SIEM technology provides real-time analysis of security alerts generated by network hardware and applications. SIEM solutions come as software, appliances, or managed services and enable companies to respond to attacks faster, log security data and generate compliance reports. In spite of the economic downturn, the Security Information and Event Management marketplace is growing rapidly. There are several factors driving the rise of the SIEM market: it is ideal for reporting and compliance, exposes internal and external threats, improves operational efficiencies while cutting administrative expenses, and the technology’s flexibility allows it to be used as a managed service.

EMC, IBM, Novell, Cisco, CheckPoint, Symantec, CA, Attachmate, Q1Labs, eIQ Networks, SenSage and others all have SIEM products. Because of the technology’s relatively new emergence in the marketplace, there are few publications that address more than one vendor’s product.  SIEM Implementation shows how to implement multiple products, and also discusses the strengths, weaknesses, and advanced tuning of these various systems.  SIEM Implementation covers the gamut of topics a network administrator or security professional needs – from basic concepts and components to high-level configuration, analysis, interpretation and response.  It aids in the performance of risk analysis, threat detection, threat analysis and threat response for IT systems and businesses of every size.

Written by security and compliance experts and speakers, Security Information and Event Management Implementation shows IT professionals how to effectively implement SIEM in order to efficiently analyze and report data, respond effectively to inside and outside threats, and follow compliance regulations. This book also shows the separate pieces that make up a complete and cohesive SIEM.  These pieces are what most small and medium size businesses are forced to implement, due to the relatively high cost to acquire, implement, maintain and reap benefits from the full scale SIEM systems.  This teaches the IT professional how to implement a more integrated collection of discrete SIEM pieces, approaching similar utility of a full featured SIEM tool.  Further, SIEM Implementation shows readers how to use the SIEM tool to develop business intelligence, beyond the realm of being just a fancy security tool.

SIEM Implementation is a valuable addition to our security plan for 2010.

Key Selling Features

• Includes a Smartbook – a knowledge base of business use cases: real world examples of business needs that can be satisfied by using a finely tuned SIEM system.
• Covers the top SIEM products/vendors: ArcSight, Q1 QRadar, and Cisco MARS
• Authors are security, SIEM, and compliance experts who speak globally around the world, are famous published authors, and have close ties with the government and multiple corporate vendors.
• Foreword by Shon Harris
• Includes product feature summaries, and analysis and trending examples
• Covers regulatory compliance issues
• Provides Incident Response solutions

Market / Audience

• Targeted at IT/security professionals and compliance professionals
• Fueled originally by stealthy threats such as worms and more recently by compliance, the SIEM market is projected to grow from about $380 million last year to $873 million in 2010, according to research firm IDC.
• RSA Security, the security division of EMC, estimates that the SIEM market is expanding at a rate of between 25 percent and 35 percent annually.

Author Profiles

David R. Miller (SME, MCT, MCITPro Windows Server 2008 Enterprise Administrator, MCSE Windows NT 4.0, 2000, and Server 2003:Security, CISSP, LPT, ECSA, CEH, CWNA, CCNA, CNE, Security+, A+, N+). David is an IT security consultant specializing in information systems security, compliance and network engineering. He is a lecturer, an author and technical editor of books, curriculum, certification exams and computer based training videos. He regularly performs as a Microsoft Subject Matter Expert (SME) on product lines including Microsoft Server 2008, Microsoft Exchange Server 2007 and Microsoft Windows Vista.

Shon Harris, CISSP, is the CEO of Logical Security, a computer security consultant, a former engineer in the Air Force’s Information Warfare unit, an instructor and an author.  She has authored three best selling CISSP books, is a contributing author to the book Gray Hat Hacking, and developed a full digital information security product series for Pearson publishing.  Shon was recognized as one of the top 25 women in the Information Security field by Information Security Magazine.

Allen Harper, CISSP, is founder and president of N2NetSecurity, Inc., a consulting company specializing in advanced security and vulnerability analysis, penetration testing, SIEM implementation, and compliance. He served as a security engineer in the U.S. Department of Defense, and is a coauthor of Gray Hat Hacking.

Stephen VanDyke, CISSP, BCCPA, BCCPP, MCSA, Security+, Network+, was a founding member of the U.S. Army Reserve global network Computer Emergency Response Team and helped design and deploy its NetForensics SIEM. He implemented high end, multi-tiered security systems for the Multi-National Force – Iraq (MNFI) network.

Chris Blask, Vice President of Marketing at AlienVault, is on the faculty at the Institute for Applied Network Security, Co-founded Protego Networks (now Cisco MARS) and founded Critical Infrastructure Cybersecurity company Lofty Perch. Chris invented the BorderWare Firewall Server in the early days of the Internet Security market and built the Cisco Systems firewall business.

Other Information:

Certified Information Systems Security Professional (CISSP)