Rating: 5 out of 5 stars
5/5
Ebook64 pages45 minutes
Operationalizing Information Security: Putting the Top 10 SIEM Best Practices to Work
By Scott Gordon
Rating: 0 out of 5 stars
()
About this ebook
Applying a top 10 best practices approach to leverage security information event management (SIEM), this e-book offers infosec professionals the means to gain more assured value from SIEM. Whether seeking to streamline incident response, automate compliance processes, better manage security and operational risk, or build out deployments, examine key process, metrics and technology considerations.
Author
Scott Gordon
Scott Gordon is a successful children's book author, with over two hundred books to his credit. He also writes science fiction, fantasy and horror under the pen name S.E. Gordon.
Read more from Scott Gordon
Alphabet All-Stars: Be Safe This Halloween: Alphabet All-Stars Scaredy-Monster Rating: 5 out of 5 stars5/5Alphabet All-Stars Rating: 0 out of 5 stars0 ratingsHappy New Year Rating: 0 out of 5 stars0 ratingsThe Penguin Way Rating: 0 out of 5 stars0 ratingsAlphabet All-Stars Spooktacular: 9 Spooky Halloween Stories for Children 9 and Up: Alphabet All-Stars Rating: 0 out of 5 stars0 ratings
Related to Operationalizing Information Security
Related ebooks
Security Operations: CISSP, #7 Rating: 0 out of 5 stars0 ratingsSecurity Operations Center - Analyst Guide: SIEM Technology, Use Cases and Practices Rating: 4 out of 5 stars4/5The Cybersecurity Maturity Model Certification (CMMC) – A pocket guide Rating: 0 out of 5 stars0 ratingsManaging Modern Security Operations Center & Building Perfect Career as SOC Analyst Rating: 0 out of 5 stars0 ratingsApplication Security in the ISO27001 Environment Rating: 0 out of 5 stars0 ratingsAsset Security: CISSP, #2 Rating: 0 out of 5 stars0 ratingsBuilding Effective Cybersecurity Programs: A Security Manager’s Handbook Rating: 4 out of 5 stars4/5Information Security Governance: A Practical Development and Implementation Approach Rating: 0 out of 5 stars0 ratingsApplication Security Program Handbook Rating: 0 out of 5 stars0 ratingsSecurity Operations Center - SIEM Use Cases and Cyber Threat Intelligence Rating: 0 out of 5 stars0 ratingsModern Cybersecurity Practices: Exploring And Implementing Agile Cybersecurity Frameworks and Strategies for Your Organization Rating: 0 out of 5 stars0 ratingsCyber Breach Response That Actually Works: Organizational Approach to Managing Residual Risk Rating: 0 out of 5 stars0 ratingsCybersecurity and Third-Party Risk: Third Party Threat Hunting Rating: 0 out of 5 stars0 ratingsIdentity and Access Management: CISSP, #5 Rating: 0 out of 5 stars0 ratingsSecurity Assessment and Testing: CISSP, #6 Rating: 2 out of 5 stars2/5Alice and Bob Learn Application Security Rating: 0 out of 5 stars0 ratingsSoftware Development Security: CISSP, #8 Rating: 0 out of 5 stars0 ratingsSecurity Engineering: CISSP, #3 Rating: 0 out of 5 stars0 ratingsAn Executive Guide to Identity Access Management - 2nd Edition Rating: 4 out of 5 stars4/5The Cyber Security Handbook – Prepare for, respond to and recover from cyber attacks Rating: 0 out of 5 stars0 ratingsBusiness Practical Security Rating: 0 out of 5 stars0 ratingsEffective Vulnerability Management: Managing Risk in the Vulnerable Digital Ecosystem Rating: 5 out of 5 stars5/5CompTIA CySA+ Certification The Ultimate Study Guide to Practice Questions With Answers and Master the Cybersecurity Analyst Exam Rating: 0 out of 5 stars0 ratingsCertified Cybersecurity Compliance Professional Rating: 5 out of 5 stars5/5Risk Management and Information Systems Control Rating: 5 out of 5 stars5/5Secure Your Business: Insights to Governance, Risk, Compliance & Information Security Rating: 0 out of 5 stars0 ratingsNine Steps to Success: An ISO27001:2013 Implementation Overview Rating: 1 out of 5 stars1/5Cyber Intelligence-Driven Risk: How to Build and Use Cyber Intelligence for Business Risk Decisions Rating: 0 out of 5 stars0 ratings
Security For You
CompTIA Security+ Study Guide: Exam SY0-601 Rating: 5 out of 5 stars5/5Make Your Smartphone 007 Smart Rating: 4 out of 5 stars4/5Cybersecurity For Dummies Rating: 5 out of 5 stars5/5The Hacker Crackdown: Law and Disorder on the Electronic Frontier Rating: 4 out of 5 stars4/5CompTIA Security+ Study Guide with over 500 Practice Test Questions: Exam SY0-701 Rating: 5 out of 5 stars5/5How to Become Anonymous, Secure and Free Online Rating: 5 out of 5 stars5/5IAPP CIPP / US Certified Information Privacy Professional Study Guide Rating: 0 out of 5 stars0 ratingsCybersecurity: The Beginner's Guide: A comprehensive guide to getting started in cybersecurity Rating: 5 out of 5 stars5/5Cybersecurity All-in-One For Dummies Rating: 0 out of 5 stars0 ratingsTor and the Dark Art of Anonymity Rating: 5 out of 5 stars5/5Hacking Point of Sale: Payment Application Secrets, Threats, and Solutions Rating: 5 out of 5 stars5/5Dark Territory: The Secret History of Cyber War Rating: 4 out of 5 stars4/5How to Hack Like a GOD: Master the secrets of hacking through real-life hacking scenarios Rating: 4 out of 5 stars4/5Wireless Hacking 101 Rating: 5 out of 5 stars5/5CompTIA Network+ Review Guide: Exam N10-008 Rating: 0 out of 5 stars0 ratingsSocial Engineering: The Science of Human Hacking Rating: 3 out of 5 stars3/5The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers Rating: 4 out of 5 stars4/5CompTIA Network+ Practice Tests: Exam N10-008 Rating: 0 out of 5 stars0 ratingsHacking For Dummies Rating: 4 out of 5 stars4/5How to Hack Like a Pornstar Rating: 5 out of 5 stars5/5Remote/WebCam Notarization : Basic Understanding Rating: 3 out of 5 stars3/5Hacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking Rating: 5 out of 5 stars5/5CompTia Security 701: Fundamentals of Security Rating: 0 out of 5 stars0 ratingsCISM Certified Information Security Manager Study Guide Rating: 4 out of 5 stars4/5CompTIA CySA+ Practice Tests: Exam CS0-003 Rating: 1 out of 5 stars1/5HackerTools Crack With Disassembling Rating: 2 out of 5 stars2/5Ultimate Guide for Being Anonymous: Hacking the Planet, #4 Rating: 5 out of 5 stars5/5
Related podcast episodes
Big breaches (and how to avoid them): with Neil Daswani 0% found this document usefulcybersecurity maturity model certification (CMMC) (noun) [Word Notes] 0% found this document usefulStudy Guide for SC-200: Microsoft Security Opertions Analyst 100% found this document usefulMITRE ATT&CK (noun) [Word Notes] 0% found this document usefulCybersecurity Trends and Practices 0% found this document usefulEpisode 116 Rae Baker, OSINT Analyst 0% found this document usefulCybersecurity and Hacking with Kevin Mitnick 0% found this document useful3 Must Have Skills To Land Your First Privacy Job 0% found this document usefulBreaking into the Cybersecurity Industry 0% found this document usefulStorytelling and Cybersecurity Awareness 0% found this document usefulCyber Resiliency with Sounil Yu 0% found this document useful#60 What is ISO 27017: Controls for Cloud Services 0% found this document usefulOSINT, Curiosity, Creativity, & Career Pivots: A Conversation with Rae Baker 0% found this document usefulSecurity Trends in 2023 and Beyond 0% found this document useful
Reviews for Operationalizing Information Security
Rating: 0 out of 5 stars
0 ratings
0 ratings0 reviews
Book preview
Operationalizing Information Security - Scott Gordon
Operationizing Information Security - Putting the Top 10 SIEM Best Practices To Work
Processes, Metrics and Technologies
By Scott Gordon
Copyright 2010 Scott Gordon
ISBN 978-0-615-43366-0
Smashwords Edition
~~~~
Introduction
"Ask any security practitioner about their holy grail and the answer is twofold: They want one alert specifying exactly what is broken, on just the relevant events, with the ability to learn the extent of the damage. They need to pare down billions of events into actionable information. Second, they want to make the auditor go away as quickly and painlessly as possible, which requires them to streamline both the preparation and presentation aspects of the audit process. SIEM and Log Management tools have emerged to address these needs and continue to generate a tremendous amount of interest in the market, given the compelling use cases for the technologies.
Michael Rothman, Security Industry Analyst and President of Securosis ¹
The use of Security Information and Event Management (SIEM ²) as part of an integrated security management program is an information security best practice. The SIEM market category, beyond basic event logging, has been around since circa 1990’s. Whether referring to security event management, security information management, log management systems or more modern combined industry solutions, SIEM user requirements and operational considerations have evolved. How can one ensure successful SIEM implementation and on-going improvement, while at the same time further optimize resources and accelerate return on investment?
This e-book provides guidance to operationalize information security and put the top 10 SIEM best practices to work. Rather than an exhaustive examination of SIEM, the purpose is to offer pertinent insights and details with regards to how IT organizations and information security professionals can gain more assured value from SIEM.
Whether seeking to streamline incident response, automate audit and compliance processes, better manage security and business risks, or build out your deployed SIEM - this e-book presents process, metrics and technology considerations relative to SIEM implementation and security operations.
Each of the ten chapters referenced in the Table of Contents below offers:
Overview and Highlight Processes: topic introduction, process considerations, exploring operational concerns, getting results, and avoiding common pitfalls
Recommended Metrics: the more popular SIEM dashboards, reports, alerting and related operational measurements to support security operations, incident response and compliance
Technology considerations: sources, controls and related SIEM functionality
Whether seeking to streamline incident response, automate audit and compliance processes, better manage security and business risks, or build out your deployed SIEM - this e-book presents process, metrics and technology considerations relative to SIEM implementation and security operations.
Table of Contents
Chapter 1 - What is a SIEM and What are the Top Ten SIEM Best Practices
Chapter 2 - SIEM Best Practice #1 – Monitoring and reporting requirements
Chapter 3 - SIEM Best Practice #2 – Deployment and infrastructure activation
Chapter 4 - SIEM Best Practice #3 – Compliance and audit data requirements
Chapter 5 - SIEM Best Practice #4 – Access controls
Chapter 6 - SIEM Best Practice #5 – Boundary defenses
Chapter 7 - SIEM Best Practice #6 – Network and system resource integrity
Chapter 8 - SIEM Best Practice #7 – Network and host defenses
Chapter 9 - SIEM Best Practice #8 – Malware control
Chapter 10 - SIEM Best Practice #9 – Application defenses
Chapter 11 - SIEM Best Practice #10 – Acceptable Use
Chapter 12 - Conclusion
Chapter 13 - Author, Acknowledgements, References, Use and Copyrights
Note 1 - Securosis, Understanding and Selecting SIEM and Log Management
August, 2010, www.securiosis.com
Note 2 - Within this document, log management functionality and reference will be subsumed by the term SIEM.
~~~~
Chapter 1:
What is a
Enjoying the preview?
Page 1 of 1