. 02 · 2013

    Applied Network Security Monitoring

    A practitioner's walkthrough of building an NSM capability end to end, from deciding what to collect through detection and the analysis workflow that ties it together. The tooling is dated, but the way it teaches you to think about monitoring is not.

    Intermediate
    4/5Chris Sanders, Jason Smith

  3. 03 · 2007

    Linux Firewalls

    Michael Rash, author of psad and fwsnort, on building and operating Linux-native packet filtering and intrusion-response tooling. Pre-nftables in detail but conceptually durable.

    Intermediate
    4/5Michael Rash

  4. 04 · 2017

    Network Security Through Data Analysis

    Michael Collins on building situational awareness from network telemetry: collection architecture, statistical baseline-setting, and the analytic patterns that turn raw flows into detection.

    Intermediate
    4/5Michael Collins

  5. 05 · 2017

    Zero Trust Networks

    Evan Gilman and Doug Barth's pre-marketing-bubble treatment of zero-trust architecture — what it is when you actually implement it (trust evaluation, device identity, dynamic policy) versus what the vendor pitch turned it into.

    Intermediate
    4/5Evan Gilman, Doug Barth

  6. 06 · 2017

    Attacking Network Protocols

    James Forshaw, Project Zero veteran, on how to capture, parse, and break protocols from the wire up to the application layer, with a strong focus on building reusable analysis tooling.

    Advanced
    5/5James Forshaw

  7. 07 · 2010

    Tableaux de bord de la sécurité réseau

    A practitioner's manual for measuring and steering network security — metrics, dashboards, monitoring and risk indicators — for the people who run security operations.

    Advanced
    3/5Cédric Llorens, Laurent Levier, Denis Valois

  8. 08 · 2021

    Designing Secure Software

    Loren Kohnfelder, the original PKI author, on how to weave security thinking through requirements, design, implementation and operations rather than bolt it on at the end.

    Intermediate
    5/5Loren Kohnfelder
Back to Practical Packet AnalysisAlternatives to Practical Packet Analysis