Cyber Shelf

// Prerequisites

What to read before The Practice of Network Security Monitoring

If The Practice of Network Security Monitoring feels too steep at intermediate level, here is what to read first. Lighter books in the same topics that build the prerequisites this one assumes.

DefensiveDetectionNetworking

  1. 01 · 2017

    Network Security Through Data Analysis

    Michael Collins on building situational awareness from network telemetry: collection architecture, statistical baseline-setting, and the analytic patterns that turn raw flows into detection.

    Intermediate
    4/5Michael Collins

  2. 02 · 2017

    Practical Packet Analysis

    Chris Sanders' working manual for Wireshark, geared at troubleshooting and incident response rather than abstract protocol theory. Updated for Wireshark 2.x.

    Beginner
    4/5Chris Sanders

  3. 03 · 2019

    Foundations of Information Security

    Jason Andress' compact tour of the field: confidentiality / integrity / availability, identification and authentication, network and OS controls, written for newcomers and adjacent disciplines.

    Beginner
    4/5Jason Andress

  4. 04 · 2021

    How Cybersecurity Really Works

    Sam Grubb's gentle, exercise-driven introduction for non-specialists who need a working mental model of attacker behaviour and basic defence.

    Beginner
    4/5Sam Grubb

  5. 05 · 2007

    Linux Firewalls

    Michael Rash, author of psad and fwsnort, on building and operating Linux-native packet filtering and intrusion-response tooling. Pre-nftables in detail but conceptually durable.

    Intermediate
    4/5Michael Rash

  6. 06 · 2017

    Zero Trust Networks

    Evan Gilman and Doug Barth's pre-marketing-bubble treatment of zero-trust architecture — what it is when you actually implement it (trust evaluation, device identity, dynamic policy) versus what the vendor pitch turned it into.

    Intermediate
    4/5Evan Gilman, Doug Barth

  7. 07 · 2020

    Web Security for Developers

    Malcolm McDonald's developer-side primer on the OWASP-class issues, framed around real attacks and defended with code patterns rather than vendor products.

    Beginner
    4/5Malcolm McDonald

  8. 08 · 2021

    Cyberjutsu

    Ben McCarty maps declassified medieval ninja scrolls onto modern adversary tradecraft. More analogy-driven than technical, useful for security-program framing.

    Beginner
    3/5Ben McCarty
Back to The Practice of Network Security MonitoringWhat to read after The Practice of Network Security Monitoring