Top Five SIEM Books for Cybersecurity Professionals

Solutions Review compiles the 5 essential SIEM books professionals need to add to their reading lists.

SIEM represents a critical cybersecurity component for businesses. SIEM offers key capabilities in threat detection, log management, and compliance, all of which contribute to a well-rounded InfoSec platform. We’ve listed the top five SIEM books professionals should add to their reading lists. These books are intended for beginners and experts alike and are written by authors with proficiency and/or recognition in the field of cybersecurity.

Be sure to also consult our SIEM Buyer’s Guide for information on the top solution providers. It’s the perfect resource if you don’t want your organization to suffer from attacks hidden in your logs.

Note: Titles are listed in no particular order.

Top Five SIEM Books for Cybersecurity Professionals

Blue Team Handbook: SOC, SIEM, and Threat Hunting (V1.02): A Condensed Guide for the Security Operations Team and Threat Hunter

By Don Murdoch

“The book begins with a discussion for professionals to help them build a successful business case and a project plan, decide on SOC tier models, anticipate and answer tough questions you need to consider when proposing a SOC, and considerations in building a logging infrastructure. The book goes through numerous data sources that feed a SOC and SIEM and provides specific real world guidance on how to use those data sources to best possible effect. Most of the examples presented were implemented in one organization or another. These uses cases explain on what to monitor, how to use a SIEM and how to use the data coming into the platform.” 

Available here. 

Security Operations Center – SIEM Use Cases and Cyber Threat Intelligence

By Arun E Thomas

“Security analytics can be defined as the process of continuously monitoring and analyzing all the activities in your enterprise network to ensure the minimal number of occurrences of security breaches. Security Analyst is the individual that is qualified to perform the functions necessary to accomplish the security monitoring goals of the organization…This book is a complete practical guide to understanding, planning and building an effective Cyber Threat Intelligence program within an organization.”

Available here. 

The Practice of Network Security Monitoring: Understanding Incident Detection and Response

By Richard Bejtlich

“Network security is not simply about building impenetrable walls—determined attackers will eventually overcome traditional defenses. The most effective computer security strategies integrate network security monitoring (NSM): the collection and analysis of data to help you detect and respond to intrusions…In The Practice of Network Security Monitoring, Mandiant CSO Richard Bejtlich shows you how to use NSM to add a robust layer of protection around your networks—no prior experience required.”

Available here. 

Security Information and Event Management (SIEM) Implementation (Network Pro Library)

By David R. Miller, Shon Harris, Allen Harper, Stephen VanDyke, and Chris Blask

“Effectively manage the security information and events produced by your network with help from this authoritative guide. Written by IT security experts, Security Information and Event Management (SIEM) Implementation shows you how to deploy SIEM technologies to monitor, identify, document, and respond to security threats and reduce false-positive alerts. The book explains how to implement SIEM products from different vendors, and discusses the strengths, weaknesses, and advanced tuning of these systems. You’ll also learn how to use SIEM capabilities for business intelligence.”

Available here. 

Crafting the InfoSec Playbook: Security Monitoring and Incident Response Master Plan

By Jeff Bollinger, Brandon Enright, and Matthew Valites 

“Any good attacker will tell you that expensive security monitoring and prevention tools aren’t enough to keep you secure. This practical book demonstrates a data-centric approach to distilling complex security monitoring, incident response, and threat analysis ideas into their most basic elements. You’ll learn how to develop your own threat intelligence and incident detection strategy, rather than depend on security tools alone. Written by members of Cisco’s Computer Security Incident Response Team, this book shows IT and information security professionals how to create an InfoSec playbook by developing strategy, technique, and architecture.” 

Available here. 

Thanks for checking out our list of top five SIEM books for cybersecurity professionals. Be sure to also check out our SIEM Buyer’s Guide.

Ben Canner

Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.

Latest posts by Ben Canner (see all)

Comments are closed.