Sometimes, the key to technological advancement is decidedly old-school.
Endpoint security is an essential component of any enterprise’s security kit, but making sure your team understands your solution is another conversation. Additionally, as endpoint security begins the transition from a preventative paradigm to a detection paradigm, your IT security team needs to understand how to manage new capabilities and priorities.
There are loads of free resources available online (such as Solutions Review’s best practices articles, solutions directories, and buyer’s guides), and those resources are great, but sometimes it’s best to do things the old-fashioned way… and there are few resources that can match the in-depth, comprehensive detail of good endpoint security books.
We compiled a short list of the top introductory endpoint security books. We tried to keep our selection of endpoint security books to within the past 5 years and to keep it balanced between traditional endpoint protection and security detection.
The Endpoint Security Paradox: Realising Implementation Success
By Andrew Avanessian
Andrew Avanessian shares his vast experience in endpoint security in this recent title.
Andrew will discuss the polarised opposites of security and usability, exploring the limitations of typical tools and technologies used to combat today’s advanced threats. He will provide clear recommendations, tips for implementation success and advice on vendor selection, creating a guide to adopting a proactive security approach that is proven to work in the real world.
You can purchase Andrew Avanessian’s The Endpoint Security Paradox here.
The Hacker Playbook: Practical Guide To Penetration Testing
by Peter Kim
The first of Peter Kim’s series of endpoint security books.
Written by a longtime security professional and CEO of Secure Planet, LLC, this step-by-step guide to the “game” of penetration hacking features hands-on examples and helpful advice from the top of the field. Through a series of football-style “plays,” this straightforward guide gets to the root of many of the roadblocks people may face while penetration testing—including attacking different types of networks, pivoting through security controls, and evading antivirus software.
You can purchase Peter Kim’s The Hacker Playbook: Practical Guide to Penetration Testing here.
The Hacker Playbook 2: Practical Guide To Penetration Testing
by Peter Kim
The second of Peter Kim’s series of endpoint security books.
This second version of The Hacker Playbook takes all the best “plays” from the original book and incorporates the latest attacks, tools, and lessons learned. Double the content compared to its predecessor, this guide further outlines building a lab, walks through test cases for attacks, and provides more customized code.
You can purchase Peter Kim’s The Hacker Playbook 2: Practical Guide to Penetration Testing here.
The Hacker Playbook 3: Practical Guide To Penetration Testing
by Peter Kim
The third of Peter Kim’s series of endpoint security books, and one only released a few months ago.
The main purpose of this book is to answer questions as to why things are still broken. For instance, with all the different security products, secure code reviews, defense in depth, and penetration testing requirements, how are we still seeing massive security breaches happening to major corporations and governments? The real question we need to ask ourselves is, are all the safeguards we are putting in place working?
You can purchase Peter Kim’s The Hacker Playbook 3: Practical Guide to Penetration Testing here.
Hacking Exposed 7: Network Security Secrets and Solutions (7th Edition)
By Stuart McClure, Joel Scambray, and George Kurtz
Bolster your system’s security and defeat the tools and tactics of cyber-criminals with expert advice and defense strategies from the world-renowned Hacking Exposed team. Case studies expose the hacker’s latest devious methods and illustrate field-tested remedies.
You can purchase Hacking Exposed 7: Network Security Secrets and Solutions here.
The Practice of Network Security Monitoring: Understanding Incident Detection and Response
By Richard Bejtlich
One of the classic texts on Incident Detection and Response.
In The Practice of Network Security Monitoring, Mandiant CSO Richard Bejtlich shows you how to use NSM to add a robust layer of protection around your networks—no prior experience required. To help you avoid costly and inflexible solutions, he teaches you how to deploy, build, and run an NSM operation using open source software and vendor-neutral tools.
You can purchase Richard Bejtlich’s The Practice of Network Security Monitoring: Understanding Incident Detection and Response here.
The Tao of Network Security Monitoring: Beyond Intrusion Detection
By Richard Bejtlich
One of the most frequently cited endpoint security books so far.
Richard Bejtlich explores the products, people, and processes that implement the NSM model. By focusing on case studies and the application of open source tools, he helps you gain hands-on knowledge of how to better defend networks and how to mitigate damage from security incidents.
You can purchase Richard Betjlich’s The Tao of Network Security Monitoring: Beyond Intrusion Detection here.
Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber Security Incident Responder
By Don Murdoch GSE
A must-read for security teams of any size.
The BTHb includes essential information in a condensed handbook format. Main topics include the incident response process, how attackers work, common tools for incident response, a methodology for network analysis, common indicators of compromise, Windows and Linux analysis processes, tcpdump usage examples, Snort IDS usage, packet headers, and numerous other quick reference topics.
You can purchase Richard Betjlich’s Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber Security Incident Responder here.
Intrusion Detection Networks: A Key to Collaborative Security
By Carol Fung and Raouf Boutaba
Providing a complete introduction to IDSs and IDNs, it explains the benefits of building IDNs, identifies the challenges underlying their design, and outlines possible solutions to these problems. It also reviews the full-range of proposed IDN solutions―analyzing their scope, topology, strengths, weaknesses, and limitations.
You can purchase Carol Fung’s and Raouf Boutaba’s Intrusion Detection Networks: A Key to Collaborative Security here.
The Four Pillars of Endpoint Security: Safeguarding Your Network in the Age of Cloud Computing and the Bring-Your-Own-Device Trend
By Dan Griffin
Security is an advantage: the Bring-Your-Own-Device (BYOD) trend in enterprise IT has caused users to expect anywhere/anytime access to sensitive data, from any mobile device. But IT managers are nervous about serving sensitive corporate data to devices that lack sophisticated security controls. By applying the Four Pillars of Endpoint Security, businesses can stay competitive and operate without interruption, which leads to higher productivity and business velocity.
You can purchase Dan Griffin’s The Four Pillars of Endpoint Security: Safeguarding Your Network in the Age of Cloud Computing and the Bring-Your-Own-Device Trend here.
Latest posts by Ben Canner (see all)
- The Five Best Consumer Antivirus Products and Tools - July 2, 2020
- Critical Capabilities in Modern Remote Endpoint Security - June 30, 2020
- Where Does Endpoint Security Overlap With Identity Management? - June 26, 2020