Books

In this section I am posting all the books I have read or currently reading and I consider relevant for their content with this blog.

/*2016*/

Incident Response & Computer Forensics 3rd edition

Security Intelligence: A practitioner’s guide to solving enterprise security challenges

Malware forensics field guide for Windows systems

Learn about firewall design, Juniper Networks by Judy Thompson-Melanson

/*2015*/

Information Security Analytics: finding security insights, patterns and anomalies in big data 

Ten strategies of a World-Class Cybersecurity Operations Center by Carson Zimmerman

 

Python for Informatics: Exploring Information by Dr. Charles R. Severance

This is a very easy to read and understand Python book for beginners. After some time looking at resources to get my old programming skills up to date in Python I decided this would be a good start. I have a strong background in programming however I never enjoyed programming. Comparing this book with my studies in university I must say that this book will save much of the pain I had to go through to understand programming. Python is a very powerful and much simpler language than my old friends such as ADA 95, C and C++. This book provides you a good foundation in Python to move up and start programming. It is worth mentioning that this book also is in use in some of the courses offered in Coursera by the University of Michigan.

http://www.amazon.com/Python-Informatics-Dr-Charles-Severance/dp/1492339245

Android Malware and Analysis by Ken Dunham.

How to define and build an effective Cyber Threat Intelligence Capability by Henry Dalziel and Eric Olson.

Have you heard all the buzz around threat intelligence? This book will explain CTI in plain english. It is a very simple book to read and I believe it is not only useful for technical people but also for Managers and Sales. Whether you need to implement a threat intelligence program or sell your organization’s solution this book will clarify current state of the technology and market.

http://www.amazon.co.uk/Define-Effective-Threat-Intelligence-Capability/dp/0128027304/ref=sr_1_1?s=books&ie=UTF8&qid=1437158168&sr=1-1&keywords=threat+intelligence

Practical Packet Analysis: Using Wireshark to Solve Real – World Network Problems by Chris Sanders.

I chose this book to refresh some practical concepts about traffic analysis. It is a tedious book to read if you are not novice into the subject. I found particulary useful chapter 4 and 5 around the capabilities of Wireshark and how to use some features to manage and analyze pcap files

http://www.amazon.co.uk/Practical-Packet-Analysis-Wireshark-Real-World/dp/1593272669

Network Forensics Tracking Hackers Through Cyberspace by Sherri Davidoff and Jonathan Ham.

This book is a must if you are interested or currently doing network forensics and traffic analysis. It is a very technical book and requires a deep understanding of network communications to follow it through. It covers from basic to more practical issues such as traffic analysis and carving within pcap files. I liked the approach followed especially for traffic analysis, where they show all the possible strategies to follow a network investigation as well as the manual an automated tools to do so. Highly recommended for professional involved in forensics.

http://www.amazon.co.uk/Network-Forensics-Tracking-Hackers-Cyberspace/dp/0132564718

The practice of Network Security Monitoring by Richard Bejtlich

There is some overlap between this book and the previous however I found it particularly useful to deploy the Onion Linux distribution and configure it. There are other chapters in the book which take you through some of the tools and tacticts to analyze traffic, these chapters are a very good complement to the material explained in the previous book. The final chapters are dedicated to NSM operations where the subject is discussed and new approaches such as the kill chain is introduced.

http://www.amazon.co.uk/Practice-Network-Security-Monitoring-Understanding/dp/1593275099

The applied network security monitoring – collecction, detection and analysis by Chris Sanders and Jason Smith

This is the last book in network security I read, it is other must read book together with the other three above. The most important chapters which are not presented in the other books are related to collecting IOC’s, the analysis process and Incident Morbidity and Mortality. This last technique is especially important for SOC and management to establish a learning culture within the security environment.

http://www.amazon.co.uk/Applied-Network-Security-Monitoring-Collection/dp/0124172083

One thought on “Books

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s