Saturday, November 26, 2016

8 Books Security Pros Should Read (well 10 really but who counts anymore)

Blatantly Stolen From Dark Reading

1.  Applied Cryptography - Lots of praise for this book.  I personally am not a fan of the author but as far as I know this is considered THE go-to.
2.  Threat Modeling : Designing for Security -  Out of 27 reviews 3 are pretty negative.  I jumped around using the surprise me feature on Amazon.  I didn't see much that was that impressive.
3.  The Practice of Network Security Monitoring - I actually read this one and found it useful.
4.  Cyberwar - Another one I have read.  Interesting but not earthshaking.  I found it to be a little grandstandy but then again I think it was one of the first serious non-fiction books dealing with the subject.  Might be worth a read just for historical perspective.
5.  Cyberspies - I can't say I know anything about this one.
6.  Security Engineering: A Guide to Building Dependable Distributed Systems.
7.  The Web Application Security Hackers Handbook 
8.  The Art of Software Security Assessment -

To this I am going to add two of my own choices -

9.  The Grid - Critical infrastructure seems to be the rage at the moment.  This book is a good exploration of the grid and why it is both so vulnerable and so highly resilient.  It definately has shortcomings but it is a good exploration.
10.  Lights Out - Lot's of criticism for this one, in large part because Koppel wrote a cybersecurity / cyberwar book without talking to any cybersecurity experts.  I include it because it highlights public perceptions of issues.
Post a Comment