Read more
Informationen zum Autor Shon Harris is the founder and CEO of Logical Security LLC, an information security consultant, a former engineer in the Air Force’s Information Warfare unit, an instructor and an author. She has authored several international bestselling books on information security published by McGraw-Hill and Pearson which has sold over a million copies and have been translated into six languages. Ms. Harris authors academic textbooks, security articles for publication and is a technical editor for Information Security Magazine. Ms. Harris has consulted for a large number of organizations in every business sector (financial, medical, retail, entertainment, utility) and several U.S. government agencies over the last 18 years. Ms. Harris provides high-end, advanced and specialized consulting for organizations globally. She also works directly with law firms as a technical and expert witness on cases that range from patent infringement, criminal investigations, civil lawsuits and she specializes in cryptographic technologies. Ms. Harris has taught information security to a wide range of clients over the last 18 years, some of which have included; West Point, Microsoft, DHS, DoD, DoE, NSA, FBI, NASA, CDC, PWC, DISA, RSA, Visa, Intel, Cisco, Oracle, HP, Boeing, Northrop Grumman, Shell, Verizon, Citi, BoA, HSBC, Morgan Stanley, Symantec, Warner Brothers, Bridgestone, American Express, etc. Ms. Harris was recognized as one of the top 25 women in the Information Security field by Information Security Magazine. Klappentext Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product. Implement a robust SIEM system Effectively manage the security information and events produced by your network with help from this authoritative guide. Written by IT security experts, Security Information and Event Management (SIEM) Implementation shows you how to deploy SIEM technologies to monitor, identify, document, and respond to security threats and reduce false-positive alerts. The book explains how to implement SIEM products from different vendors, and discusses the strengths, weaknesses, and advanced tuning of these systems. You'll also learn how to use SIEM capabilities for business intelligence. Real-world case studies are included in this comprehensive resource. Assess your organization's business models, threat models, and regulatory compliance requirementsDetermine the necessary SIEM components for small- and medium-size businessesUnderstand SIEM anatomy-source device, log collection, parsing/normalization of logs, rule engine, log storage, and event monitoring Develop an effective incident response programUse the inherent capabilities of your SIEM system for business intelligenceDevelop filters and correlated event rules to reduce false-positive alertsImplement AlienVault's Open Source Security Information Management (OSSIM)Deploy the Cisco Monitoring Analysis and Response System (MARS)Configure and use the Q1 Labs QRadar SIEM systemImplement ArcSight Enterprise Security Management (ESM) v4.5 Develop your SIEM security analyst skills Zusammenfassung Shows how to implement SIEM to efficiently analyze and report data! respond to inside and outside threats! and follow compliance regulations Inhaltsverzeichnis Part I: Introduction to SIEM: Threat Intelligence for IT Systems Chapter 1 Business Models Chapter 2 Threat Models Chapter 3 Regulatory Compliance Part II: IT Threat Intelligence Using SIEM Systems Chapter 4 SIEM Concepts - Components for small and medium size businesses Chapter 5 The Anatomy of a SIEM Chapter 6 Incident Response Chapter 7 Using SIEM for Business Intelligence Part III: SIEM Tools Chapter 8 AlienVault OSSIM Implementation Chapter 9 AlienVa...
