SecurityCertified

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Sunday, July 12, 2009

Review of Practical Intrusion Analysis Posted

Posted on 5:16 AM by Unknown
Amazon.com just published my three star review of Practical Intrusion Analysis by Ryan Trost. From the review:

I must start this review by stating the lead author lists me in the Acknowledgments and elsewhere in the book, which I appreciate. I also did consulting work years ago for the lead author's company, and I know the lead author to be a good guy with a unique eye for applying geography to network security data. Addison-Wesley provided me a review copy.

I did not participate in the writing process for Practical Intrusion Analysis (PIA), but after reading it I think I know how it unfolded. The lead author had enough material to write his two main sections: ch 10, Geospatial Intrusion Detection, and ch 11, Visual Data Communications. He realized he couldn't publish a 115-page book, so he enlisted five contributing authors who wrote chapters on loosely related security topics. Finally the lead author wrote two introductory sections: ch 1, Network Overview, and ch 2, Infrastructure Monitoring. This publication-by-amalgamation method seldom yields coherent or helpful material, despite the superior production efforts of a company like Addison-Wesley. To put a point on PIA's trouble, there's only a single intrusion analyzed in the book, and it's in the lead author's core section. The end result is a book you can skip, although it would be good for chapters 4 and 10 to be published separately as digital "Short Cuts" on InformIT.

Richard Bejtlich is teaching new classes in Las Vegas in 2009. Late Las Vegas registration ends 22 July.
Email ThisBlogThis!Share to XShare to Facebook
Posted in reviews | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • DojoCon Videos Online
    Props to Marcus Carey for live streaming talks from DojoCon . I appeared in my keynote , plus panels on incident response and cloud secur...
  • Mandiant Webinar Wednesday; Help Us Break a Record!
    I'm back for the last Mandiant Webinar of the year, titled State of the Hack: It's The End of The Year As We Know It - 2011 . And y...
  • Bejtlich Speaking at TechTarget Emerging Threats Events in Seattle and New York
    I will be speaking at two events organized by TechTarget , for whom I used to write my Snort Report and Traffic Talk articles. The one-da...
  • Hakin9 04/2009 Issue
    I just received a review copy of the 04/2009 Hakin9 magazine. I am most interested in reading part two of Tyler Hudak 's article on au...
  • Human Language as the New Programming Language
    If you've read the blog for a while you know I promote threat-centric security in addition to vulnerability-centric security. I think ...
  • Guest Post on SecureThinking about Cyber Shockwave
    BT asked me to write a guest post on their blog, so I provided a new Reaction to Cyber Shockwave . I hadn't really addressed one of the...
  • Review of Web Security Testing Cookbook Posted
    Amazon.com just posted my five star review of Web Security Testing Cookbook by Paco Hope and Ben Walther. From the review : I just wrote ...
  • Review of The Web Application Hacker's Handbook Posted
    Amazon.com just posted my five star review of The Web Application Hacker's Handbook by Dafydd Stuttard and Marcus Pinto. From the rev...
  • Bejtlich Returns to PaulDotCom Podcast
    The guys at PaulDotCom posted the podcast .mp3 (39 MB) they conducted last week . It was another debate between myself and Ron Gula. We ...
  • Bejtlich Teaching Special Session of TCP/IP Weapons School at GTEC DC
    Through a custom arrangement with Black Hat I am pleased to announce that I will teach a special session of TCP/IP Weapons School 3.0 at t...

Categories

  • afcert
  • Air Force
  • analysis
  • announcement
  • apt
  • attribution
  • bestbook
  • blackhat
  • books
  • breakers
  • bro
  • bruins
  • certification
  • china
  • cisco
  • cissp
  • cloud
  • clowns
  • commodore
  • conferences
  • controls
  • correlation
  • counterintelligence
  • cybercommand
  • cyberwar
  • dfm
  • education
  • engineering
  • feds
  • fisma
  • freebsd
  • GE
  • ge-cirt
  • hakin9
  • history
  • impressions
  • information warfare
  • ipv6
  • law
  • leadership
  • malware
  • mandiant
  • microsoft
  • mssp
  • nsm
  • offense
  • oisf
  • packetstash
  • philosophy
  • pirates
  • powerpoint
  • press
  • psirt
  • reading
  • redteam
  • reviews
  • russia
  • sans
  • sec
  • sguil
  • snorby
  • spying
  • threat model
  • threats
  • Traffic Talk
  • training
  • tufte
  • tv
  • ubuntu
  • usenix
  • verizon
  • vulnerabilities
  • wisdom
  • writing

Blog Archive

  • ►  2013 (16)
    • ►  September (1)
    • ►  August (1)
    • ►  June (2)
    • ►  April (2)
    • ►  March (1)
    • ►  February (3)
    • ►  January (6)
  • ►  2012 (60)
    • ►  December (4)
    • ►  November (5)
    • ►  October (3)
    • ►  September (10)
    • ►  August (2)
    • ►  July (6)
    • ►  June (6)
    • ►  May (4)
    • ►  April (2)
    • ►  March (9)
    • ►  February (6)
    • ►  January (3)
  • ►  2011 (108)
    • ►  December (3)
    • ►  November (7)
    • ►  October (11)
    • ►  September (9)
    • ►  August (18)
    • ►  July (10)
    • ►  June (5)
    • ►  May (4)
    • ►  April (13)
    • ►  March (17)
    • ►  February (2)
    • ►  January (9)
  • ►  2010 (193)
    • ►  December (14)
    • ►  November (11)
    • ►  October (6)
    • ►  September (16)
    • ►  August (15)
    • ►  July (26)
    • ►  June (15)
    • ►  May (15)
    • ►  April (15)
    • ►  March (16)
    • ►  February (19)
    • ►  January (25)
  • ▼  2009 (123)
    • ►  December (10)
    • ►  November (17)
    • ►  October (21)
    • ►  September (13)
    • ►  August (20)
    • ▼  July (21)
      • Thoughts from Black Hat USA 2009
      • What is Cloud?
      • Notes from OISF Meeting in DC
      • Guest Post at Fudsec.com
      • Review of Voice over IP Security Posted
      • Direct Financial Cost of Intrusions
      • SANS Forensics and Incident Response 2009 Summit R...
      • Free Issue of Linux+ Magazine Posted
      • Review of vi(1) Tips Posted
      • Cisco Routers for the Desperate, 2nd Ed
      • White Hat Budgeting
      • FreeBSD Pf and Tftp-proxy
      • Review of Practical Intrusion Analysis Posted
      • Must-Read Verizon Post Demolishes More Myths
      • Review of Security Monitoring Posted
      • You Down with APT?
      • Traffic Talk 6 Posted
      • Still Blogging
      • Bejtlich on Black Hat Briefings Panel
      • Review of Hacking Exposed: Windows, 3rd Ed Posted
      • NSA to "Screen" .gov Now, I Predict .com Later
    • ►  June (21)
Powered by Blogger.

About Me

Unknown
View my complete profile