There is a new #CyberSecurity #HumbleBundle, well the same as last year but that is OK!
-
There is a new #CyberSecurity #HumbleBundle, well the same as last year but that is OK!
https://www.humblebundle.com/books/cybersecurity-and-forensics-pearson-books
I will try to mention the books I love from this bundle, and depending on your interests you can decide if you want to spend the EUR 22 to get it
First off, the Network Security 3rd ed, by Radia Perlman et al is a GREAT comprehensive book about cryptography and security as it related to real world networks. First ed was from 1995, and this was updated in 2023. #oldskool and cool!
-
There is a new #CyberSecurity #HumbleBundle, well the same as last year but that is OK!
https://www.humblebundle.com/books/cybersecurity-and-forensics-pearson-books
I will try to mention the books I love from this bundle, and depending on your interests you can decide if you want to spend the EUR 22 to get it
First off, the Network Security 3rd ed, by Radia Perlman et al is a GREAT comprehensive book about cryptography and security as it related to real world networks. First ed was from 1995, and this was updated in 2023. #oldskool and cool!
Next one is the Cybersecurity Myths and Misconceptions by Eugene H Spafford, Leigh Metcalf and Josiah Dykstra
which is kind of an odd book, interesting, and with the collected knowledge of the foundation we stand upon, this book is highly recommended. I ask that you click through and read the first 4 pages from the preview chapter! Do it now!
If treat a lot of advice that has previously been preached and lay down the truth.
example:
More Security Is Always Better, is NOT the truth -
Next one is the Cybersecurity Myths and Misconceptions by Eugene H Spafford, Leigh Metcalf and Josiah Dykstra
which is kind of an odd book, interesting, and with the collected knowledge of the foundation we stand upon, this book is highly recommended. I ask that you click through and read the first 4 pages from the preview chapter! Do it now!
If treat a lot of advice that has previously been preached and lay down the truth.
example:
More Security Is Always Better, is NOT the truthA bundle of books related to Microsoft products, and while I dont use them, it is nice to know a bit about:
Microsoft Defender for Cloud, Microsoft Azure Network Security and Microsoft Sentinel - a lot of danish companies use these products.
As well as a book about Developing Secure Azure Solutions by Michael Howard, known for software security books. Dont know which was his first, but Writing Secure Code from 2002 is legendary, as is the 19 Deadly Sins of Sw Security later expanded to 24
-
A bundle of books related to Microsoft products, and while I dont use them, it is nice to know a bit about:
Microsoft Defender for Cloud, Microsoft Azure Network Security and Microsoft Sentinel - a lot of danish companies use these products.
As well as a book about Developing Secure Azure Solutions by Michael Howard, known for software security books. Dont know which was his first, but Writing Secure Code from 2002 is legendary, as is the 19 Deadly Sins of Sw Security later expanded to 24
Another author that has been around for decades is William Stallings, authoring many security books.
I havent read the included Information Privacy Engineering and Privacy by Design, but I probably should ...
The table of contents certainly looks interesting with a lot of governanceThe other book of his Effective Cybersecurity seems to dig even deeper into interesting generic subjects that anyone working with security need to understand
Great if you want to take CISSP or other certifications
-
Another author that has been around for decades is William Stallings, authoring many security books.
I havent read the included Information Privacy Engineering and Privacy by Design, but I probably should ...
The table of contents certainly looks interesting with a lot of governanceThe other book of his Effective Cybersecurity seems to dig even deeper into interesting generic subjects that anyone working with security need to understand
Great if you want to take CISSP or other certifications
and speaking of certs, there is a nice entry cert called CompTia security+
https://www.comptia.org/certifications/securityand in this bundle there is a 828 page PDF, cert guide for Security+
PLUS (pun intended) there is a short book about Building a Career in Cybersecurity.
I think it could be longer, but the content is nice. Like the list of Cybersecurity Roles and Responsibilities. You know the step after "I want to work in cybersecurity", and people ask, do you want to work in a NOC, SOC, DevSecOps, IR, ...
-
and speaking of certs, there is a nice entry cert called CompTia security+
https://www.comptia.org/certifications/securityand in this bundle there is a 828 page PDF, cert guide for Security+
PLUS (pun intended) there is a short book about Building a Career in Cybersecurity.
I think it could be longer, but the content is nice. Like the list of Cybersecurity Roles and Responsibilities. You know the step after "I want to work in cybersecurity", and people ask, do you want to work in a NOC, SOC, DevSecOps, IR, ...
BTW IR is Incident Response in this context, and there is a Practical Guide to Digital Forensics Investigations included.
And since EVERY organisation is bound to experience security "events" on a smaller or larger scale, it is great to know about handling the data tools and processes related to this.
This is also a 2nd edition, which I have a soft spot for. This means the first edition was popular enough that they made an updated version, typically with less errors etc.
-
BTW IR is Incident Response in this context, and there is a Practical Guide to Digital Forensics Investigations included.
And since EVERY organisation is bound to experience security "events" on a smaller or larger scale, it is great to know about handling the data tools and processes related to this.
This is also a 2nd edition, which I have a soft spot for. This means the first edition was popular enough that they made an updated version, typically with less errors etc.
Speaking of handling incidents, I am a fan of the Modern Security Operations Center (SOC) book by Joseph Muniz.
It is not a 2nd ed, but it does update his Cisco Press SOC book, some shared content but updated.
I have used this book in a SIEM course and for anyone establishing SOC, SIEM or IR capabilities in an organisation this book will provide clear and precise guidance in the whole people, process and technology. Even a detailed example how to position monitors for a Video Wall
-
Speaking of handling incidents, I am a fan of the Modern Security Operations Center (SOC) book by Joseph Muniz.
It is not a 2nd ed, but it does update his Cisco Press SOC book, some shared content but updated.
I have used this book in a SIEM course and for anyone establishing SOC, SIEM or IR capabilities in an organisation this book will provide clear and precise guidance in the whole people, process and technology. Even a detailed example how to position monitors for a Video Wall
The rest of the books you will have to judge for yourself, if they look interesting enough and/or matches your interests
I hope you enjoyed this and I will run into a meeting soon, but please do ask me about careers in cyber security, I have been teaching diploma in information security for the last 6 years, and will be happy to share knowledge
-
F folfdk@helvede.net shared this topic
