Security books, quite frankly, are pretty much a dime a dozen, most of which are written by people in IT field security. What immediately separates this book from the rest is the background of the author. Ms. Bace is an ex-government employee, spending 12 years in everyone's favorite spook organization, the National Security Agency. ...For those with functioning brains who have vested interests in InfoSec and protecting their organization from people who wish to do harm, and getting real security info ...then pick this book up. -- Slashdot.org, 1/27/2000
What differentiates Bace as an author is her purist's passion for intellectual honesty and generosity. She pays homage to the many computer security folks who preceded her, who do important, innovative work in this area, but seldom get singled out. Reading Bace's opening chapter on the history of intrusion detection is a pleasure...(Throughout the book) the technical-theoretical is balanced by real examples and real-world challenges. Her chapter dealing with legal issues should be read by every in-house attorney whose companies have hard/software components. Outside computer security firms hoping for "consulting" fees will probably memorize large chunks from the book in order to appear knowledgeable. -- CyberWire Dispatch, 1/4/2000
From the Inside Flap
What we're hearing from reviewers about Intrusion Detection... "People have been working on computer intrusion detection systems for nearly 20 years. As a researcher, I am bothered that other scientists aren't familiar with the good work that has already been done, and as a consumer, I am disconcerted that I don't have better commercial products to defend my systems. Becky Bace has been there, done that, read about it, thought about it a lot, and now written it all down. Everyone who works in intrusion detection can gain something by reading this book. You can, too." -- Eugene H. Spafford, Professor and Director of the Purdue University Center for Education and Research in Information and Security (CERIAS)
"This book serves as a fantastic reference for the history of commercial and research intrusion detection tools. Even for practitioners of intrusion detection, this book can be an eye-opener.
"Becky's book grounds the intrusion detection discussion in a way that is readable, informative, and practical." -- Gene Kim, Chief Technology Officer, Tripwire Security Systems, Inc.
"I cannot imagine a consulting expert in this field who will want to be without a copy of Becky's book. Corporate managers, directors, and legal counsel need to digest these arguments as well." -- Fred Chris Smith, Attorney, Santa Fe, New Mexico.
" There is plenty here to point the needful System Administrator in the direction of an intrusion detection system appropriate for his current envisioned needs. But this book does much more: It provides solid perspective in a field where empty claims often dominate, and it will provide insights needed to cope with situations where existing products fall short or fail altogether to protect a system. I am certain that this book will become an industry standard in intrusion detection as a discipline." -- Marvin Schaefer, Chief Scientist, Vice-President, Arca Systems
"This book bridges a critical gap in the reference market. It encompasses both the principles of intrusion detection and a wealth of specific examples, enabling the reader to form a sound basis for understanding and evaluating what is happening in the field. This book demystifies intrusion detection without oversimplifying the problem" -- Ruth Nelson, President, Information System Security