Cyber Shelf

// Alternatives

Alternatives to The Practice of Network Security Monitoring

Books in our catalog with overlapping topics and a similar reading level to The Practice of Network Security Monitoring. If The Practice of Network Security Monitoring is the wrong fit at intermediate level, start here.

DefensiveDetectionNetworking

  1. 01 · 2017

    Network Security Through Data Analysis

    Michael Collins on building situational awareness from network telemetry: collection architecture, statistical baseline-setting, and the analytic patterns that turn raw flows into detection.

    Intermediate
    4/5Michael Collins

  2. 02 · 2013

    Applied Network Security Monitoring

    A practitioner's walkthrough of building an NSM capability end to end, from deciding what to collect through detection and the analysis workflow that ties it together. The tooling is dated, but the way it teaches you to think about monitoring is not.

    Intermediate
    4/5Chris Sanders, Jason Smith

  3. 03 · 2010

    Tableaux de bord de la sécurité réseau

    A practitioner's manual for measuring and steering network security — metrics, dashboards, monitoring and risk indicators — for the people who run security operations.

    Advanced
    3/5Cédric Llorens, Laurent Levier, Denis Valois

  4. 04 · 2017

    Zero Trust Networks

    Evan Gilman and Doug Barth's pre-marketing-bubble treatment of zero-trust architecture — what it is when you actually implement it (trust evaluation, device identity, dynamic policy) versus what the vendor pitch turned it into.

    Intermediate
    4/5Evan Gilman, Doug Barth

  5. 05 · 2007

    Linux Firewalls

    Michael Rash, author of psad and fwsnort, on building and operating Linux-native packet filtering and intrusion-response tooling. Pre-nftables in detail but conceptually durable.

    Intermediate
    4/5Michael Rash

  6. 06 · 2017

    Practical Packet Analysis

    Chris Sanders' working manual for Wireshark, geared at troubleshooting and incident response rather than abstract protocol theory. Updated for Wireshark 2.x.

    Beginner
    4/5Chris Sanders

  7. 07 · 2015

    Sécurité et espionnage informatique

    A technical French guide to advanced persistent threats and cyber-espionage — how APT campaigns work, how to detect them, and how to defend — by one of France's APT specialists.

    Advanced
    4/5Cédric Pernet

  8. 08 · 2021

    Designing Secure Software

    Loren Kohnfelder, the original PKI author, on how to weave security thinking through requirements, design, implementation and operations rather than bolt it on at the end.

    Intermediate
    5/5Loren Kohnfelder

  9. 09 · 2014

    Threat Modeling

    Adam Shostack's practitioner-oriented introduction to threat modeling: STRIDE, attack trees, and how to fit the practice into a real software-development lifecycle.

    Intermediate
    5/5Adam Shostack

  10. 10 · 2012

    Practical Malware Analysis

    Still the gold standard textbook for static and dynamic malware analysis on Windows.

    Intermediate
    5/5Michael Sikorski, Andrew Honig
Back to The Practice of Network Security MonitoringWhat to read after The Practice of Network Security Monitoring