Security Information and Event Management

SIEM Implementation

David Miller, Shon Harris, Allen Harper , Stephen VanDyke

$182.95 $164.43

Paperback

Not in-store but you can order this
How long will it take?

Availability Information

We source books from suppliers in Australia and overseas. For books we don't currently have in stock, the time it takes to get them from our suppliers can vary widely - from a few days to a few months - so we check each book with each supplier to determine the expected time it will take to be supplied to us.

We then advise you accordingly. If the time taken to get any book is too long for you, you can let us know and we will cancel or adjust your order, and refund as required.

To find out the anticipated arrival time for specific items prior to ordering, please contact us by phone or email:

Phone +61 2 9264 3111, or 1800 4 BOOKS (1800 4 26657) if outside Sydney:
option 1 Abbey's Bookshop (Crime, History, Science, Kids & more) • info@abbeys.com.au
option 2 Language Book Centre (ESL & Foreign Languages) • language@abbeys.com.au
option 3 Galaxy Bookshop (Sci-fi, Fantasy, Romance, Graphic Novels) • sf@galaxybooks.com.au

QTY:

English

Osborne/McGraw-Hill
25 October 2010

Network programming; Computer networking & communications

Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product.

Implement a robust SIEM system

Effectively manage the security information and events produced by your network with help from this authoritative guide. Written by IT security experts, Security Information and Event Management (SIEM) Implementation shows you how to deploy SIEM technologies to monitor, identify, document, and respond to security threats and reduce false-positive alerts. The book explains how to implement SIEM products from different vendors, and discusses the strengths, weaknesses, and advanced tuning of these systems. You’ll also learn how to use SIEM capabilities for business intelligence. Real-world case studies are included in this comprehensive resource.

Assess your organization’s business models, threat models, and regulatory compliance requirements Determine the necessary SIEM components for small- and medium-size businesses Understand SIEM anatomy—source device, log collection, parsing/normalization of logs, rule engine, log storage, and event monitoring

Develop an effective incident response program Use the inherent capabilities of your SIEM system for business intelligence Develop filters and correlated event rules to reduce false-positive alerts Implement AlienVault’s Open Source Security Information Management (OSSIM) Deploy the Cisco Monitoring Analysis and Response System (MARS) Configure and use the Q1 Labs QRadar SIEM system Implement ArcSight Enterprise Security Management (ESM) v4.5

Develop your SIEM security analyst skills

By: David Miller, Shon Harris, Allen Harper, Stephen VanDyke, Chris Blask
Imprint: Osborne/McGraw-Hill
Country of Publication: United States
Dimensions: Height: 231mm, Width: 185mm, Spine: 20mm
Weight: 759g
ISBN: 9780071701099
ISBN 10: 0071701095
Pages: 464
Publication Date: 25 October 2010
Audience: Professional and scholarly , Undergraduate
Format: Paperback
Publisher's Status: Active

Part I: Introduction to SIEM: Threat Intelligence for IT Systems Chapter 1 Business Models Chapter 2 Threat Models Chapter 3 Regulatory Compliance Part II: IT Threat Intelligence Using SIEM Systems Chapter 4 SIEM Concepts - Components for small and medium size businesses Chapter 5 The Anatomy of a SIEM Chapter 6 Incident Response Chapter 7 Using SIEM for Business Intelligence Part III: SIEM Tools Chapter 8 AlienVault OSSIM Implementation Chapter 9 AlienVault OSSIM Operation Chapter 10 Cisco Security-MARS Implementation Chapter 11 Cisco Security-MARS Advanced Techniques Chapter 12 Q1 Labs QRadar Implementation Chapter 13 Q1 Labs QRadar Advanced Techniques Chapter 14 ArcSight Implementation Chapter 15 ArcSight ESM Advanced Techniques Appendix: The Ways and Means of the Security Analyst

Shon Harris is the founder and CEO of Logical Security LLC, an information security consultant, a former engineer in the Air Forces Information Warfare unit, an instructor and an author. She has authored several international bestselling books on information security published by McGraw-Hill and Pearson which has sold over a million copies and have been translated into six languages. Ms. Harris authors academic textbooks, security articles for publication and is a technical editor for Information Security Magazine. Ms. Harris has consulted for a large number of organizations in every business sector (financial, medical, retail, entertainment, utility) and several U.S. government agencies over the last 18 years. Ms. Harris provides high-end, advanced and specialized consulting for organizations globally. She also works directly with law firms as a technical and expert witness on cases that range from patent infringement, criminal investigations, civil lawsuits and she specializes in cryptographic technologies. Ms. Harris has taught information security to a wide range of clients over the last 18 years, some of which have included; West Point, Microsoft, DHS, DoD, DoE, NSA, FBI, NASA, CDC, PWC, DISA, RSA, Visa, Intel, Cisco, Oracle, HP, Boeing, Northrop Grumman, Shell, Verizon, Citi, BoA, HSBC, Morgan Stanley, Symantec, Warner Brothers, Bridgestone, American Express, etc. Ms. Harris was recognized as one of the top 25 women in the Information Security field by Information Security Magazine.