![\"The](\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/08\/SIEM-books-MOD.jpg\" "\\"The")
<\/p>\n<\/p>\n
Sometimes, the key to technological advancement is decidedly old-school.<\/span><\/p>\n Security information and event management (SIEM) is an essential component of any enterprise-level security toolbox\u2014especially as the cybersecurity paradigm shifts from a prevention-based model to a detection model.<\/span><\/p>\n Making sure your team understands your SIEM solution<\/a> is a significant and vital hurdle. SIEM does have a reputation, perhaps well-deserved, for being the most complicated of the cybersecurity fields. Your IT security team needs to understand how to manage new capabilities in your SIEM solution in order to best understand how to protect your enterprise. <\/span><\/p>\n There are loads of free resources available online (such as Solutions Review\u2019s best practices articles, solutions directories<\/a>, and buyer\u2019s guides<\/a>), and those resources are great, but sometimes it\u2019s best to do things the old-fashioned way\u2026 and there are few resources that can match the in-depth, comprehensive detail of good SIEM books.<\/span><\/p>\n We compiled a short list of the top introductory SIEM<\/a> books. We tried to keep our selection of SIEM books to within the past 5 years, and that each is its own kind of rewarding reading experience. All of them focus on what must seem like the left or right of SIEM, yet SIEM is a broad and expanding field. Network monitoring, incident response, and security operations centers all fall under its purview.\u00a0\u00a0<\/span><\/p>\n You can purchase Chris Sanders\u2019 and Jason\u2019s Smith\u2019s <\/span>Applied Network Security Monitoring: Collection, Detection, and Analysis <\/span><\/i>here<\/span><\/a>. <\/span><\/p>\n Whether you count this among endpoint security books or SIEM books, a valuable read. <\/span><\/p>\n You can purchase Richard Bejtlich\u2019s <\/span>The Practice of Network Security Monitoring: Understanding Incident Detection and Response <\/span><\/i>here<\/span><\/a>. <\/span><\/p>\n You can purchase Arun E. Thomas\u2019 <\/span>Security Operations Center – Analyst Guide: SIEM Technology, Use Cases and Practices <\/span><\/i>here<\/span><\/a>. <\/span><\/p>\n This book can be counted among both SIEM books and cybersecurity books in general. It is an essential read to security team members. \u00a0\u00a0<\/span><\/p>\n You can purchase Don Murdoch\u2019s <\/span>Blue Team Handbook <\/span><\/i>here<\/span><\/a>. \u00a0<\/span><\/p>\n One common topic among our SIEM books is incident response, and it is no surprise why. Being able to detect and respond to a threat that has already penetrated your network is of the utmost importance. <\/span><\/p>\n You can purchase Jeff Bollinger\u2019s, Brandon Enright\u2019s, and Matthew Valites\u2019 <\/span>Crafting the InfoSec Playbook <\/span><\/i>here<\/span><\/a>. <\/span><\/p>\n You can purchase Gerard Johansen\u2019s <\/span>Digital Forensics and Incident Response<\/span><\/i> here<\/span><\/a>. \u00a0<\/span><\/p>\n You can purchase Scott J. Robert\u2019s and Rebekah Brown\u2019s <\/span>Intelligence-Driven Incident Response <\/span><\/i>here<\/span><\/a>. <\/span><\/p>\n You can purchase Michael J. Melone\u2019s and Dr. Shannon Zinck\u2019s <\/span>Think Like a Hacker: A Sysadmin’s Guide to Cybersecurity <\/span><\/i>here<\/span><\/a>.<\/span><\/p>\n
Widget not in any sidebars
<\/span><\/p>\n<\/div>Applied Network Security Monitoring: Collection, Detection, and Analysis<\/b><\/h3>\nBy Chris Sanders and Jason Smith <\/span><\/h4>\n
![\"Applied](\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/08\/Applied-Network-Security-Monitoring-MOD.jpg\")
<\/a>Network security monitoring is based on the principle that prevention eventually fails. In the current threat landscape, no matter how much you try, motivated attackers will eventually find their way into your network. At that point, your ability to detect and respond to that intrusion can be the difference between a small incident and a major disaster.<\/span><\/i><\/p>\n<\/div><\/b>The Practice of Network Security Monitoring: Understanding Incident Detection and Response<\/b><\/h3>\nBy Richard Bejtlich <\/span><\/h4>\n
![\"Network](\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/08\/Network-Security-Monitoring-MOD.jpg\")
<\/a>Network security is not simply about building impenetrable walls\u2014determined attackers will eventually overcome traditional defenses. The most effective computer security strategies integrate network security monitoring (NSM): the collection and analysis of data to help you detect and respond to intrusions.<\/span><\/i><\/p>\n<\/div><\/b>Security Operations Center – Analyst Guide: SIEM Technology, Use Cases and Practices<\/b><\/h3>\nBy Arun E. Thomas<\/span><\/h4>\n
![\"security](\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/08\/Security-Operations-Center-Thomas-MOD.jpg\")
<\/a>Security analytics can be defined as the process of continuously monitoring and analyzing all the activities in your enterprise network to ensure the minimal number of occurrences of security breaches. [The] Security Analyst is the individual that is qualified to perform the functions necessary to accomplish the security monitoring goals of the organization. This book is intended to improve the ability of a security analyst to perform their day to day work functions in a more professional manner. <\/span><\/i><\/p>\n<\/div><\/b>Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber Security Incident Responder.<\/b><\/h3>\nBy Don Murdoch GSE <\/span><\/h4>\n
![\"blue](\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/08\/Blue-Team-Handbook-MOD.jpg\")
<\/a>The BTHb includes essential information in a condensed handbook format. Main topics include the incident response process, how attackers work, common tools for incident response, a methodology for network analysis, common indicators of compromise, Windows and Linux analysis processes, tcpdump usage examples, Snort IDS usage, packet headers, and numerous other quick reference topics.<\/span><\/i><\/p>\n<\/div><\/b>Crafting the InfoSec Playbook: Security Monitoring and Incident Response Master Plan<\/b><\/h3>\nBy Jeff Bollinger, Brandon Enright, and Matthew Valites<\/span><\/h4>\n
![\"Crafting](\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/08\/Crafting-the-InfoSec-Playbook-MOD.jpg\")
<\/a>Any good attacker will tell you that expensive security monitoring and prevention tools aren\u2019t enough to keep you secure. This practical book demonstrates a data-centric approach to distilling complex security monitoring, incident response, and threat analysis ideas into their most basic elements. You\u2019ll learn how to develop your own threat intelligence and incident detection strategy, rather than depend on security tools alone.<\/span><\/i><\/p>\n<\/div><\/b>Digital Forensics and Incident Response: A practical guide to deploying digital forensic techniques in response to cyber security incidents<\/b><\/h3>\nBy Gerard Johansen <\/span><\/h4>\n
![\"Digital](\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/08\/Digital-Forensics-and-Incident-Response-MOD.jpg\")
<\/a>Digital Forensics and Incident Response will guide you through the entire spectrum of tasks associated with incident response, starting with preparatory activities associated with creating an incident response plan and creating a digital forensics capability within your own organization. <\/span><\/i><\/p>\n<\/div><\/b>Intelligence-Driven Incident Response: Outwitting the Adversary<\/b><\/h3>\nBy Scott J. Roberts and Rebekah Brown <\/span><\/h4>\n
![\"Intelligence](\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/08\/Intelligence-Driven-Incident-Response-MOD.jpg\")
<\/a>Using a well-conceived incident response plan in the aftermath of an online security breach enables your team to identify attackers and learn how they operate. But, only when you approach incident response with a cyber threat intelligence mindset will you truly understand the value of that information. With this practical guide, you\u2019ll learn the fundamentals of intelligence analysis\u2026<\/span><\/i><\/p>\n<\/div><\/b>Think Like a Hacker: A Sysadmin’s Guide to Cybersecurity<\/b><\/h3>\nBy Michael J. Melone and Dr. Shannon Zinck<\/span><\/h4>\n
![\"Thinking](\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/08\/Thinking-like-a-Hacker-MOD.jpg\")
<\/a>Targeted attack and determined human adversaries (DHA) have changed the information security game forever. Writing secure code is as important as ever; however, this satisfies only one piece of the puzzle. Effective defense against targeted attack requires IT professionals to understand how attackers use – and abuse – enterprise design to their advantage. Learn how advanced attackers break into networks. <\/span><\/i><\/p>\n
![\"Download](\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/02\/SIEM_VM_SB.jpg\")
<\/a><\/p>\n<\/div>\n\t\t<\/div><\/div><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"