View in Browser
O'Reilly | No Starch PressFor Immediate Release
CONTACT:   KC Crowell
[email protected]
The Practice of Network Security Monitoring—New from No Starch Press
The Definitive Guide to Understanding Incident Detection and Response
The Practice of Network Security Monitoring
Request Review copy

San Francisco, CA, July 23, 2013—In a world of ubiquitous connectivity, everyone's information is at risk. State-sponsored digital spies, organized crime syndicates, and hacktivists seek to steal, profit from, and disrupt that information. Security technologies to stop intruders have largely failed. Can anything be done?

Richard Bejtlich's answer to this question is yes. Since 1998, Bejtlich has defended networks from digital intruders. He's seen attacks against the United States military, government agencies, Internet service providers, telecommunications carriers, universities, manufacturers, and more. To combat these intrusions, Bejtlich developed a methodology called network security monitoring (NSM). Bejtlich based NSM on his experience as an intelligence officer and computer network defender in the United States Air Force, and proved its worth in the years following his military service.

NSM is a powerful way to detect, respond to, and control intrusions on networks large and small, using open source software and industry-leading practices. In his new book, The Practice of Network Security Monitoring, (No Starch Press, July 2013, 376 pp., $49.95, ISBN 9781593275099), Bejtlich explains how to prevail against intruders: Catch them before they cause damage, using an assortment of network-centric tools and techniques. Kevin Mandia, CEO of Mandiant, calls the book "a critical resource for those tasked with safeguarding corporate secrets from unlawful, unauthorized, or unacceptable activities."

Readers of The Practice of Network Security Monitoring will learn how to:

  • Determine where to deploy NSM platforms, and size them for the monitored networks
  • Deploy stand-alone or distributed NSM installations
  • Use command line and graphical packet analysis tools and NSM consoles
  • Collect, analyze, and escalate indications and warnings when running a Computer Incident Response Team
  • Interpret network evidence from server-side and client-side intrusions
  • Extend NSM software to integrate threat intelligence to identify sophisticated threats

There's no foolproof way to keep attackers out of networks; determined attackers will get in eventually. NSM is designed to manage the inevitable, and The Practice of Network Security Monitoring will show readers how to build a security net to catch attackers before they inflict serious damage.

For more information or to request a review copy of The Practice of Network Security Monitoring, contact KC Crowell at No Starch Press ([email protected], +1.415.863.9900 or visit

About the Author

Richard Bejtlich is Chief Security Officer at Mandiant and was previously Director of Incident Response for General Electric, where he built and led the GE Computer Incident Response Team. He is a graduate of Harvard University and the United States Air Force Academy. Bejtlich’s previous works include The Tao of Network Security Monitoring, Extrusion Detection, and Real Digital Forensics (all from Addison-Wesley). He writes on his blog ( and on Twitter as @taosecurity.

Additional Resources
Preface (PDF)
Table of Contents
Detailed Table of Contents (PDF)
Chapter 1: Network Security Monitoring Rationale (PDF)
No Starch Press Catalog Page

The Practice of Network Security Monitoring The Practice of Network Security Monitoring
Publisher: No Starch Press
By Richard Bejtlich
ISBN: 9781593275099, $49.95  
July 2013, 376 pp.
[email protected]

Request Review copy

You Might Also Be Interested In:

Practical Malware Analysis
Practical Malware Analyis
The Hands-On Guide to Dissecting Malicious Software
by Michael Sikorski and Andrew Honig
Request Review copy
The IDA Pro Book, 2nd Edition /></a><br />
<a href=
The IDA Pro Book, 2nd Edition

The Unofficial Guide to the World's Most Popular Disassembler
by Chris Eagle
Request Review copy
The Penetration Tester's Guide
by David Kennedy, Jim O'Gorman, Devon Kearns, and Mati Aharoni
Request Review copy

Available in fine bookstores everywhere, from or directly from No Starch Press (, [email protected], 1-800-420-7240).

About No Starch Press
Founded in 1994, No Starch Press publishes the finest in geek entertainment—unique books on technology, with a focus on open source, security, hacking, programming, alternative operating systems, LEGO, science, and math. Our titles have personality, our authors are passionate, and our books tackle topics that people care about. No Starch Press titles have been included in the prestigious Communication Arts Design Annual and STEP Inside 100 competition, and have won the Independent Publisher Book Award (the "IPPY") from Independent Publisher magazine. Visit for a complete catalog.

About O'Reilly
O'Reilly Media spreads the knowledge of innovators through its books, online services, magazines, and conferences. Since 1978, O'Reilly Media has been a chronicler and catalyst of cutting-edge development, homing in on the technology trends that really matter and spurring their adoption by amplifying "faint signals" from the alpha geeks who are creating the future. An active participant in the technology community, the company has a long history of advocacy, meme-making, and evangelism.

# # #

O'Reilly is a registered trademark of O'Reilly Media, Inc. All other trademarks are the property of their respective owners.

Spreading the knowledge of innovators

You are receiving this email because you are a public relations contact with O'Reilly Media.

If you would like to stop receiving any and all press releases from O'Reilly, please email [email protected].

O'Reilly Media is a Distributor for No Starch Press

O'Reilly Media, Inc. 1005 Gravenstein Highway North, Sebastopol, CA 95472 (707) 827-7000
{\if {\opt_out_link} {}}