Friday, April 04, 2008

Review of Visible Ops Security Posted

Amazon.com just posted my four star review of Visible Ops Security by Gene Kim, Paul Love, and George Spafford. From the review:

I reviewed Visible Ops (VO) in August 2005, and I provided commentary on a draft of Visible Ops Security (VOS) to co-author Gene Kim. I liked VO, with a few caveats that apply to both VO and VOS. I have mixed feelings on VOS because the book seems more about preparations and less about operations. Security operations (SO) obviously include integration with developers and IT staff, but SO also requires action in the face of attack. If VOS is supposed to be about SO, it should address trying to prevent compromise *and* what to do when prevention fails.

2 comments:

Anonymous said...

Can you suggest another book on setting up an effective SOC?

Anonymous said...

or any other resources on setting up a SOC and staffing it would be great.