Browse by Area
How to Use This Library
Each link is chosen because it is stable, widely cited, or directly useful in practical work. If a topic feels overwhelming, start with one standard, one tool, and one lab exercise, then iterate.
Library
Network security is easiest to learn when you anchor your understanding in primary sources. This page brings together standards, authoritative guidance, tool documentation, and a small set of classic papers that shaped modern network monitoring and intrusion detection.
Standards and RFCs
Frameworks and Guidance
- NIST Cybersecurity Framework
- NIST SP 800-61r3 (Incident Response, final)
- CIS Controls v8
- MITRE ATT&CK
- CISA Known Exploited Vulnerabilities Catalog
Visibility and Detection
- Wireshark Documentation
- Zeek Documentation
- Zeek Research Publications List
- Suricata Documentation
- Nmap Reference Guide
Cloud and Zero Trust
- NIST SP 800-207 (Zero Trust Architecture)
- AWS Documentation
- Microsoft Azure Documentation
- Google Cloud Documentation
Foundational Papers
Reading a few classic papers helps you see why modern tools look the way they do. These are well known, widely cited starting points.
- Bro: A System for Detecting Network Intruders in Real-Time (USENIX, page)
- Bro paper PDF (USENIX legacy)
- Snort: Lightweight Intrusion Detection for Networks (USENIX, PDF)
Practice Platforms
What JINS Prioritizes
-
Primary Sources First
Standards, vendor docs, and reputable frameworks come before summaries.
-
Evidence-Driven Thinking
Traffic captures, logs, and reproducible steps are how you learn faster.