Security Intelligence: A Practitioner's Guide to Solving Enterprise Security Challenges

I enjoyed this book, it provides a great analysis of proxy deployments, usage, technical aspects and processes. Security ideas are also provided and issues for malware and policy enforcement although on the malware side it more conveys ideas or other research and I felt this could have been better used in chapter 5 "malnet detection techniques".Chapter 4 provided a great overview of malware distribution concepts and threats but than chapter 5 becomes a high level concept of machine learning, research or naming of product areas and while important this could have been greatly improved by covering web exploits, malware distribution and detection even over several chapters in a more general way that could be applied through proxy, malware or log analysis so I feel this was a missed opportunity to elevate these central chapters.There is good overviews of application detections, data storage concepts etc later in the book also and enough topics are covered to make it interesting. Also while the book stays largely vendor agnostic which is a major plus each product area covered lines up to the different author's company although this is understandable. So to sum up:- Great overview of proxy setups and inner workings which is vendor agnostic. Overall the book is wonderfully detailed about proxy inner workings.- Great analysis of creating proxy policies but more importantly the technical application of it and its working.- Does dive into machine learning concepts in terms of malware detection, proxy application detection etc which while great for understanding proxies and thus learning to make more accurate analysis of suitable solutions unless you are actively implementing such technologies provides little applicable information.This overview of machine learning & classification concepts I feel is important as many security books shy away from this but given more products touting machine learning security applications in some form and both the need to understand & validate such claims and also future applications of machine learning in computer security in the future so it is welcome.- Missed opportunity on the malware/malnet detection chapter. I would rather have seen discussions and analysis of exploit kits/drive by exploits, malware detection, emulation and sandboxing and generally hunting out threats through web crawlers, honeyclients etc in detail rather than just a passing mention although this could be an entire book in itself.So I would say if you have to look after proxies this is a great book while also expanding your knowledge in other areas even though these areas could have done with a combination of more general application.