![\"SIEMbooks\"](\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2016\/03\/SIEMbooks.jpg\")
Security Information and Event Management (SIEM) \u00a0solutions are an essential part of the enterprise security toolkit, but they\u2019re also some of the most complicated products on the market.<\/p>\nSecurity Information and Event Management (SIEM) \u00a0solutions are an essential part of the enterprise security toolkit, but they\u2019re also some of the most complicated products on the market.<\/p>\n
For those information security professionals trying to push their organization into the modern era of SIEM, it can be difficult to know where to start. IT workers and CISOs looking for a new SIEM solution need a comprehensive overview in order to correctly plan, assess and deploy the right SIEM solutions for their organization and device a strong business case for the technology.<\/p>\n
There are loads of free resources available online (such as Solutions Review\u2019s best practices articles, solutions directories, and buyer\u2019s guides<\/a>), and those resources are great, but sometimes it\u2019s best to do things the old-fashioned way\u2026 there are few resources that can match the in-depth, comprehensive detail of good books about SIEM.<\/p>\n We compiled a short list of the top twelve introductory books about SIEM and log management available today, listed in no particular order. We have also built a small SIEM book library<\/a> on this site which you can access here.<\/p>\n Please note that several of these books about SIEM have been in print for years and will not be up-to-date on the current range of SIEM solutions on the market. However, despite their age these books about SIEM still function well as high-altitude introductions to concepts and ideas that professionals building SIEM business plans need to be familiar with.<\/p>\n Security Information and Event Management (SIEM) Implementation (Network Pro Library)\u00a0<\/strong> “The book explains how to implement SIEM products from different vendors, and discusses the strengths, weaknesses, and advanced tuning of these systems. You\u2019ll also learn how to use SIEM capabilities for business intelligence. Real-world case studies are included in this comprehensive resource.”<\/em> Security Risk Management: Building an Information Security Risk Management Program from the Ground Up<\/strong> “This book will help you to break free from the so-called ‘best practices’ argument by articulating risk exposures in business terms. You will learn techniques for how to perform risk assessments for new IT projects, how to efficiently manage daily risk activities, and how to qualify the current risk level for presentation to executive level management. While other books focus entirely on risk analysis methods, this is the first comprehensive guide for managing security risks.”<\/em> Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management<\/strong> “The book consists of 22 chapters that cover the basics of log data; log data sources; log storage technologies; a case study on how Syslog-ng is deployed in a real environment for log collection; covert logging; planning and preparing for the analysis log data; simple analysis techniques; and tools and techniques for reviewing logs for potential problems.”<\/em> Data-Driven Security: Analysis, Visualization and Dashboards<\/strong> “Everything in this book will have practical application for information security professionals.”<\/em> Network Security Through Data Analysis: Building Situational Awareness<\/strong> “Divided into three sections, this book examines the process of collecting and organizing data, various tools for analysis, and several different analytic scenarios and techniques. It\u2019s ideal for network administrators and operational security analysts familiar with scripting.”<\/em> by Corey Schou and Steve Hernandez<\/p>\n “This practical resource leads you through building an IT strategy and offers an organizational approach to identifying, implementing, and controlling information assurance initiatives for small businesses and global enterprises alike.”<\/em><\/p>\n “Common threats and vulnerabilities are described and applicable controls based on risk profiles are provided. Practical information assurance application examples are presented for select industries, including healthcare, retail, and industrial control systems. Chapter-ending critical thinking exercises reinforce the material covered. An extensive list of scholarly works and international government standards is also provided in this detailed guide.”<\/em> by Chris Davis and Mike Schiller<\/p>\n “Fully updated to cover leading-edge tools and technologies, IT Auditing: Using Controls to Protect Information Assets, Second Edition<\/i>, explains, step by step, how to implement a successful, enterprise-wide IT audit program. New chapters on auditing cloud computing, outsourced operations, virtualization, and storage are included.<\/em><\/p>\n This comprehensive guide describes how to assemble an effective IT audit team and maximize the value of the IT audit function. In-depth details on performing specific audits are accompanied by real-world examples, checklists and valuable templates.”<\/em> by James Stewart, Mike Chapple and Darril Gibson<\/p>\n “Covers 100% of exam 2015 CISSP (ISC)2 candidate information bulletin objectives including, Access Control, Application Development Security, Business Continuity and Disaster Recovery Planning, Cryptography and much more.<\/em><\/p>\n …Coverage of all of the exam topics in the book means you’ll be ready for: Security and Risk Management Asset Security, Security Engineering Communication and Network Security, Identity and Access Management, Security Assessment, and Testing Security Operations Software Development Security.”<\/em><\/p>\n Learn More<\/a> by N. K. McCarthy, Matthew Todd, Jeff Klaben<\/p>\n “Shows you how to build and manage successful response plans for the cyber incidents that have become inevitable for organizations of any size. Find out why these plans work. Learn the step-by-step process for developing and managing plans.<\/em><\/p>\n -Contains the essentials for developing both data breach and malware outbreak response plans\u2015and best practices for maintaining those plans<\/em><\/p>\n -Features ready-to-implement CIRPs\u2015derived from living incident response plans that have survived the rigors of repeated execution and numerous audits<\/em><\/p>\n -Clearly explains how to minimize the risk of post-event litigation, brand impact, fines and penalties\u2015and how to protect shareholder value<\/em><\/p>\n -Supports corporate compliance with industry standards and requirements, including PCI, HIPAA, SOX, and CA SB-24<\/em>“<\/em><\/p>\n Learn More<\/a><\/p>\n by Richard Bejtlich<\/p>\n “There’s no foolproof way to keep attackers out of your network. But when they get in, you’ll be prepared. The Practice of Network Security Monitoring will show you how to build a security net to detect, contain, and control them.<\/em><\/p>\n In The Practice of Network Security Monitoring<\/i>, Mandiant CSO Richard Bejtlich shows you how to use NSM to add a robust layer of protection around your networks \u2014 no prior experience required. To help you avoid costly and inflexible solutions, he teaches you how to deploy, build, and run an NSM operation using open source software and vendor-neutral tools.”<\/em> Learn More<\/a><\/p>\n by Caroline Wong<\/p>\n “Learn how to communicate the value of an information security program, enable investment planning and decision making, and drive necessary change to improve the security of your organization. Security Metrics: A Beginner’s Guide<\/i> explains, step by step, how to develop and implement a successful security metrics program.<\/em><\/p>\n This practical resource covers project management, communication, analytics tools, identifying targets, defining objectives, obtaining stakeholder buy-in, metrics automation, data quality, resourcing and cloud-based security metrics.”<\/em> Learn More<\/a><\/p>\n by Stuart McClure, Joe Scambray, and George Kurtz<\/p>\n “Bolster your system\u2019s security and defeat the tools and tactics of cyber-criminals with advice and defense strategies from the world-renowned Hacking Exposed team. Case studies expose the hacker\u2019s latest devious methods and illustrate field-tested remedies.<\/em><\/p>\n Find out how to block infrastructure hacks, minimize advanced persistent threats, neutralize malicious code, secure web and database applications, and fortify UNIX networks.Hacking Exposed 7: Network Security Secrets & Solutions<\/i> contains all-new visual maps and a comprehensive \u201ccountermeasures cookbook.\u201d “<\/em> Learn More<\/a><\/p>\n by Chris Sanders and Jason Smith<\/p>\n “Applied Network Security Monitoring is the essential guide to becoming an NSM analyst from the ground up. This book takes a fundamental approach, complete with real-world examples that teach you the key concepts of NSM.<\/em><\/p>\n The book follows the three stages of the NSM cycle: collection, detection, and analysis. As you progress through each section, you will have access to insights from seasoned NSM professionals while being introduced to relevant, practical knowledge that you can apply immediately.”<\/em><\/p>\n Learn More<\/a><\/p>\n by Don Murdoch<\/p>\n
Widget not in any sidebars
<\/p>\n
\nby David R. Miller, Shon Harris, Alan Harper, Stephen VanDyke, and Chris Blask
\n![\"\"](\"https:\/\/ws-na.amazon-adsystem.com\/widgets\/q?_encoding=UTF8&ASIN=0071701095&Format=_SL160_&ID=AsinImage&MarketPlace=US&ServiceVersion=20070822&WS=1&tag=solutionsre04-20\")
\n“Effectively manage the security information and events produced by your network with help from this authoritative guide. Written by IT security experts, Security Information and Event Management (SIEM) Implementation shows you how to deploy SIEM technologies to monitor, identify, document, and respond to security threats and reduce false-positive alerts.<\/em><\/p>\n
\nLearn More<\/a><\/p>\n
\n
\nby Evan Wheeler
\n![\"\"](\"https:\/\/ws-na.amazon-adsystem.com\/widgets\/q?_encoding=UTF8&ASIN=B004YKEANK&Format=_SL160_&ID=AsinImage&MarketPlace=US&ServiceVersion=20070822&WS=1&tag=solutionsre04-20\")
\nThe goal of Security Risk Management is to teach you practical techniques that will be used on a daily basis\u00a0while also explaining the fundamentals so you understand the rationale behind these practices. Security professionals often fall into the trap of telling the business that they need to fix something, but they can\u2019t explain why.<\/em><\/p>\n
\nLearn More<\/a><\/p>\n
\n
\nby Anton A. Chuvakin and Kevin J. Schmidt
\n![\"\"](\"https:\/\/ws-na.amazon-adsystem.com\/widgets\/q?_encoding=UTF8&ASIN=1597496359&Format=_SL160_&ID=AsinImage&MarketPlace=US&ServiceVersion=20070822&WS=1&tag=solutionsre04-20\")
\n“Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management introduces information technology professionals to the basic concepts of logging and log management. It provides tools and techniques to analyze log data and detect malicious activity.<\/em><\/p>\n
\nLearn More<\/a><\/p>\n
\n
\nby Jay Jacobs and Bob Rudis
\n![\"\"](\"https:\/\/ws-na.amazon-adsystem.com\/widgets\/q?_encoding=UTF8&ASIN=1118793722&Format=_SL160_&ID=AsinImage&MarketPlace=US&ServiceVersion=20070822&WS=1&tag=solutionsre04-20\")
\n“Security professionals need all the tools at their disposal to increase their visibility in order to prevent security breaches and attacks. This careful guide explores two of the most powerful data analysis and visualization. You’ll soon understand how to harness and wield data, from collection and storage to management and analysis as well as visualization and presentation. Using a hands-on approach with real-world examples, this book shows you how to gather feedback, measure the effectiveness of your security methods, and make better decisions.<\/em><\/p>\n
\nLearn More<\/a><\/p>\n
\n
\nby Michael S. Collins
\n![\"\"](\"https:\/\/ws-na.amazon-adsystem.com\/widgets\/q?_encoding=UTF8&ASIN=1449357903&Format=_SL160_&ID=AsinImage&MarketPlace=US&ServiceVersion=20070822&WS=1&tag=solutionsre04-20\")
\n“Traditional intrusion detection and log file analysis are no longer enough to protect today\u2019s complex networks. In this practical guide, security researcher Michael Collins shows you several techniques and tools for collecting and analyzing network traffic datasets. You\u2019ll understand how your network is used, and what actions are necessary to protect and improve it.<\/em><\/p>\n
\nLearn More<\/a>![\"\"](\"https:\/\/ir-na.amazon-adsystem.com\/e\/ir?t=solutionsre04-20&l=as2&o=1&a=0071821651\")
\n![\"\"](\"https:\/\/ws-na.amazon-adsystem.com\/widgets\/q?_encoding=UTF8&ASIN=0071821651&Format=_SL160_&ID=AsinImage&MarketPlace=US&ServiceVersion=20070822&WS=1&tag=solutionsre04-20\")
Effective Computer Security and Risk Management Strategies<\/a><\/h5>\n
\nLearn More<\/a><\/p>\n
\n![\"\"](\"https:\/\/ws-na.amazon-adsystem.com\/widgets\/q?_encoding=UTF8&ASIN=0071742387&Format=_SL160_&ID=AsinImage&MarketPlace=US&ServiceVersion=20070822&WS=1&tag=solutionsre04-20\")
![\"\"](\"https:\/\/ir-na.amazon-adsystem.com\/e\/ir?t=solutionsre04-20&l=as2&o=1&a=0071742387\")
\nLearn More<\/a>![\"\"](\"https:\/\/ir-na.amazon-adsystem.com\/e\/ir?t=solutionsre04-20&l=as2&o=1&a=1119042712\")
\n![\"\"](\"https:\/\/ws-na.amazon-adsystem.com\/widgets\/q?_encoding=UTF8&ASIN=1119042712&Format=_SL160_&ID=AsinImage&MarketPlace=US&ServiceVersion=20070822&WS=1&tag=solutionsre04-20\")
CISSP Certified Information Systems Security Professional Study Guide<\/a><\/h5>\n
![\"\"](\"https:\/\/ir-na.amazon-adsystem.com\/e\/ir?t=solutionsre04-20&l=as2&o=1&a=007179039X\")
\n![\"\"](\"https:\/\/ws-na.amazon-adsystem.com\/widgets\/q?_encoding=UTF8&ASIN=007179039X&Format=_SL160_&ID=AsinImage&MarketPlace=US&ServiceVersion=20070822&WS=1&tag=solutionsre04-20\")
The Computer Incident Response Planning Handbook<\/a><\/h5>\n
\n![\"\"](\"https:\/\/ws-na.amazon-adsystem.com\/widgets\/q?_encoding=UTF8&ASIN=1593275099&Format=_SL160_&ID=AsinImage&MarketPlace=US&ServiceVersion=20070822&WS=1&tag=solutionsre04-20\")
The Practice of Network Security Monitoring<\/a><\/h5>\n
![\"\"](\"https:\/\/ir-na.amazon-adsystem.com\/e\/ir?t=solutionsre04-20&l=as2&o=1&a=0071744002\")
\n![\"\"](\"https:\/\/ws-na.amazon-adsystem.com\/widgets\/q?_encoding=UTF8&ASIN=0071744002&Format=_SL160_&ID=AsinImage&MarketPlace=US&ServiceVersion=20070822&WS=1&tag=solutionsre04-20\")
Security Metrics – A Beginner’s Guide (1st Edition)<\/a><\/h5>\n
![\"\"](\"https:\/\/ir-na.amazon-adsystem.com\/e\/ir?t=solutionsre04-20&l=as2&o=1&a=0071780289\")
\n![\"\"](\"https:\/\/ws-na.amazon-adsystem.com\/widgets\/q?_encoding=UTF8&ASIN=0071780289&Format=_SL160_&ID=AsinImage&MarketPlace=US&ServiceVersion=20070822&WS=1&tag=solutionsre04-20\")
Hacking Exposed 7: Network Security Secrets and Solutions<\/a><\/h5>\n
![\"\"](\"https:\/\/ir-na.amazon-adsystem.com\/e\/ir?t=solutionsre04-20&l=as2&o=1&a=0124172083\")
\n![\"\"](\"https:\/\/ws-na.amazon-adsystem.com\/widgets\/q?_encoding=UTF8&ASIN=0124172083&Format=_SL160_&ID=AsinImage&MarketPlace=US&ServiceVersion=20070822&WS=1&tag=solutionsre04-20\")
Applied Network Security Monitoring: Collection, Detection & Analysis<\/a><\/h5>\n
\n![\"\"](\"https:\/\/ws-na.amazon-adsystem.com\/widgets\/q?_encoding=UTF8&ASIN=1500734756&Format=_SL160_&ID=AsinImage&MarketPlace=US&ServiceVersion=20070822&WS=1&tag=solutionsre04-20\")
Blue Team Handbook: Incident Response Edition<\/a><\/h5>\n
![\"\"](\"https:\/\/ir-na.amazon-adsystem.com\/e\/ir?t=solutionsre04-20&l=as2&o=1&a=0071701095\")
![\"\"](\"https:\/\/ir-na.amazon-adsystem.com\/e\/ir?t=solutionsre04-20&l=as2&o=1&a=B004YKEANK\")
![\"\"](\"https:\/\/ir-na.amazon-adsystem.com\/e\/ir?t=solutionsre04-20&l=as2&o=1&a=1597496359\")
![\"\"](\"https:\/\/ir-na.amazon-adsystem.com\/e\/ir?t=solutionsre04-20&l=as2&o=1&a=1118793722\")
![\"\"](\"https:\/\/ir-na.amazon-adsystem.com\/e\/ir?t=solutionsre04-20&l=as2&o=1&a=1449357903\")