Synopsis
How well does your enterprise stand up against today's sophisticated security threats? In this book, security experts from Cisco Systems demonstrate how to detect damaging security incidents on your global network--first by teaching you which assets you need to monitor closely, and then by helping you develop targeted strategies and pragmatic techniques to protect them.
Security Monitoring is based on the authors' years of experience conducting incident response to keep Cisco's global network secure. It offers six steps to improve network monitoring. These steps will help you:
- Develop Policies: define rules, regulations, and monitoring criteria
- Know Your Network: build knowledge of your infrastructure with network telemetry
- Select Your Targets: define the subset of infrastructure to be monitored
- Choose Event Sources: identify event types needed to discover policy violations
- Feed and Tune: collect data, generate alerts, and tune systems using contextual information
- Maintain Dependable Event Sources: prevent critical gaps in collecting and monitoring events
Security Monitoring illustrates these steps with detailed examples that will help you learn to select and deploy the best techniques for monitoring your own enterprise network.
"synopsis" may belong to another edition of this title.
About the Authors
Chris Fry has been a member of the Computer Security Incident Response Team (CSIRT) at Cisco Systems, Inc for 5 years, focusing on deployment of intrusion detection, network monitoring tools, and incident investigation. He began his career at Cisco in 1997 as an IT analyst, supporting Cisco's production services. His four years as a Network Engineer in Cisco IT's internal network support organization give him valuable knowledge about and unique insight into monitoring production enterprise networks. Chris holds a BA in Corporate Financial Analysis and an MS in Information and Communication Sciences from Ball State University.
Martin Nystrom is an InfoSec Investigations Manager for the Computer Security Incident Response Team (CSIRT) at Cisco Systems. He leads the global security monitoring team and provides guidance for incident response and security initiatives. Prior to joining Cisco's CSIRT, he was responsible for designing and consulting on secure architectures for IT projects. Martin worked as an IT architect and a Java programmer for 12 years prior, where he built his experience in the pharmaceutical and computer industries. He received a bachelor's degree from Iowa State University in 1990, a master's degree from NC State University in 2003, and his CISSP certification in 2004.
"About this title" may belong to another edition of this title.
Search results for Security Monitoring: Proven Methods for Incident Detection...
Stock Image
Security Monitoring: Proven Methods for Incident Detection on Enterprise Networks
Seller: World of Books (was SecondSale), Montgomery, IL, U.S.A.
Seller rating 5 out of 5 stars
Condition: Good. Item in very good condition! Textbooks may not include supplemental items i.e. CDs, access codes etc. Seller Inventory # 00072720651
Stock Image
Security Monitoring: Proven Methods for Incident Detection on Enterprise Networks
Seller: Once Upon A Time Books, Siloam Springs, AR, U.S.A.
Seller rating 4 out of 5 stars
paperback. Condition: Good. This is a used book in good condition and may show some signs of use or wear . This is a used book in good condition and may show some signs of use or wear . Seller Inventory # mon0000816494
Stock Image
Security Monitoring: Proven Methods for Incident Detection on Enterprise Networks
Seller: ThriftBooks-Dallas, Dallas, TX, U.S.A.
Seller rating 5 out of 5 stars
Paperback. Condition: Good. No Jacket. Pages can have notes/highlighting. Spine may show signs of wear. ~ ThriftBooks: Read More, Spend Less. Seller Inventory # G0596518161I3N00
Stock Image
Security Monitoring: Proven Methods for Incident Detection on Enterprise Networks
Seller: Toscana Books, AUSTIN, TX, U.S.A.
Seller rating 5 out of 5 stars
Paperback. Condition: new. Excellent Condition.Excels in customer satisfaction, prompt replies, and quality checks. Seller Inventory # Scanned0596518161
Seller Image
Security Monitoring
Seller: GreatBookPrices, Columbia, MD, U.S.A.
Seller rating 5 out of 5 stars
Condition: New. Seller Inventory # 5719568-n
Seller Image
Security Monitoring: Proven Methods for Incident Detection on Enterprise Networks (Paperback or Softback)
Published by
O'Reilly Media 2/1/2009, 2009
ISBN 10: 0596518161
ISBN 13: 9780596518165
New
Paperback or Softback
Seller: BargainBookStores, Grand Rapids, MI, U.S.A.
Seller rating 5 out of 5 stars
Paperback or Softback. Condition: New. Security Monitoring: Proven Methods for Incident Detection on Enterprise Networks. Book. Seller Inventory # BBS-9780596518165
Stock Image
Security Monitoring: Proven Methods for Incident Detection on Enterprise Networks
Seller: Lucky's Textbooks, Dallas, TX, U.S.A.
Seller rating 5 out of 5 stars
Condition: New. Seller Inventory # ABLIING23Feb2416190071012
Seller Image
Security Monitoring
Published by
O'Reilly Media, US, 2009
ISBN 10: 0596518161
ISBN 13: 9780596518165
New
Paperback
First Edition
Seller: Rarewaves USA, OSWEGO, IL, U.S.A.
Seller rating 5 out of 5 stars
Paperback. Condition: New. 1st. How well does your enterprise stand up against today's sophisticated security threats? With this book, security experts from Cisco Systems demonstrate how you can detect damaging security incidents on your global network - first by discovering which assets you need to monitor closely, then by helping you develop targeted strategies and pragmatic techniques to identify security incidents. "Security Monitoring" offers six steps to improve network monitoring, based on the authors' years of experience conducting incident response to keep Cisco's global network secure. These steps will guide you through the following: Develop Policies: define the rules, regulations, and criteria against which to monitor; Know Your Network: build knowledge of your infrastructure with network telemetry; Select Your Targets: define the subset of infrastructure where you'll focus monitoring; Choose Event Sources: identify the event types needed to discover policy violations; Feed and Tune: collect data and generate alerts, tuning systems using context; and, Maintain Dependable Event Sources: prevent critical gaps in your event collection and monitoring.To help you understand this framework, "Security Monitoring" illustrates its recommendations using a fictional mobile telephony provider. Each chapter's approach and techniques are overlaid against this fictional example with diagrams and detailed examples. These recommendations will help you select and deploy the best techniques for monitoring your own enterprise network. Seller Inventory # LU-9780596518165
Seller Image
Security Monitoring
Seller: GreatBookPrices, Columbia, MD, U.S.A.
Seller rating 5 out of 5 stars
Condition: As New. Unread book in perfect condition. Seller Inventory # 5719568
Stock Image
Security Monitoring
Published by
Oreilly & Associates Inc, 2009
ISBN 10: 0596518161
ISBN 13: 9780596518165
New
Paperback
Seller: Revaluation Books, Exeter, United Kingdom
Seller rating 5 out of 5 stars
Paperback. Condition: Brand New. 1st edition. 227 pages. 9.10x7.00x0.70 inches. In Stock. This item is printed on demand. Seller Inventory # __0596518161
Buy New
US$ 52.65
US$ 13.50 shipping
Ships from United Kingdom to U.S.A.
Ships from United Kingdom to U.S.A.
Quantity: 1 available