Upload
tripwire
View
3.267
Download
1
Embed Size (px)
Citation preview
10 BOOKS10 BOOKSFOR
MUST-READ!^
INFOSEC PROSINFOSEC PROS
We asked industry thought leaders to share their favorite books that
changed the way they think about information security...
1. THE PHOENIX PROJECTBY GENE KIM, KEVIN BEHR AND GEORGE SPAFFORD
Don’t read The Phoenix Project for great literature, witty dialogue and
well-crafted characters. Instead, read this book for an easy yet informative
introduction to why well-run IT departments are gaining a
competitive edge.
–MARIBETH PUSIESKI (@MB_PDX)
1. THE PHOENIX PROJECT
2. OFFENSIVE COUNTERMEASURES: BY JOHN STRAND AND PAUL ASADOORIAN
The book covers how to create “vexing” security approaches that
engage attackers in a time-wasting and misleading way. The focus is on . . .
techniques and countermeasures that mislead attackers, causing them to fail
and generally wasting their time, so your become an unprofitable target.
–DWAYNE MELANCON (@THATDWAYNE)
THE ART OF ACTIVE DEFENSE2. OFFENSIVE COUNTERMEASURES:
THE ART OF ACTIVE DEFENSE
3. HACKING EXPOSEDBY STUART MCCLURE, JOEL SCAMBRAY AND GEORGE KURTZ
I first bought the 2nd edition of Hacking Exposed back in 2001, and it immediately changed the way I was thinking about thesystems for which I was then responsible. Whilst much of the technology specifics
in that edition will now seem quaintly retro, it is both sobering and . . . disheartening to
see how some of the actual techniques are still in active use today.
–ANGUS MACRAE (@AMACSIA)
3. HACKING EXPOSED
BY KIM ZETTER
Ever wonder what it would be like to have a power grid in your country shut down for a day, week, month, or even longer? Is your country prepared? This
book makes you think about the secretive world of cyberwarfare and
how one piece of malware forever changed world history.
-BEV ROBB (@TEKSQUISITE)
4. COUNTDOWN TO ZERO DAY4. COUNTDOWN TO ZERO DAY
BY OLIVIA FOX CABANE
This book takes more than a “win friends and influence people”
approach. It offers exercises and techniques that can transform even the most socially inept
InfoSec person into someone who can better connect with an
audience.
-BOB COVELLO (@BOBCOVELLO)
5. THE CHARISMA MYTH5. THE CHARISMA MYTH
BY JEREMIAH TALAMANTES
People need to understand they’re being manipulated by expert con men
(and women). The Social Engineer’s Playbook describes exactly how this
happens and why we fall for it. By educating ourselves to the tactics used
by social engineers, the better equipped we’ll be to hang up the
phone, say “no,” or laugh in their face when they come knocking.
-DAVID JAMIESON (@DHJAMIESON)
6. THE SOCIAL ENGINEER'S PLAYBOOK6. THE SOCIAL ENGINEER'S PLAYBOOK
BY DANIEL REGALADO, SHON HARRIS, ALLEN HARPER, CHRIS EAGLE, JONATHAN NESS, BRANKO SPASOJEVIC, RYAN LINN AND STEPHEN SIMS
When I was developing courses for Fanshawe College, I selected the third
edition of this book as a textbook. It lent itself incredibly well to learning the
basics of and gaining a solid foundation in information security. Now in it’s fourth
edition, the book still stands out as an amazing point of entry into infosec and a
great refresher for pros.
-TYLER REGULY (@TREGULY)
7. GRAY HAT HACKING7. GRAY HAT HACKING
BY RICHARD BEJTLICH
We’ve seen a huge emphasis on preventing threats but not enough on detecting data as
its being stolen. This book gives you some serious food for thought on how this can be
applied to your network.
-MATT PASCUCCI (@MATTHEWPASCUCCI)
8. EXTRUSION DETECTION:SECURITY MONITORING FOR INTERNAL INTRUSIONS
8. EXTRUSION DETECTION:SECURITY MONITORING FOR INTERNAL INTRUSIONS
BY KEVIN MITNICK
Thought of as a tenet in cybersecurity, people are the first line of defense for any corporate
security program. This non- technical book is a must read for an intriguing perspective into securing
the human behind the keyboard.
-JAMES WRIGHT (@JAMES_M_WRIGHT)
9. GHOST IN THE WIRESMY ADVENTURES AS THE WORLD'S MOST WANTED HACKER
9. GHOST IN THE WIRESMY ADVENTURES AS THE WORLD'S MOST WANTED HACKER
BY DAVE TROTT
This book has helped me develop more as a CISO than any IT security book because they have helped me
communicate better, as well as think of alternative ways to address
problems. [It] really inspires you to look at things differently, see the silver lining, and often be far more creative...
-THOM LANGFORD (@THOMLANGFORD)
10. ONE + ONE = THREE10. ONE + ONE = THREE
WHAT BOOK CHANGED THE WAY YOU THINK ABOUT SECURITY? TWEET US YOUR FAVORITE @TRIPWIREINC USING
#INFOSECMUSTREAD
TRIPWIRE.COM/BLOG
FOR THE LATEST INFORMATION SECURITY NEWS, TRENDS AND INSIGHTS, VISIT: