Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

My First Book Is 20 Years Old Today

published on 2024-07-15 13:00:00 UTC by Richard Bejtlich
Content:

On this day in 2004, Addison-Wesley/Pearson published my first book, The Tao of Network Security Monitoring: Beyond Intrusion Detection.

This post from 2017 explains the differences between my first four books and why I wrote Tao

Today, I'm always thrilled when I hear that someone found my books useful. 

I am done writing books on security, but I believe the core tactics and strategies in all my books are still relevant. I'm not sure that's a good thing, though. I would have liked to not need the tactics and strategies in my book anymore. "The Cloud," along with so many other developments and approaches, was supposed to have saved us by now.

Consider this statement from a report describing CISA’s red team against a fed agency: 

“[A]ttempts to capture forensic data via packet captures occurred directly on the compromised Solaris and Windows hosts, where the red team observed the data being collected and therefore had the opportunity to disrupt collection, tamper with evidence files, and better adapt and evade their defenses.”

This is why you should not rely on EDR, either, for your only understanding of adversary activity. The adversary can shut down or alter your endpoint security tooling. For network security monitoring, you also shouldn’t collect on endpoints. Collect using network taps, or in a pinch, span ports.

There is nothing in this intrusion that would have been a surprise in 2004.

Here is the post I published in 2004 when the first copy showed up on my doorstep

 


There's nothing like getting a real copy in your hands, and I cherish that experience!

I will probably revisit this event in 5 years. See you then!

Article: My First Book Is 20 Years Old Today - published 4 months ago.

https://taosecurity.blogspot.com/2024/07/my-first-book-is-20-years-old-today.html   
Published: 2024 07 15 13:00:00
Received: 2024 10 11 17:59:03
Feed: TaoSecurity
Source: TaoSecurity
Category: Cyber Security
Topic: Cyber Security
Views: 1

Custom HTML Block

Click to Open Code Editor