Security Related Topics

(maintained by Rob Slade)

"25 Steps to Safe Computing", Don Sellers

"Analysing for Authorship", Jill M. Farringdon

"Above the Clouds", Kevin T. McDonald

"Apache Security", Ivan Ristic

"Applied Software Project Management", Andrew Stellman/Jennifer Greene

"The Art of Deception", Kevin D. Mitnick/William L. Simon

"The Art of Intrusion", Kevin D. Mitnick/William L. Simon

"Application Security in the ISO27001 Environment", Vinod Vasudevan et al

"Advanced Software Testing, Volume 1", Rex Black

"The Art of Software Security Testing", Chris Wysopal et al

"Auditing Information Systems", Jack J. Champlain

"Backup and Recovery", W. Curtis Preston

"Beyond COSO", Steven J. Root

"Biometrics for Network Security", Paul Reid

"Biometrics", John D. Woodward/Nicholas M. Orlans/Peter T. Higgins

"Biometrics", Samir Nanavati/Michael Thieme/Raj Nanavati

"Black Hat", John Biggs

"The Black Swan", Nassim Nicholas Taleb

"Best Practices in Internet Commerce Security", Charles Cresson Wood

"Borders in Cyberspace", Brian Kahin/Charles Nesson

"Buffer Overflow Attacks", James C. Foster et al

"Beyond Sarbanes-Oxley Compliance", Anne M. Marchetti

"Confronting Catastrophe: A GIS Handbook", R. W. Greene

"CCTV for the Security Professional", Alan R. Matchett

"CD and DVD Forensics", Paul Crowley

"The CISA Prep Guide", John B. Kramer

"CISSP All-in-One Certification Exam Guide", Shon Harris

"CISSP (Exam Cram)", Mandy Andress

"CISSP Examination Textbooks", S. Rao Vallabhaneni

"The CISSP Study Guide", Ronald L. Krutz/Russell Dean Vines

"Cloud Security and Privacy", Tim Mather/Subra Kumaraswamy/Shahed Latif

"Computer Crisis 2000", W. Michael Fletcher

"Computer Forensics", Warren G. Kruse II/Jay G. Heiser

"Computer-Related Risks", Neumann

"Computer Security for the Home and Small Office", Thomas C. Greene

"Countdown Y2K", Peter de Jager/Richard Bergeon

"COSO Enterprise Risk Management", Robert R. Moeller

"Code Quality: The Open Source Perspective", Diomidis Spinellis

"Cyber-Safe Kids, Cyber-Savvy Teens", Nancy Willard

"Cyber Warfare and Cyber Terrorism", Lech J. Jacczewski/Andrew M. Colarik

"Cyber Forensics", Albert J. Marcella/Robert S. Greenfield

"Inside Cyber Warfare", Jeffrey Carr

"The Database Hacker's Handbook", David Litchfield/Chris Anley/John Heasman/Bill Grindlay

"Database Nation", Simson Garfinkel

"The dotCrime Manifesto", Phillip Hallam-Baker

"Developing Trust", Matt Curtin

"Don't Get Burned on eBay", Shauna Wright

"Digital Woes", Wiener

"Dark Market: CyberThieves, CyberCops, and You", Misha Glenny

"Disaster Recovery Planning", Jon Toigo

"Designing BSD Rootkits", Joseph Kong

"Developing Secure Distributed Systems with CORBA", Ulrich Lang/Rudolf Schreiner

"Degunking Your Email, Spam, and Viruses", Jeff Duntemann

"Enterprise Architecture Using the Zachman Framework", Carol O'Rourke/Neal Fishman/Warren Selkow

"E-Commerce Security", Anup K. Ghosh

"Enterprise Directory and Security Implementation Guide", Charles Carrington et all

"Effective Physical Security", Lawrence J. Fennelly

"Enterprise Information Security and Privacy", C. Warren Axelrod/Jennifer L. Bayuk

"ISO and ANSI Ergonomic Standards for Computer Products", Smith

"EW 101: A First Course in Electronic Warfare", David Adamy

"Exploiting Online Games", Greg Hoglund/Gary McGraw

"Exploiting Software", Greg Hoglund/Gary McGraw

"Fraud Auditing and Forensic Accounting", Tommie W. Singleton et al

"Fire Protection Systems", A. Maurice Jones Jr.

"Fire Suppression and Detection Systems", John L. Bryan

"Frauds, Spies, and Lies", Fred Cohen

"Fuzzing", Michael Sutton/Adam Greene/Pedram Amini

"Googling Security", Greg Conti

"Geekonomics: The Real Cost of Insecure Software", David Rice

"Hacking for Dummies", Kevin Beaver

"Hackers", Levy

"Hacker Attack", Richard Mansfield

"The Hacker Diaries", Dan Verton

"The History of Information Security", Karl de Leeuw/Jan Bergstra

"Hack Attacks Testing", John Chirillo

"The Hacker Crackdown", Sterling

"How to Break Web Software", Mike Andrews/James A. Whittaker

"Handbook of Computer Crime Investigation", Eoghan Casey

"Identity Theft Manual: Practical Tips, Legal Hints, and Other Secrets Revealed", Jack Nuern

"Identity Management: Concepts, Technologies, and Systems", Elisa Bertino/Kenji Takahashi

"Implementing ITIL", Randy A. Steinberg

"Incident Response", Kenneth R. van Wyk/Richard Forna

"Incident Response", Kevin Mandia/Chris Procise

"InfoSec Career Hacking", Aaron W. Bayles et al

"Introduction to Fire Protection", Robert Klinoff

"International IT Governance", Alan Calder/Steve Watkins

"Information Security Risk Analysis", Thomas R. Peltier

"Information Security Architecture", Jan Killmeyer

"Insider Threat", Eric Cole/Sandra Ring

"Incident Response", E. Eugene Schultz/Russell Shumway

"Information Security and Employee Behaviour", Angus McIlwraith

"Integrating Security and Software Engineering", Haralambos Mouratidis/Paolo Giorgini

"IT Ethics Handbook", Stephen Northcutt

"IT Governance", Alan Calder/Steve Watkins

"IT Security Project Management", Susan Snedaker

"Java Cryptography", Jonathan Knudsen

"Just Say No to Microsoft", Tony Bove

"Knowledge Power: Intellectual Property, Information and Privacy", Renee Marlin-Bennett

"Learning from the Octopus", Rafe Sagarin

"Liars and Outliers: Enabling the Trust that Society Needs to Thrive", Bruce Schneier

"Mafiaboy", Michael Calce/Craig Silverman

"Manager's Guide to Compliance", Anthony Tarantino

"Minoli-Cordovana's Authoritative Computer and Network Security Dictionary", Daniel Minoli/James Cordovana

"Mastering FreeBSD and OpenBSD Security", Yanek Korff/Paco Hope/Bruce Potter

"Managing the Human Factor in Information Security", David Lacey

"Multimedia Security", Chun-Shien Lu

"The Manager's Handbook for Corporate Security", Gerald L. Kovacich/Edward P. Halibozek

"Mission Critical Security Planner", Eric Greenberg

"Management of Library and Archive Security", Robert K. O'Neill

"The Myths of Security", John Viega

"The Mezonic Agenda", Herbert H. Thompson/Spyros Nomikos

"Underground", Suelette Dreyfus

"NetLaw: Your Rights in the Online World", Lance Rose

"The New Hacker's Dictionary", Raymond

"You Must Not Let Them Con You! There's Too Much at Stake", Shapiro

"Netiquette", Shea

"On Guard", Laura E. Quarantiello

"PCI Compliance", Tony Bradley et al

"Black Hat Physical Device Security", Drew Miller

"Phishing: Cutting the Identity Theft Line", Rachael Liniger/Russell Dean Vines

"PKI Security Solutions for the Enterprise", Kapil Raina

"Privacy on the Line", Whitfield Diffie/Susan Landau

"Personal Medical Information", Ross Anderson

"Penetration Tester's Open Source Toolkit", Johnny Long et al

"Repetitive Strain Injury", Pascarelli

"Rootkits", Greg Hoglund/James Butler

"Rootkits for Dummies", Larry Stevenson/Nancy Altholz

"Reversing", Eldad Eilam

"Security Assessment", Greg Miles et al

"Safeware: Systems Safety and Computers", Nancy Leveson

"Security Data Visualization", Greg Conti

"Secrets and Lies: Digital Security in a Networked World", Bruce Schneier

"Security Metrics", Andrew Jaquith

"Secure Programming with Static Analysis", Brian Chess/Jacob West

"Security Controls for Sarbanes-Oxley Section 404 IT Compliance", Dennis C. Brewer

"Secrets of a Super Hacker", Fiery

"Securing Java", Gary McGraw/Edward W. Felten

"Security Monitoring", Chris Fry/Martin Nystrom

"Security", Neil Cumming

"Security and Usability", Lorrie Faith Cranor/Simson Garfinkel

"Secure XML", Donald E. Eastlake/Kitty Niles

"Security, ID Systems and Locks", Joel Konicek/Karen Little

"Silence on the Wire", Michal Zalewski

"Sarbanes-Oxley IT Compliance Using COBIT and Open Source Tools", Christian B. Lahti/Roderick Peterson

"Sarbanes-Oxley for Dummies", Jill Gilbert Welytok

"Spam Kings", Brian McWilliams

"Surviving Cyberwar", Richard Stiennon

"Software Security Engineering", Julia H. Allen et al

"SSL and TLS: Theory and Practice", Rolf Oppliger

"Stopping Spam", Alan Schwartz/Simson Garfinkel

"Simple Tools and Techniques for Enterprise Risk Management", Robert J. Chapman

"Securing VoIP Networks", Peter Thermos/Ari Takanen

"Software Security: Building Security In", Gary McGraw

"The Software Vulnerability Guide", Herbert H. Thompson/Scott G. Chase

"Symbian OS Platform Security", Craig Heath

"Systems Reliability and Failure Prevention", Herbert Hecht

"Syslaw", Rose/Wallace

"The Art of Software Security Assessment", Mark Dowd/John McDonald/Justin Schuh

"Technology and Privacy: The New Landscape", Philip E. Agre/Marc Rotenberg

"The Total CISSP Exam Prep Book", Thomas R. Peltier/Patrick D. Howard

"Time Bomb 2000", Edward Yourdon/Jennifer Yourdon

"The New School of Information Security", Adam Shostack/Andrew Stewart

"The Transparent Society", David Brin

"The UNIX-Haters Handbook", Garfinkel/Weise/Strassmann

"WarDriving: Drive, Detect, Defend", Chris Hurley/Frank Thornton/Michael Puchol

"Web of Deception", Anne P. Mintz

"Writing Secure Code", Michael Howard/David LeBlanc

"World War 3: Information Warfare Basics", Fred Cohen

"XML Security", Blake Dournaee

"Year 2000 in a Nutshell", Norman Shakespeare

"The Year 2000 Software Problem", Capers Jones

"Zap!", Sellers

"Zero Day Threat", Byron Acohido/Jon Swartz

"RISKS-FORUM Digest", Peter G. Neumann

HyperText version Book Review Index (may take a while to load)

Book reviews main topic menu