A01=James Bonifield
Ansible
Author_James Bonifield
blood
business
Category=JKVF1
Category=UM
Category=UNC
Category=UNF
Category=UR
Category=UTN
Category=UY
cloud computing
computer
computer books
computer networking
computer networks
computer science
computer security
computers
cyber security
cyber security books
cybersecurity
data engineering
data transfer
database
databases
elastic
Elastic Search
ELK Stack
eq_bestseller
eq_computing
eq_isMigrated=1
eq_isMigrated=2
eq_nobargain
eq_non-fiction
eq_society-politics
Git
guide
hackers
hacking
hacking books
information security
log
logging
logs
Logstash
network
network security
networking
penetration test
penetration testing
practical cybersecurity architecture
practical linux forensics
privacy
problem solving
radiation
Redis
security
security engineering
Splunk
SSH
Syslog
tech
technology
TLS
Product details
- ISBN 9781718504028
- Weight: 369g
- Dimensions: 177 x 234mm
- Publication Date: 26 Aug 2025
- Publisher: No Starch Press,US
- Publication City/Country: US
- Product Form: Paperback
Secure
checkout
Fast Shipping
Easy returns
When a cyber security incident occurs, how does anyone know? Data must leave workstations and servers, bounce across the network, and land in a central database before analysts can use it. This project-based book covers that complex space between an organization's computers and the security analyst tasked with protecting them. The guidance is straightforward, and the focus is on streamlining the process of gathering, transforming, and storing cybersecurity data using free and open-source tools. The author elaborates on core but often overlooked logging strategies, while also emphasizing the importance of standardizing data, using encryption to protect transmitted data, and creating 'data pipelines' that support cybersecurity, data analytics, and automation needs alike. You'll how to: Implement core logging strategies using free tools such as Elastic stack; Transform data to fit your needs, and configure your tools to send it back and forth; Secure your logging infrastructure by encrypting connections using TLS and SSH; Handle version control and backups with Git, and improve your efficiency with caching. By the end, you'll know how to enrich your security data, protect it from unauthorized parties, and automate your workflow in the process - leaving more room for creative thinking.
James Bonifield has over a decade of experience analyzing malicious activity, implementing data pipelines, and training others in the security industry. He has built enterprise-scale log solutions, automated detection workflows, and led analyst teams investigating major cyber threat actors. Bonifield holds numerous certifications and enjoys spending time with his family, traveling, and tinkering with all things security and Python related.
