Cyber Shelf

// What to read next

What to read after The Practice of Network Security Monitoring

Where to go after The Practice of Network Security Monitoring, picked from our catalog. The next step up from intermediate level, weighted toward the topics this book covers.

DefensiveDetectionNetworking

  1. 01 · 2010

    Tableaux de bord de la sécurité réseau

    A practitioner's manual for measuring and steering network security — metrics, dashboards, monitoring and risk indicators — for the people who run security operations.

    Advanced
    3/5Cédric Llorens, Laurent Levier, Denis Valois

  2. 02 · 2013

    Applied Network Security Monitoring

    A practitioner's walkthrough of building an NSM capability end to end, from deciding what to collect through detection and the analysis workflow that ties it together. The tooling is dated, but the way it teaches you to think about monitoring is not.

    Intermediate
    4/5Chris Sanders, Jason Smith

  3. 03 · 2017

    Network Security Through Data Analysis

    Michael Collins on building situational awareness from network telemetry: collection architecture, statistical baseline-setting, and the analytic patterns that turn raw flows into detection.

    Intermediate
    4/5Michael Collins

  4. 04 · 2015

    Sécurité et espionnage informatique

    A technical French guide to advanced persistent threats and cyber-espionage — how APT campaigns work, how to detect them, and how to defend — by one of France's APT specialists.

    Advanced
    4/5Cédric Pernet

  5. 05 · 2007

    Linux Firewalls

    Michael Rash, author of psad and fwsnort, on building and operating Linux-native packet filtering and intrusion-response tooling. Pre-nftables in detail but conceptually durable.

    Intermediate
    4/5Michael Rash

  6. 06 · 2017

    Zero Trust Networks

    Evan Gilman and Doug Barth's pre-marketing-bubble treatment of zero-trust architecture — what it is when you actually implement it (trust evaluation, device identity, dynamic policy) versus what the vendor pitch turned it into.

    Intermediate
    4/5Evan Gilman, Doug Barth

  7. 07 · 2017

    Attacking Network Protocols

    James Forshaw, Project Zero veteran, on how to capture, parse, and break protocols from the wire up to the application layer, with a strong focus on building reusable analysis tooling.

    Advanced
    5/5James Forshaw

  8. 08 · 2020

    Building Secure and Reliable Systems

    Google's site-reliability and security teams jointly write down what it actually takes to build systems that are both safe and dependable, from threat models and design reviews to rollback culture and crisis response.

    Advanced
    5/5Heather Adkins, Betsy Beyer, Paul Blankinship, Piotr Lewandowski, Ana Oprea, Adam Stubblefield
Back to The Practice of Network Security MonitoringAlternatives to The Practice of Network Security Monitoring