Best Infosec Books
Just looking to pick up some good info sec books to read not looking for any specific cert related books just general books
I find your lack of Cloud Security Disturbing!!!!!!!!!
Connect with me on LinkedIn https://www.linkedin.com/in/myerscraig
Connect with me on LinkedIn https://www.linkedin.com/in/myerscraig
Comments
-
jcundiff
Member Posts: 486 ■■■■□□□□□□
Counter Hack Reloaded"Hard Work Beats Talent When Talent Doesn't Work Hard" - Tim Notke -
aderon
CISSP, CCNA:S, CCNA:R&S, AWS:CSA Assoc, Sec+, Lin+, A+, Net+, Proj+ Member Posts: 404 ■■■■□□□□□□
Counter Hack Reloaded
Is that book still relevant? I bought it like a decade ago, but never got around to reading it. And I've been shying away from it now because it seems like most of the info wouldn't be up to date anymore.
If it's got staying power though, I'll have to add it back to my reading list.2019 Certification/Degree Goals: AWS CSA Renewal (In Progress), M.S. Cybersecurity (In Progress), CCNA R&S Renewal (Not Started) -
jcundiff
Member Posts: 486 ■■■■□□□□□□
Is that book still relevant? I bought it like a decade ago, but never got around to reading it. And I've been shying away from it now because it seems like most of the info wouldn't be up to date anymore.
If it's got staying power though, I'll have to add it back to my reading list.
My former boss is very high on it and think it has been revised, its my next on the book shelf ( after all the required stuff for school as time allows), but given the fact that the majority of compromises are being done using decades old vulns I would say yeah
"Hard Work Beats Talent When Talent Doesn't Work Hard" - Tim Notke -
beads
Senior Member Member Posts: 1,511 ■■■■■■■■■□
Finding Threat Modeling: Designing for Security to be quite helpful. Most items the author is bringing up about a quarter the way through are either things that I didn't know I was already doing (relief) or new ways of doing things that I could be doing more efficiently (helpful).
Any of the 'Hacking Exposed' books are worth going through as well. They may seem a bit dated but if your reading the SANS diary on a daily basis you'll see there aren't really a lot of new or novel hacks coming our way. What you see is more and more DoS and "new tricks for old dogs" types of hacks and exploits. Basically everything old is new again in our world. Seen a new class of hack lately?
Reloaded is much the same and very much worthwhile for the same reasons above. It doesn't have to be cutting edge to worth reading, just applicable.
- b/eads -
iBrokeIT
GICSP, GCIP, GXPN, GPEN, GWAPT, GCFE, GCIA, GCIH, GSEC, CySA+, Sec+, eJPT Member Posts: 1,303 ■■■■■■■■■□
For social engineering, the Kevin Mitnick books like Ghost in Wires and The Art of Deception are really good...2019: GPEN | GCFE | GXPN | GICSP | CySA+
2020: GCIP | GCIA | eCPPT | eWPT | eCTHP
WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security -
Clm
CISSP | CCSP | CCSK | AWS x 4 | ITIL | PCEP Member Posts: 444 ■■■■□□□□□□
For social engineering, the Kevin Mitnick books like Ghost in Wires and The Art of Deception are really good...
I read ghost in the wire when it came out a few years ago it was greatI find your lack of Cloud Security Disturbing!!!!!!!!!
Connect with me on LinkedIn https://www.linkedin.com/in/myerscraig -
Clm
CISSP | CCSP | CCSK | AWS x 4 | ITIL | PCEP Member Posts: 444 ■■■■□□□□□□
Finding Threat Modeling: Designing for Security to be quite helpful. Most items the author is bringing up about a quarter the way through are either things that I didn't know I was already doing (relief) or new ways of doing things that I could be doing more efficiently (helpful).
Any of the 'Hacking Exposed' books are worth going through as well. They may seem a bit dated but if your reading the SANS diary on a daily basis you'll see there aren't really a lot of new or novel hacks coming our way. What you see is more and more DoS and "new tricks for old dogs" types of hacks and exploits. Basically everything old is new again in our world. Seen a new class of hack lately?
Reloaded is much the same and very much worthwhile for the same reasons above. It doesn't have to be cutting edge to worth reading, just applicable.
- b/eads
Just double checking Is this the book you are referring to? / Wiley: Threat Modeling: Designing for Security - Adam ShostackI find your lack of Cloud Security Disturbing!!!!!!!!!
Connect with me on LinkedIn https://www.linkedin.com/in/myerscraig -
wes allen
Member Posts: 540 ■■■■■□□□□□
This is a great book on risk:
https://www.amazon.com/Measuring-Managing-Information-Risk-Approach/dp/0124202314
And, if you need a little non fiction to break things up - cryptonomicon and reamde are great reads. -
jcundiff
Member Posts: 486 ■■■■□□□□□□
This is a great book on risk:
https://www.amazon.com/Measuring-Managing-Information-Risk-Approach/dp/0124202314
And, if you need a little non fiction to break things up - cryptonomicon and reamde are great reads.
Why ebay united Kingdom when you are in Lexington? Yeah the FAIR Risk model is pretty good... I actually was trained in it by Jack himself "Hard Work Beats Talent When Talent Doesn't Work Hard" - Tim Notke
