RENT TEXTBOOKS

Security Information and Event Management (SIEM) Implementation

by: Miller, David; Harris, Shon; Harper, Allen; VanDyke, Stephen; Blask, Chris

ISBN: 9780071701099 | 0071701095

Edition: 1st
Format: Paperback
Publisher: McGraw-Hill Osborne Media
Pub. Date: 10/25/2010

Why Rent from Knetbooks?

Because Knetbooks knows college students. Our rental program is designed to save you time and money. Whether you need a textbook for a semester, quarter or even a summer session, we have an option for you. Simply select a rental period, enter your information and your book will be on its way!

Top 5 reasons to order all your textbooks from Knetbooks:

We have the lowest prices on thousands of popular textbooks
Free shipping both ways on ALL orders
Most orders ship within 48 hours
Need your book longer than expected? Extending your rental is simple
Our customer support team is always here to help

Summary Table of Contents Author Biography

Written by security and compliance experts and speakers, Security Information and Event Management Implementation shows IT professionals how to effectively implement SIEM in order to efficiently analyze and report data, respond effectively to inside and outside threats, and follow compliance regulations.About the Book SIEM technology provides real-time analysis of security alerts generated by network hardware and applications. SIEM solutions come as software, appliances, or managed services and enable companies to respond to attacks faster, log... MORE security data and generate compliance reports. In spite of the economic downturn, the Security Information and Event Management marketplace is growing rapidly. There are several factors driving the rise of the SIEM market: it is ideal for reporting and compliance, exposes internal and external threats, improves operational efficiencies while cutting administrative expenses, and the technology's flexibility allows it to be used as a managed service.EMC, IBM, Novell, Cisco, CheckPoint, Symantec, CA, Attachmate, Q1Labs, eIQ Networks, SenSage and others all have SIEM products. Because of the technology's relatively new emergence in the marketplace, there are few publications that address more than one vendor's product. SIEM Implementation shows how to implement multiple products, and also discusses the strengths, weaknesses, and advanced tuning of these various systems. SIEM Implementation covers the gamut of topics a network administrator or security professional needs - from basic concepts and components to high-level configuration, analysis, interpretation and response. It aids in the performance of risk analysis, threat detection, threat analysis and threat response for IT systems and businesses of every size.This book also shows the separate pieces that make up a complete and cohesive SIEM. These pieces are what most small and medium size businesses are forced to implement, due to the relatively high cost to acquire, implement, maintain and reap benefits from the full scale SIEM systems. This teaches the IT professional how to implement a more integrated collection of discrete SIEM pieces, approaching similar utility of a full featured SIEM tool. Further, SIEM Implementation shows readers how to use the SIEM tool to develop business intelligence, beyond the realm of being just a fancy security tool.SIEM Implementation is a valuable addition to our security plan for 2010.Security Plan / Pub Date Mobile Application Security - Spring 2009 Hacking Exposed Virtualization - Summer 2010 Empirical Security: Protecting Data with Metrics - Summer 2010 Security Information and Event Management (SIEM) - Summer 2010 Hacking Evolved - Fall 2010 Hacking Exposed Web Applications, 3rd Edition - Fall 2010 Hacking Exposed Wireless, 2nd Edition - Fall 2010Key Selling Features Includes a Smartbook ' a knowledge base of business use cases: real world examples of business needs that can be satisfied by using a finely tuned SIEM system. Covers the top SIEM products/vendors: ArcSight, Q1 QRadar, and Cisco MARS Authors are security, SIEM, and compliance experts who speak globally around the world, are famous published authors, and have close ties with the government and multiple corporate vendors. Foreword by Shon Harris Includes product feature summaries, and analysis and trending examples Covers regulatory compliance issues Provides Incident Response solutionsMarket / Audience Targeted at IT/security professionals and compliance professionals Fueled originally by stealthy threats such as worms and more recently by compliance, the SIEM market is projected to grow from about $380 million last year to $873 million in 2010, according to research firm IDC. RSA Security, the security division of EMC, estimates that the SIEM market is expanding at a rate of between 25 percent and 35 pe

"Effectively manage the security information and events produced by your network with help from this authoritative guide. Written by IT security experts, Security Information and Event Management (SIEM) Implementation shows you how to deploy SIEM technologies to monitor, identify, document, and respond to security threats and reduce false-positive alerts. The book explains how to implement SIEM products from different vendors, and discusses the strengths, weaknesses, and advanced tuning of these systems. You'll also learn how to use SIEM capabilities for business intelligence. Real-world case studies are included in this comprehensive resource"--

Implement a robust SIEM systemEffectively manage the security information and events produced by your network with help from this authoritative guide. Written by IT security experts,Security Information and Event Management (SIEM) Implementationshows you how to deploy SIEM technologies to monitor, identify, document, and respond to security threats and reduce false-positive alerts. The book explains how to implement SIEM products from different vendors, and discusses the strengths, weaknesses, and advanced tuning of these systems. You'll also learn how to use SIEM capabilities for business intelligence. Real-world case studies are included in this comprehensive resource. Assess your organization's business models, threat models, and regulatory compliance requirements Determine the necessary SIEM components for small- and medium-size businesses Understand SIEM anatomysource device, log collection, parsing/normalization of logs, rule engine, log storage, and event monitoring Develop an effective incident response program Use the inherent capabilities of your SIEM system for business intelligence Develop filters and correlated event rules to reduce false-positive alerts Implement AlienVault's Open Source Security Information Management (OSSIM) Deploy the Cisco Monitoring Analysis and Response System (MARS) Configure and use the Q1 Labs QRadar SIEM system Implement ArcSight Enterprise Security Management (ESM) v4.5 Develop your SIEM security analyst skills

Shows how to implement SIEM to efficiently analyze and report data, respond to inside and outside threats, and follow compliance regulations

Part I: Introduction to SIEM: Threat Intelligence for IT Systems
Chapter 1 Business Models
Chapter 2 Threat Models
Chapter 3 Regulatory Compliance
Part II: IT Threat Intelligence Using SIEM Systems
Chapter 4 SIEM Concepts - Components for small and medium size businesses
Chapter 5 The Anatomy of a SIEM
Chapter 6 Incident Response
Chapter 7 Using SIEM for Business Intelligence
Part III: SIEM Tools
Chapter 8 AlienVault OSSIM Implementation
Chapter 9 AlienVault OSSIM Operation
Chapter 10 Ci... MORE

Author Profiles
David R. Miller (SME, MCT, MCITPro Windows Server 2008 Enterprise Administrator, MCSE Windows NT 4.0, 2000, and Server 2003:Security, CISSP, LPT, ECSA, CEH, CWNA, CCNA, CNE, Security+, A+, N+). David is an IT security consultant specializing in information systems security, compliance and network engineering.

Zachary Payton (CCNP, Linux+, CEH) is President and CEO Executive Instruments, Inc., an Information Security company based in the Washington DC area.

Allen Harper (CISSP) has served in the Marine Corps for 17 years as both an enlisted Marine and an officer. Currently, he is founder and President of N2NetSecurity, Inc., a consulting company specializing in advanced security and vulnerability analysis, penetration testing, SIEM implementation, and compliance.

Chris Blask is a seasoned security technology professional with 20 years experience in engineering and marketing information technologies and is currently on faculty at the Institute for Applied Network Security and is the Vice President of Business Development at N2NetSecurity, Inc.

Steve VanDyke (CISSP, BCCPA, BCCPP, MCSA, Security+, Network+). Stephen is a security analyst and network engineer with extensive experience with military IT system deployments and specialization in all things security.

Gabriel Mino (GIAC GCIA, GCIH, GREM, SSP-DRAP, SSP-MPA, Linux+, Security+). Gabriel Mino is a highly sought after Information Security analyst and consultant, instructor, researcher, penetration tester, and intrusion detection specialist.

Please wait while this item is added to your cart...