NDR ESSENTIALS EBOOK

References

Drain CVR by Mandiant, 2016. Published by NIST. Read here

Cats Got Your Files: Lynx Ransomware by The DFIR Report Security Team, November 2025. Published by The DFIR Report. Read here

Can We Have NDR Please? by Anton Chuvakin, September 18, 2018. Published by Gartner. Read here

Applying Network-Centric Approaches for Threat Detection and Response, by Gartner, March 2019. Published by Gartner. Read here (login required)

Market Guide for Network Detection and Response, by Gartner, June 2020. Published by Gartner. Read here (login required)

The Tao of Network Security Monitoring: Beyond Intrusion Detection by Richard Bejtlich, 2004. Published by Addison-Wesley Professional. Learn more

New Network-Based Detections and Improved Device Discovery Using Zeek, by Elad Solomon, October 20, 2022. Published by Microsoft. Read here

Enabling SOHO Network Security Monitoring, by Richard Bejtlich, October 19, 2022. Published by Corelight. Read here

Impacket - Collection of Python classes for working with network protocols by Fortra, LLC Read here

Corelight Investigator by Corelight, Inc. Read here

Cobalt Strike, a Defender’s Guide - Part 2 by The DFIR Report. January 24, 2022 Read here