Showing posts from April, 2013

Practice of Network Security Monitoring Table of Contents

Since many of you have asked, I wanted to provide an updated Table of Contents for my upcoming book, The Practice of Network Security Monitoring . The TOC has only solidified in the last day or so. I delayed responding until I completed all of the text, which I did this weekend. You can preorder the book through No Starch . Please consider using the discount code NSM101 to save 30%. I'm still on track to publish by July 22, 2013, in time to teach two sessions of my new course, Network Security Monitoring 101 , in Las Vegas. I'll be using the new book's themes for inspiration but will likely have to rebuild all the labs. I expect the book to approach the 350 page mark, exceeding my initial estimates for 256 pages and 7 chapters. Here's the latest Table of Contents. Part I, “Getting Started,” introduces NSM and how to think about sensor placement. Chapter 1, “NSM Rationale,” explains why NSM matters, to help you gain the support needed to deploy NSM in your envi

Bejtlich Teaching New Class at Black Hat in July

I'm pleased to announce I will teach two sessions of a brand-new two day class at Black Hat USA 2013 this summer. The new class is Network Security Monitoring 101 . From the overview: Is your network safe from intruders? Do you know how to find out? Do you know what to do when you learn the truth? If you are a beginner, and need answers to these questions, Network Security Monitoring 101 (NSM101) is the newest Black Hat course for you. This vendor-neutral, open source software-friendly, reality-driven two-day event will teach students the investigative mindset not found in classes that focus solely on tools. NSM101 is hands-on, lab-centric, and grounded in the latest strategies and tactics that work against adversaries like organized criminals, opportunistic intruders, and advanced persistent threats. Best of all, this class is designed *for beginners*: all you need is a desire to learn and a laptop ready to run a few virtual machines. Instructor Richard Bejtlich has taug