Data Engineering for Cybersecurity

James Bonifield

$100

Paperback

Forthcoming
Pre-Order now

QTY:

English

No Starch Press,US
26 August 2025

Computer programming & software development; Computer security; Network security

Turn raw logs into real intelligence.

Turn raw logs into real intelligence.

Security teams rely on telemetry-the continuous stream of logs, events, metrics, and signals that reveal what's happening across systems, endpoints, and cloud services. But that data doesn't organize itself. It has to be collected, normalized, enriched, and secured before it becomes useful. That's where data engineering comes in.

In this hands-on guide, cybersecurity engineer James Bonifield teaches you how to design and build scalable, secure data pipelines using free, open source tools such as Filebeat, Logstash, Redis, Kafka, and Elasticsearch and more. You'll learn how to collect telemetry from Windows including Sysmon and PowerShell events, Linux files and syslog, and streaming data from network and security appliances. You'll then transform it into structured formats, secure it in transit, and automate your deployments using Ansible.

You'll also learn how to-

Encrypt and secure data in transit using TLS and SSH Centrally manage code and configuration files using Git Transform messy logs into structured events Enrich data with threat intelligence using Redis and Memcached Stream and centralize data at scale with Kafka Automate with Ansible for repeatable deployments

Whether you're building a pipeline on a tight budget or deploying an enterprise-scale system, this book shows you how to centralize your security data, support real-time detection, and lay the groundwork for incident response and long-term forensics.

By: James Bonifield
Imprint: No Starch Press,US
Country of Publication: United States
Dimensions: Height: 234mm, Width: 177mm,
Weight: 369g
ISBN: 9781718504028
ISBN 10: 1718504020
Pages: 336
Publication Date: 26 August 2025
Audience: Professional and scholarly , Undergraduate
Format: Paperback
Publisher's Status: Forthcoming

Acknowledgments Introduction Part I: Foundations of Secure Data Engineering Chapter 1: Data Engineering Basics Chapter 2: Network Encryption Chapter 3: Source and Configuration Management Part II: Log Extraction and Management Chapter 4: Endpoint and Network Data Chapter 5: Windows Logs Chapter 6: Integrating and Storing Data Chapter 7: Working with Syslog Data Part III: Data Transformation and Standardization Chapter 8: Data Manipulation Pipelines Chapter 9: Transformation Filters Part IV: Data Centralization, Automation, and Enrichment Chapter 10: Centralizing Security Data Chapter 11: Automating Tool Configurations Chapter 12: Ansible Tasks and Playbooks Chapter 13: Caching Threat Intelligence Data Index

James Bonifield has over a decade of experience analyzing malicious activity, implementing data pipelines, and training others in the security industry. He has built enterprise-scale log solutions, automated detection workflows, and led analyst teams investigating major cyber threat actors. Bonifield holds numerous certifications and enjoys spending time with his family, traveling, and tinkering with all things security and Python related.