Modern Cyber Defense Books
Published in
2 min readMay 27, 2020
A few days ago I posted the following on Twitter:
(link to full thread that has perhaps grown since this time)
Below are the suggestions I got, with TWO clear winners (votes and likes data is very relative, manually counted, etc, etc — but the trend is there)
- “Building Secure and Reliable Systems: Best Practices for Designing, Implementing, and Maintaining Systems” [FREE link] by Heather Adkins, Betsy Beyer, Paul Blankinship, Piotr Lewandowski, Ana Oprea, Adam Stubblefield [27 votes]
- “Defensive Security Handbook: Best Practices for Securing Infrastructure” by Amanda Berlin and Lee Brotherston [26 votes]
- “The Practice of Network Security Monitoring: Understanding Incident Detection and Response” by Richard Bejtlich [17]
- “Securing DevOps: Security in the Cloud“ by Julien Vehent [7]
- “Applied Incident Response” by Steve Anson [7]
- “Threat Modeling: Designing for Security” by Adam Shostack [5]
- “Security Engineering” by Ross Anderson [5]
- “Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber Security Incident Responder” by Don Murdoch [4]
Other suggestions (some admittedly are quite peculiar, some clearly are not a fit to the question, etc; they are copied here for posterity)
- “Thinking Security: Stopping Next Year’s Hackers” by Steven M. Bellovin (2015)
- “The Psychology of Information Security” by Leron Zinatullin
- “Foundations of Security: What Every Programmer Needs to Know” by Christoph Kern, Anita Kesavan, Neil Daswani (2007)
- “Privileged Attack Vectors” by Morey J. Haber
- “Computer Security” by Dieter Gollmann (2011)
- ”Next Level Cybersecurity: Detect the Signals, Stop the Hack” by Sai Huda
- “Advanced Persistent Security: A Cyberwarfare Approach to Implementing Adaptive Enterprise Protection, Detection, and Reaction Strategies” by Ira Winkler
- “Incident Response & Computer Forensics” by Jason T. Luttgens, Matthew Pepe, Kevin Mandia (2014)
- ”Analogue Network Security” by Winn Schwartau
- “Secrets and Lies: Digital Security in a Networked World” by Bruce Schneier
- “Future Crimes: Inside the Digital Underground and the Battle for Our Connected World” by Marc Goodman
- “Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time” by Sami Saydjari
Finally, a few people suggested this book list (Security Book Canon), but the last winners there are from 2018…
All in all, enjoy!