Best Infosec Books
Just looking to pick up some good info sec books to read not looking for any specific cert related books just general books
I find your lack of Cloud Security Disturbing!!!!!!!!!
Connect with me on LinkedIn https://www.linkedin.com/in/myerscraig
Connect with me on LinkedIn https://www.linkedin.com/in/myerscraig
Comments
Is that book still relevant? I bought it like a decade ago, but never got around to reading it. And I've been shying away from it now because it seems like most of the info wouldn't be up to date anymore.
If it's got staying power though, I'll have to add it back to my reading list.
My former boss is very high on it and think it has been revised, its my next on the book shelf ( after all the required stuff for school as time allows), but given the fact that the majority of compromises are being done using decades old vulns I would say yeah
Any of the 'Hacking Exposed' books are worth going through as well. They may seem a bit dated but if your reading the SANS diary on a daily basis you'll see there aren't really a lot of new or novel hacks coming our way. What you see is more and more DoS and "new tricks for old dogs" types of hacks and exploits. Basically everything old is new again in our world. Seen a new class of hack lately?
Reloaded is much the same and very much worthwhile for the same reasons above. It doesn't have to be cutting edge to worth reading, just applicable.
- b/eads
2020: GCIP | GCIA
2021: GRID | GDSA | Pentest+
2022: GMON | GDAT
2023: GREM | GCWN | GSE
WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security | SANS Grad Cert: Cyber Defense Ops
I read ghost in the wire when it came out a few years ago it was great
Connect with me on LinkedIn https://www.linkedin.com/in/myerscraig
Just double checking Is this the book you are referring to? / Wiley: Threat Modeling: Designing for Security - Adam Shostack
Connect with me on LinkedIn https://www.linkedin.com/in/myerscraig
Yep. That's the baddie. I got turned on to it by reading the review in InfoSec Magazine while doing my bi-monthly quiz for the CISSP. Adam definitely has some excellent insights and some head slappers as well.
- b/eads
https://www.amazon.com/Measuring-Managing-Information-Risk-Approach/dp/0124202314
And, if you need a little non fiction to break things up - cryptonomicon and reamde are great reads.
Why ebay united Kingdom when you are in Lexington? Yeah the FAIR Risk model is pretty good... I actually was trained in it by Jack himself