English | Vietnamese
 

banner

[Rule] Rules  [Home] Main Forum  [Portal] Portal  
[Members] Member Listing  [Statistics] Statistics  [Search] Search  [Reading Room] Reading Room 
[Register] Register   [Login] Loginhttp  | https  ]
 
Forum Index Thông tin về các địa chỉ và tài liệu hữu ích Security Information and Event Management (SIEM) Implementation  XML
  [Document]   Security Information and Event Management (SIEM) Implementation 12/01/2011 07:39:38 (+0700) | #1 | 229272
[Avatar]
 Ky0shir0
Member
[Minus]    0    [Plus]
Joined: 20/08/2008 19:06:44
Messages: 298
Offline
[Profile] [PM]
Security Information and Event Management (SIEM) Implementation
David Miller, Shon Harris, Allen Harper, and Stephen VanDyke
Mc Gr aw-Hil l Osb orne Me dia | 2010 | ISBN: 0071701095 | 464 pages | PDF | 7,7 MB

Implement a robust SIEM system

Effectively manage the security information and events produced by your network with help from this authoritative guide. Written by IT security experts, Security Information and Event Management (SIEM) Implementation shows you how to deploy SIEM technologies to monitor, identify, document, and respond to security threats and reduce false-positive alerts. The book explains how to implement SIEM products from different vendors, and discusses the strengths, weaknesses, and advanced tuning of these systems. You’ll also learn how to use SIEM capabilities for business intelligence. Real-world case studies are included in this comprehensive resource.
Assess your organization’s business models, threat models, and regulatory compliance requirements
Determine the necessary SIEM components for small- and medium-size businesses
Understand SIEM anatomy—source device, log collection, parsing/normalization of logs, rule engine, log storage, and event monitoring
Develop an effective incident response program
Use the inherent capabilities of your SIEM system for business intelligence
Develop filters and correlated event rules to reduce false-positive alerts
Implement AlienVault’s Open Source Security Information Management (OSSIM)
Deploy the Cisco Monitoring Analysis and Response System (MARS)
Configure and use the Q1 Labs QRadar SIEM system
Implement ArcSight Enterprise Security Management (ESM) v4.5
Develop your SIEM security analyst skills

http://uploading.com/files/ebcab6am/0071701095Security.rar/
http://depositfiles.com/files/6t17iaxgm
http://www.filesonic.com/file/54082919/0071701095Security.rar

Nguồn: www.avaxhome.ws
[Up] [Print Copy]
  [Document]   Security Information and Event Management (SIEM) Implementation 12/01/2011 08:15:25 (+0700) | #2 | 229276
[Avatar]
 vikjava
Elite Member
[Minus]    0    [Plus]
Joined: 28/06/2004 02:32:38
Messages: 926
Location: NQN
Offline
[Profile] [PM]
Cảm ơn Ky0shir0 nhiều, mình đang tìm hiểu về phần này smilie
[Up] [Print Copy]
  [Document]   Security Information and Event Management (SIEM) Implementation 13/01/2011 08:56:44 (+0700) | #3 | 229355
[Avatar]
 lQ
Moderator
Joined: 29/03/2005 17:06:20
Messages: 494
Offline
[Profile] [PM]
Dr. Anton Chuvakin có 1 bài review về cuốn sách này tại địa chỉ http://chuvakin.blogspot.com/2011/01/book-review-security-information-and.html.

Để tránh mất thời gian, tui cũng khuyên như ông Anton là ko nên đọc chương Deploy the Cisco Monitoring Analysis and Response System (MARS). Lý do là vì đám Cisco CSIRT không dùng sản phẩm của nó (MARS) mà lại dùng của hãng khác.

vikjava / Ky0shir0 đọc xong làm 1 bài review rồi chấm điểm (1-5 *) cho cuốn này nhé.
[Up] [Print Copy]
  [Document]   Security Information and Event Management (SIEM) Implementation 13/01/2011 09:13:18 (+0700) | #4 | 229359
[Avatar]
 vikjava
Elite Member
[Minus]    0    [Plus]
Joined: 28/06/2004 02:32:38
Messages: 926
Location: NQN
Offline
[Profile] [PM]
Hihi cái ông Dr. Anton Chuvakin là tác giả của cuốn PCI Compliance: Understand and Implement Effective PCI Data Security Standard Compliance, em cũng đang tìm cuốn này tham khảo.

@anh lQ : đọc để bổ sung thêm kiến thức thui chứ chấm điểm thì em chưa có khả năng đó smilie
[Up] [Print Copy]
  [Document]   Security Information and Event Management (SIEM) Implementation 13/01/2011 10:43:01 (+0700) | #5 | 229366
antiadmin
Member
[Minus]    0    [Plus]
Joined: 29/09/2008 17:48:32
Messages: 17
Offline
[Profile] [PM]
Bổ xung thêm cuốn này nữa cho các anh em tham khảo




http://www.mediafire.com/?2odzzbm4dqy

Bạn nào đã đánh giá, triển khai mấy solution này rồi chia sẻ kinh nghiệm cho mọi người tham khảo với.
[Up] [Print Copy]
[digg] [delicious] [google] [yahoo] [technorati] [reddit] [stumbleupon]
Go to: 
 Users currently in here 
1 Anonymous

Powered by JForum - Extended by HVAOnline
 hvaonline.net  |  hvaforum.net  |  hvazone.net  |  hvanews.net  |  vnhacker.org
1999 - 2013 © v2012|0504|218|