Cybersecurity Reading List
cshkuru
Member Posts: 246 ■■■■□□□□□□
Over the past couple years I have compiled a list of cybersecurity related books based on various professional reading lists as well as the defcon list and put them in a spreadsheet. Just updated it today with 17 new entries of my own: https://docs.google.com/spreadsheets/d/12z7_8fUwSejPVd6bIosD405mhpLLM_DnTdcIiiKWpqw/edit?usp=sharing
I had to put my own column for new stuff in because it seems like once these lists get published no one maintains them.
On a related note I would like to get some Non-American lists represented so if you know of any similar professional reading lists published by British, Canadian, Australian, New Zealand agencies please point me too them. I know it's English-centric but that's the language I speak.
I had to put my own column for new stuff in because it seems like once these lists get published no one maintains them.
On a related note I would like to get some Non-American lists represented so if you know of any similar professional reading lists published by British, Canadian, Australian, New Zealand agencies please point me too them. I know it's English-centric but that's the language I speak.
Comments
-
deep_logic Member Posts: 26 ■■■□□□□□□□Wow! Much appreciated @cshkuru. The list is pretty wide as far as technical stuff - but I like that. Valuable resource, bro. BTW, I loved the "Stealing the Network" book. I didn't realize there were several versions of it now.
-
roninkai Member Posts: 307 ■■■■□□□□□□Nice list, thank you! I keep adding/purchasing books that never get read. What I need is a reading plan (outside of certifications)....and a commitment to stop buying books lol.浪人 MSISA:WGU
ICP-FDO ▪ CISSP ▪ ECES ▪ CHFI ▪ CNDA ▪ CEH ▪ MCSA/MCITP ▪ MCTS ▪ S+
2020 Level Up Goals: (1) DevSecOps Learning Path (2) OSCP -
nevermore Member Posts: 39 ■■■□□□□□□□I have been buying a bunch of books on a variety of Infosec topics. Looking to spend more time reading once I am done with my MS degree.
Obtained:- CISSP/ISSAP/ISSMP, CISM, GISP, CEH
- M.S. Information Security and Assurance Norwich University
- B.S. Cybersecurity UMUC
In Queue: PMP, CCSP, CRISC -
tedjames Member Posts: 1,182 ■■■■■■■■□□dragonsden said:Nice list, thank you! I keep adding/purchasing books that never get read. What I need is a reading plan (outside of certifications)....and a commitment to stop buying books lol.
I put everything I want to read/learn into a spreadsheet and prioritized them. It's really hard sticking to a schedule when you want to do everything, but it's necessary. I have disciplined myself into taking one course at a time. As for reading, if it's general reading and not a tech/training guide, just budget yourself to 20-30 minutes per day.
A class I'm taking on Udemy has 92 sections. I'm trying to complete at least 1 section per weekday and 2-3 per day on Saturday and Sunday. I hope to finish sometime in February so I can move on to the next one.
Budgeting your time works. -
roninkai Member Posts: 307 ■■■■□□□□□□Yes, our problem was once too little information. Now it's the complete opposite. The tricky thing is with the abundance of courses, videos, and books, is "who do I give my time and attention to and trust?".浪人 MSISA:WGU
ICP-FDO ▪ CISSP ▪ ECES ▪ CHFI ▪ CNDA ▪ CEH ▪ MCSA/MCITP ▪ MCTS ▪ S+
2020 Level Up Goals: (1) DevSecOps Learning Path (2) OSCP -
baghdaddy19 Member Posts: 51 ■■■□□□□□□□dragonsden said:Nice list, thank you! I keep adding/purchasing books that never get read. What I need is a reading plan (outside of certifications)....and a commitment to stop buying books lol.
Lol same with me. Its really about finding the time. Working full time, studying for certs, trying to stay healthy, family time, getting a good nights sleep, etc. Not much time left in the day.
2020 Certification Goals
CompTIA: A+, Net+, Sec+, Cloud Essentials, and Project +
LPI: Linux Essentials
AXELOS: ITIL v3
SANS GAIC: GSEC, GCIH, and GCED -
roninkai Member Posts: 307 ■■■■□□□□□□I try to get my shorter reads on Audible and listen at 2x, however I have a 15-min commute which doesn't exactly chip away at a 6 - 11 hour audiobook very fast.浪人 MSISA:WGU
ICP-FDO ▪ CISSP ▪ ECES ▪ CHFI ▪ CNDA ▪ CEH ▪ MCSA/MCITP ▪ MCTS ▪ S+
2020 Level Up Goals: (1) DevSecOps Learning Path (2) OSCP -
cshkuru Member Posts: 246 ■■■■□□□□□□Hey all,I have been updating the list ( https://docs.google.com/spreadsheets/d/12z7_8fUwSejPVd6bIosD405mhpLLM_DnTdcIiiKWpqw/edit#gid=2079030996 ) a few times since my last post. I know Dragos was in the last iteration, but I have added lists from Threatgen and Idaho National Labs, both Industrial Control System focused, and from Tara at Blackroom Security as well as the Royal Canadian Communication and Electronics Association. Still looking for other (English language) sources.
-
chrisone Member Posts: 2,278 ■■■■■■■■■□Very cool list! Thanks for sharing. So much to read so little time!Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
2023 Cert Goals: SC-100, eCPTX -
cshkuru Member Posts: 246 ■■■■□□□□□□Updated again. Added a list from a Yale Law Seminar on Cybersecurity
https://docs.google.com/spreadsheets/d/12z7_8fUwSejPVd6bIosD405mhpLLM_DnTdcIiiKWpqw/edit#gid=2079030996 -
yoba222 Member Posts: 1,237 ■■■■■■■■□□Doesn't look like it's been shared, Palo Alto has had a beautiful book list for a number of years now:
https://cybercanon.paloaltonetworks.com/
A+, Network+, CCNA, LFCS,
Security+, eJPT, CySA+, PenTest+,
Cisco CyberOps, GCIH, VHL,
In progress: OSCP -
cshkuru Member Posts: 246 ■■■■□□□□□□yeah thats one of the lists i incorporate into my list its like the 4th from the last column and has it's own tab
-
cshkuru Member Posts: 246 ■■■■□□□□□□Kind of related to the book list effort -
A while back my department at work had a big influx of people with little to no security / IT background. I put this together to help get them up to speed. My hope was that after demonstrating proficiency in each of the areas somehow (it was intended that this be like a 2 year process) the CyberSecurity Director and CIO would sign a nice little certificate for the person. Never got any response to the suggestion from anyone in the management chain. I'm moving on now so I thought I would share it again.
Security Engineering Training Plan
https://docs.google.com/spreadsheets/d/1CKVVwMUTxYaFvwoaOgVoOJFr5GkV8-Fb_qbxtOqLjyQ/edit#gid=0
-
cshkuru Member Posts: 246 ■■■■□□□□□□I recently updated the reading list. I incorporated the class readings from the UT Law School Cybersecurity Class and the (ICS)2 bibliography. https://docs.google.com/spreadsheets/d/12z7_8fUwSejPVd6bIosD405mhpLLM_DnTdcIiiKWpqw/edit#gid=2079030996 I also did some format cleanup. That is ongoing
-
tedjames Member Posts: 1,182 ■■■■■■■■□□I recommend these two new books:I'm quoted in the second one.
-
cshkuru Member Posts: 246 ■■■■□□□□□□Another (minor) update - removed a couple duplicate entries, cleaned up some links, added some categories to make searching easier and I think I added like 3 books but that may have been earlier. i lose track. https://docs.google.com/spreadsheets/d/12z7_8fUwSejPVd6bIosD405mhpLLM_DnTdcIiiKWpqw/edit#gid=2079030996
-
cshkuru Member Posts: 246 ■■■■□□□□□□Updated the reading list again added a revisions page, added the most recent executive order on cybersecurity, added infosec magazine reading list, added SANS SecOP reading list, added list from The Hacker Playbook, updated list from The Cybersecurity Canon, added list from The Darknet Diaries, added SANS Security Leadership Reading List removed the color coding and added a score based on the number of list an item appears in. https://docs.google.com/spreadsheets/d/12z7_8fUwSejPVd6bIosD405mhpLLM_DnTdcIiiKWpqw/edit#gid=2079030996