Information Security

Defending the digital infrastructure


Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Buy the Book

These are our picks for the 10 must-have security titles you should always keep handy.

Firewalls and Internet Security: Repelling the Wily Hacker, Second Edition
By William R. Cheswick, Steven M. Bellovin, Aviel D. Rubin
Addison-Wesley Professional, 455 pages, $36.95
This perimeter security text is perfect for serious security professionals. The authors have mastered the art of applying the theoretical to actual working applications; the result is pragmatic advice from some of the finest minds in the field.

Hacking Exposed, Fifth Edition
By Stuart McClure, Joel Scambray, George Kurtz
McGraw-Hill, 692 pages, $49.99
The original edition ushered in a new era of computer security publishing, offering unabashed, technically detailed and fully documented instructions on how to subvert the security of a multitude of systems. Although some scoff at the series, perhaps they just hate to see some of their secrets published.

Applied Cryptography
By Bruce Schneier
Wiley, 784 pages, $54.99
Any book that the National Security Agency prefers to remain unpublished is bound to make great reading. Anyone doing serious work with cryptography needs a copy. With a comprehensive and excellent explanation of encryption of all kinds, this book is second to none.

Practical Cryptography
By Bruce Schneier, Niels Ferguson
Wiley, 432 pages, $50
Schneier's sequel to Applied Cryptography will help you apply your newfound cryptographic skills successfully and securely. Think of them as volumes one and two of the same book.

Practical Unix & Internet Security
By Simson Garfinkel, Gene Spafford, Alan Schwartz
O'Reilly, 986 pages, $54.95
The authors deliver an excellent introduction to a wide variety of computer and network security issues within UNIX.

Security Engineering
By Ross Anderson
Wiley, 595 pages, $70
This book details security design and implementation strategies employed in real-world systems. Although many publishers employ strategies attempting to inflate the page count (and price) of a book, this 600-page masterpiece could only result from the dedication of an extremely knowledgeable veteran of the field.

The Tao of Network Security Monitoring
By Richard Bejtlich
Addison-Wesley Professional, 832 pages, $54.99
"Tao" means "The Way," and that's what this book is: the way to evolve IDS operations. The network security monitoring philosophy is both obvious and completely revolutionary.

The Art of Computer Virus Research and Defense
By Peter Szor
Addison-Wesley Professional, 744 pages, $49.99
Szor's mastery of virus/antivirus technology is unparalleled, and this comprehensive tome is the definitive work on the subject. Although parts are inaccessible to all but experienced assembly language programmers, antivirus is such a critical technology that every professional should read this book, if only to understand the problem.

A Guide to Forensic Testimony
By Fred Chris Smith, Rebecca Gurley Bace
Addison-Wesley Professional, 560 pages, $54.99
As security pros, we stand a higher-than-average chance of being called into court to testify about the results of our investigations. The authors do a good job of explaining the challenges associated with information security cases and how to give the best testimony possible.

Spam Kings
By Brian McWilliams
O'Reilly, 256 pages, $22.95
This behind-the-scenes account of real-life spammers and spam fighters is a must-read for anyone trying to squelch junk e-mail. There's a freak show in here, but also a lot of good intelligence on the inner workings of the spam kings.


More information from

Read excerpts from these and other books at SearchSecurity's Information Security Bookshelf.

Article 12 of 18

Dig Deeper on Information security certifications, training and jobs

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

Get More Information Security

Access to all of our back issues View All