Buy the Book

This article can also be found in the Premium Editorial Download: Information Security magazine: Exclusive: Security salary and careers guide:

These are our picks for the 10 must-have security titles you should always keep handy.

Firewalls and Internet Security: Repelling the Wily Hacker, Second Edition
By William R. Cheswick, Steven M. Bellovin, Aviel D. Rubin
Addison-Wesley Professional, 455 pages, $36.95
This perimeter security text is perfect for serious security professionals. The authors have mastered the art of applying the theoretical to actual working applications; the result is pragmatic advice from some of the finest minds in the field.

Hacking Exposed, Fifth Edition
By Stuart McClure, Joel Scambray, George Kurtz
McGraw-Hill, 692 pages, $49.99
The original edition ushered in a new era of computer security publishing, offering unabashed, technically detailed and fully documented instructions on how to subvert the security of a multitude of systems. Although some scoff at the series, perhaps they just hate to see some of their secrets published.

Applied Cryptography
By Bruce Schneier
Wiley, 784 pages, $54.99
Any book that the National Security Agency prefers to remain unpublished is bound to make great reading. Anyone doing serious work with cryptography needs a copy. With a comprehensive and excellent explanation of encryption of all kinds, this book is second to none.

Practical Cryptography
By Bruce Schneier, Niels Ferguson
Wiley, 432 pages, $50
Schneier's sequel to Applied Cryptography will help you apply your newfound cryptographic skills successfully and securely. Think of them as volumes one and two of the same book.

Practical Unix & Internet Security
By Simson Garfinkel, Gene Spafford, Alan Schwartz
O'Reilly, 986 pages, $54.95
The authors deliver an excellent introduction to a wide variety of computer and network security issues within UNIX.

Security Engineering
By Ross Anderson
Wiley, 595 pages, $70
This book details security design and implementation strategies employed in real-world systems. Although many publishers employ strategies attempting to inflate the page count (and price) of a book, this 600-page masterpiece could only result from the dedication of an extremely knowledgeable veteran of the field.

The Tao of Network Security Monitoring
By Richard Bejtlich
Addison-Wesley Professional, 832 pages, $54.99
"Tao" means "The Way," and that's what this book is: the way to evolve IDS operations. The network security monitoring philosophy is both obvious and completely revolutionary.

The Art of Computer Virus Research and Defense
By Peter Szor
Addison-Wesley Professional, 744 pages, $49.99
Szor's mastery of virus/antivirus technology is unparalleled, and this comprehensive tome is the definitive work on the subject. Although parts are inaccessible to all but experienced assembly language programmers, antivirus is such a critical technology that every professional should read this book, if only to understand the problem.

A Guide to Forensic Testimony
By Fred Chris Smith, Rebecca Gurley Bace
Addison-Wesley Professional, 560 pages, $54.99
As security pros, we stand a higher-than-average chance of being called into court to testify about the results of our investigations. The authors do a good job of explaining the challenges associated with information security cases and how to give the best testimony possible.

Spam Kings
By Brian McWilliams
O'Reilly, 256 pages, $22.95
This behind-the-scenes account of real-life spammers and spam fighters is a must-read for anyone trying to squelch junk e-mail. There's a freak show in here, but also a lot of good intelligence on the inner workings of the spam kings.

@exb

More information from SearchSecurity.com

Read excerpts from these and other books at SearchSecurity's Information Security Bookshelf.
@exe

This was first published in July 2006

Dig deeper on Information Security Jobs and Training

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close