Solutions Review Finds the Best Books for Defending the Digital Perimeter. Whether you want to understand threats or better prep your defenses, you need to add these to your shelf.
Solutions Review frequently finds and shares our finds for essential cybersecurity titles and books every InfoSec professional and IT security team should have on the shelf. Here’s one of our latest ones.
For this article, we wanted to share the highest-rated cybersecurity books related to the digital perimeter; whether that stems from firewalls, antivirus, authentication, or threat hunting, the digital perimeter is a multifaceted and essential consideration. These books qualify by having at least a 4 Star Rating on Amazon based on customer reviews and on relating to the digital perimeter. .
These books are intended for beginners and experts alike and are written by authors with proficiency and/or recognition in the field of cybersecurity.
Best Books for Defending the Digital Perimeter
Book Title: Solving Identity Management in Modern Applications: Demystifying OAuth 2.0, OpenID Connect, and SAML 2.0
Our Take: Yvonne Wilson and Abhishek Hingnikar both have extensive experience in software development and identity management. Their expertise is evident throughout the text.
Description: This book takes you from account provisioning to authentication to authorization, and covers troubleshooting and common problems to avoid. The authors include predictions about why this will be even more important in the future. Application best practices with coding samples are provided. Solving Identity and Access Management in Modern Applications gives you what you need to design identity and access management for your applications and to describe it to stakeholders with confidence. You will be able to explain account creation, session and access management, account termination, and more.Go to this book
Book Title: Password Authentication for Web and Mobile Apps: The Developer’s Guide To Building Secure User Authentication
Our Take: Dmitry Chestnykh has been writing software for over twenty years, and now consults on applied cryptography and software security.
“Authenticating users with passwords is a fundamental part of web and mobile security. It is also the part that’s easy to get wrong. This book is for developers who want to learn how to implement password authentication correctly and securely. It answers many questions that everyone has when writing their own authentication system or learning a framework that implements it.”
Book Title: Hacking Multifactor Authentication
Our Take: Roger Grimes is a Principal Security Architect at Microsoft, and works with Microsoft Windows, Linux, and BSD. He is also a prolific author and speaker.
“This book covers over two dozen ways that various MFA solutions can be hacked, including the methods (and defenses) common to all MFA solutions. You’ll learn about the various types of MFA solutions, their strengthens and weaknesses, and how to pick the best, most defensible MFA solution for your (or your customers’) needs. Finally, this book reveals a simple method for quickly evaluating your existing MFA solutions. If using or developing a secure MFA solution is important to you, you need this book.”
Book Title: Practical Internet of Things Security
Our Take: Brian Russell is a Chief Engineer focused on Cyber Security Solutions for Leidos.Drew Van Duren is a senior cryptographic and cybersecurity engineer at Leidos.
Description: This book will take readers on a journey that begins with understanding the IoT and how it can be applied in various industries, goes on to describe the security challenges associated with the IoT, and then provides a set of guidelines to architect and deploy a secure IoT in your Enterprise. The book will showcase how the IoT is implemented in early-adopting industries and describe how lessons can be learned and shared across diverse industries to support a secure IoT.
Our Take: All of the authors contribute their considerable expertise in cybersecurity to this book, which helps you reconceptualize threats to the IoT.
Description: Written by all-star security experts, Practical IoT Hacking is a quick-start conceptual guide to testing and exploiting IoT systems and devices. Drawing from the real-life exploits of five highly regarded IoT security researchers, Practical IoT Hacking teaches you how to test IoT systems, devices, and protocols to mitigate risk. The book begins by walking you through common threats and a threat modeling framework. You’ll develop a security testing methodology, discover the art of passive reconnaissance, and assess security on all layers of an IoT system. Next, you’ll perform VLAN hopping, crack MQTT authentication, abuse UPnP, develop an mDNS poisoner, and craft WS-Discovery attacks.
Book Title: Cybersecurity Threats, Malware Trends, and Strategies: Learn to mitigate exploits, malware, phishing, and other social engineering attacks
Our Take: Tim Rains worked at Microsoft for the better part of two decades where he held a number of roles including Global Chief Security Advisor, Director of Security, Identity and Enterprise Mobility, and Director of Trustworthy Computing.
Description: Cybersecurity Threats, Malware Trends, and Strategies offers an unprecedented long-term view of the global threat landscape by examining the twenty-year trend in vulnerability disclosures and exploitation, nearly a decade of regional differences in malware infections, the socio-economic factors that underpin them, and how global malware has evolved. This will give you further perspectives into malware protection for your organization. It also examines internet-based threats that CISOs should be aware of.
Our Take: Wil Allsopp is an IT security expert with 20 years experience, specializing in red team engagements, penetration testing, vulnerability assessment, and security audits.
Description: Advanced Penetration Testing: Hacking the World’s Most Secure Networks takes hacking far beyond Kali Linux and Metasploit to provide a more complex attack simulation. Featuring techniques not taught in any certification prep or covered by common defensive scanners, this book integrates social engineering, programming, and vulnerability exploits into a multidisciplinary approach for targeting and compromising high-security environments…this guide contains the crucial techniques that provide a more accurate picture of your system’s defense.
Book Title: Ransomware Revealed: A Beginner’s Guide to Protecting and Recovering from Ransomware Attacks
Our Take: Nihad A. Hassan is an independent information security consultant, digital forensics and cybersecurity expert, online blogger, and book author. He has been actively conducting research in different areas of information security for more than a decade.
Description: Despite the security controls set by organizations to protect their digital assets, ransomware is still dominating the world of security and will continue to do so in the future. Ransomware Revealed discusses the steps to follow if a ransomware infection occurs, such as how to pay the ransom through anonymous payment methods, perform a backup and restore your affected files, and search online to find a decryption tool to unlock (decrypt) your files for free. Mitigation steps are discussed in-depth for both endpoint devices and network systems.
Solutions Review participates in affiliate programs. We may make a small commission from products purchased through this resource.
- Best Books for Defending the Digital Perimeter - September 14, 2021
- Apple Vulnerability Places All of Apple iOS at Risk - September 14, 2021
- CrowdStrike Releases 2021 Threat Hunting Report from Falcon OverWatch - September 13, 2021