SecurityCertified

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Sunday, July 12, 2009

Review of Practical Intrusion Analysis Posted

Posted on 5:16 AM by Unknown
Amazon.com just published my three star review of Practical Intrusion Analysis by Ryan Trost. From the review:

I must start this review by stating the lead author lists me in the Acknowledgments and elsewhere in the book, which I appreciate. I also did consulting work years ago for the lead author's company, and I know the lead author to be a good guy with a unique eye for applying geography to network security data. Addison-Wesley provided me a review copy.

I did not participate in the writing process for Practical Intrusion Analysis (PIA), but after reading it I think I know how it unfolded. The lead author had enough material to write his two main sections: ch 10, Geospatial Intrusion Detection, and ch 11, Visual Data Communications. He realized he couldn't publish a 115-page book, so he enlisted five contributing authors who wrote chapters on loosely related security topics. Finally the lead author wrote two introductory sections: ch 1, Network Overview, and ch 2, Infrastructure Monitoring. This publication-by-amalgamation method seldom yields coherent or helpful material, despite the superior production efforts of a company like Addison-Wesley. To put a point on PIA's trouble, there's only a single intrusion analyzed in the book, and it's in the lead author's core section. The end result is a book you can skip, although it would be good for chapters 4 and 10 to be published separately as digital "Short Cuts" on InformIT.



Richard Bejtlich is teaching new classes in Las Vegas in 2009. Late Las Vegas registration ends 22 July.
Email ThisBlogThis!Share to XShare to Facebook
Posted in reviews | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • Practice of Network Security Monitoring Table of Contents
    Since many of you have asked, I wanted to provide an updated Table of Contents for my upcoming book, The Practice of Network Security Monito...
  • Review of Intelligence, 4th Ed Posted
    Amazon.com just posted my five star review of Intelligence: From Secrets to Policy, 4th Ed by Mark Lowenthall . From the review : I was a...
  • Bejtlich's Thoughts on "Why Our Best Officers Are Leaving"
    Twenty-two years ago today I flew to Colorado Springs, CO and reported for Basic Cadet Training with the class of 1994 at the United States ...
  • Review of Robust Control System Networks Posted
    Amazon.com just posted my five star review of Robust Control System Networks by Ralph Langner . From the review : I am not an industrial ...
  • Mandiant APT1 Report: 25 Best Commentaries of the Last 12 Days
    Two weeks ago today our team at Mandiant was feverishly preparing the release of our APT1 report . In the twelve days that followed public...
  • Happy 7th Birthday TaoSecurity Blog
    Today, 8 January 2010, is the 7th birthday of TaoSecurity Blog . I wrote my first post on 8 January 2003 while working as an incident resp...
  • Tort Law on Negligence
    If any lawyers want to contribute to this, please do. In my post Shodan: Another Step Towards Intrusion as a Service , some comments claim ...
  • Bejtlich Teaching at Black Hat West Coast Trainings
    I'm pleased to announce that I will be teaching at  Black Hat West Coast Trainings  9-10 December 2013 in Seattle, Washington. This is a...
  • Bejtlich to Speak at SANS Forensics and Incident Response 2010
    I am pleased to announce that I will return for the third SANS WhatWorks Summit in Forensics and Incident Response in DC, 8-9 July 2010. R...
  • Bejtlich Teaching at Black Hat DC 2011
    Over the holiday break I've been putting the finishing touches on TCP/IP Weapons School 3.0 , to be presented first at Black Hat DC 2011...

Categories

  • afcert
  • Air Force
  • analysis
  • announcement
  • apt
  • attribution
  • bestbook
  • blackhat
  • books
  • breakers
  • bro
  • bruins
  • certification
  • china
  • cisco
  • cissp
  • cloud
  • clowns
  • commodore
  • conferences
  • controls
  • correlation
  • counterintelligence
  • cybercommand
  • cyberwar
  • dfm
  • education
  • engineering
  • feds
  • fisma
  • freebsd
  • GE
  • ge-cirt
  • hakin9
  • history
  • impressions
  • information warfare
  • ipv6
  • law
  • leadership
  • malware
  • mandiant
  • microsoft
  • mssp
  • nsm
  • offense
  • oisf
  • packetstash
  • philosophy
  • pirates
  • powerpoint
  • press
  • psirt
  • reading
  • redteam
  • reviews
  • russia
  • sans
  • sec
  • sguil
  • snorby
  • spying
  • threat model
  • threats
  • Traffic Talk
  • training
  • tufte
  • tv
  • ubuntu
  • usenix
  • verizon
  • vulnerabilities
  • wisdom
  • writing

Blog Archive

  • ►  2013 (16)
    • ►  September (1)
    • ►  August (1)
    • ►  June (2)
    • ►  April (2)
    • ►  March (1)
    • ►  February (3)
    • ►  January (6)
  • ►  2012 (60)
    • ►  December (4)
    • ►  November (5)
    • ►  October (3)
    • ►  September (10)
    • ►  August (2)
    • ►  July (6)
    • ►  June (6)
    • ►  May (4)
    • ►  April (2)
    • ►  March (9)
    • ►  February (6)
    • ►  January (3)
  • ►  2011 (108)
    • ►  December (3)
    • ►  November (7)
    • ►  October (11)
    • ►  September (9)
    • ►  August (18)
    • ►  July (10)
    • ►  June (5)
    • ►  May (4)
    • ►  April (13)
    • ►  March (17)
    • ►  February (2)
    • ►  January (9)
  • ►  2010 (193)
    • ►  December (14)
    • ►  November (11)
    • ►  October (6)
    • ►  September (16)
    • ►  August (15)
    • ►  July (26)
    • ►  June (15)
    • ►  May (15)
    • ►  April (15)
    • ►  March (16)
    • ►  February (19)
    • ►  January (25)
  • ▼  2009 (123)
    • ►  December (10)
    • ►  November (17)
    • ►  October (21)
    • ►  September (13)
    • ►  August (20)
    • ▼  July (21)
      • Thoughts from Black Hat USA 2009
      • What is Cloud?
      • Notes from OISF Meeting in DC
      • Guest Post at Fudsec.com
      • Review of Voice over IP Security Posted
      • Direct Financial Cost of Intrusions
      • SANS Forensics and Incident Response 2009 Summit R...
      • Free Issue of Linux+ Magazine Posted
      • Review of vi(1) Tips Posted
      • Cisco Routers for the Desperate, 2nd Ed
      • White Hat Budgeting
      • FreeBSD Pf and Tftp-proxy
      • Review of Practical Intrusion Analysis Posted
      • Must-Read Verizon Post Demolishes More Myths
      • Review of Security Monitoring Posted
      • You Down with APT?
      • Traffic Talk 6 Posted
      • Still Blogging
      • Bejtlich on Black Hat Briefings Panel
      • Review of Hacking Exposed: Windows, 3rd Ed Posted
      • NSA to "Screen" .gov Now, I Predict .com Later
    • ►  June (21)
Powered by Blogger.

About Me

Unknown
View my complete profile