Being able to understand and change reality through our knowledge and skill is literal magic. We’re building systems with so many exciting and unexpected properties that can be exploited and repurposed for both good and evil. I want to keep some of that magic and help people engineer – build great systems that make people’s lives better. I’ve been securing (and breaking) systems, from operating rooms to spaceships, from banks to self-driving cars for over 25 years. The biggest lesson I’ve learned is that if security is not infused from the start, we’re forced to rely on what ought to be our last lines of defense. This list helps you infuse security into your systems.
How to anticipate and address software threats before you’ve written a line of code. The proven tools in this book can be applied by anyone. They give you a structured and systematic approach that are be applied at any scale – from a website built with CI/CD to complex waterfall projects like spacecraft.
This book captures years of experience in a simple, accessible, and practical way.
This book captures lessons from many authors at Google, some of whom I’ve worked with over the years. The chapters on availability (7, 8, 9) were a revelation to me. I had no idea how Google approaches the topic of resilience and recovery in their systems, and I now think of the whole topic very differently. The biggest takeaway is how to think about the design of systems.
Can a system be considered truly reliable if it isn't fundamentally secure? Or can it be considered secure if it's unreliable? Security is crucial to the design and operation of scalable systems in production, as it plays an important part in product quality, performance, and availability. In this book, experts from Google share best practices to help your organization design scalable and reliable systems that are fundamentally secure.
Two previous O'Reilly books from Google-Site Reliability Engineering and The Site Reliability Workbook-demonstrated how and why a commitment to the entire service lifecycle enables organizations to successfully build, deploy, monitor, and maintain…
When I worked in application security at Microsoft, we still had products that shipped every few years. I learned to scale application security in that world, but many people live in a different world now. AAS helped me understand which of our approaches translated well, which had to be transformed, and which needed to be discarded or replaced. I regularly refer back to it, even a few years later.
Agile continues to be the most adopted software development methodology among organizations worldwide, but it generally hasn't integrated well with traditional security management techniques. And most security professionals aren't up to speed in their understanding and experience of agile development. To help bridge the divide between these two worlds, this practical guide introduces several security tools and techniques adapted specifically to integrate with agile development.
Written by security experts and agile veterans, this book begins by introducing security principles to agile practitioners, and agile principles to security practitioners. The authors also reveal problems they encountered in their own experiences with…
Loren’s been contributing to security for over 40 years, and this book captures his hard-won wisdom in a way that’s both humble and accessible. It scales from principles and design approaches to in-depth explanations of exactly how things go wrong and how to avoid those problems. (Also, I was honored to write the foreword.)
Designing Secure Software consolidates Loren Kohnfelder's more than twenty years of experience into a concise, elegant guide to improving the security of technology products. Written for a wide range of software professionals, it emphasizes building security into software design early and involving the entire team in the process. The book begins with a discussion of core concepts. The second part, perhaps this book's most important contribution, covers the process of designing and reviewing a software design with security considerations in mind. The final section details the most common coding flaws that create vulnerabilities, making copious use of code snippets written…
As we move to a world in which security is everyone’s job, we have to understand that’s a change in what we expect of people, and change is hard. This book is short and actionable and will help security pros understand the changes that need to happen. Unlike a lot of business books, it’s not full of platitudes or repetition. Even when we’re not actively leading change, understanding the challenges leaders face enables us to plan and participate better to achieve our goals.
The international bestseller--now with a new preface by author John Kotter. Millions worldwide have read and embraced John Kotter's ideas on change management and leadership. From the ill-fated dot-com bubble to unprecedented M&A activity to scandal, greed, and ultimately, recession--we've learned that widespread and difficult change is no longer the exception. It's the rule. Now with a new preface, this refreshed edition of the global bestseller Leading Change is more relevant than ever. John Kotter's now-legendary eight-step process for managing change with positive results has become the foundation for leaders and organizations across the globe. By outlining the process every…
Boeing used to be a paragon of how engineering-driven companies could deliver amazing products and amazing profits. This book chronicles how that changed, and how Boeing lost its guiding principles. It shows how prioritizing the stock price over the business or the people who flew in its planes led to decisions that literally killed hundreds of people. Engineering concerns were regularly set aside for schedule or cost reasons. Most of us don’t work on products whose failures cause hundreds of deaths, but there’s an important lesson about being proud of the work you do and the products you deliver, and how that can make for a great business.
NEW YORK TIMES BUSINESS BESTSELLER • A suspenseful behind-the-scenes look at the dysfunction that contributed to one of the worst tragedies in modern aviation: the 2018 and 2019 crashes of the Boeing 737 MAX.
An "authoritative, gripping and finely detailed narrative that charts the decline of one of the great American companies" (New York Times Book Review), from the award-winning reporter for Bloomberg.
Boeing is a century-old titan of industry. It played a major role in the early days of commercial flight, World War II bombing missions, and moon landings. The planemaker remains a cornerstone of the U.S. economy, as…
Coming from the perspective of a neurosurgeon, I have witnessed many successes and failures over more than four decades. I recognized decades ago that communication with patients at a level that involves emotions is a necessary part of being a complete physician. This involves being empathetic and, henceforth, digging deep to find the strength to be transparent, vulnerable, compassionate, understanding, and, when needed, forceful (some would call this paternalism). Although the five books I have chosen to highlight vary widely in content, they have one common theme – finding within us the will and wherewithal to succeed.
My book is a collection of monthly Editor-in-Chief letters to the readership of World Neurosurgery, a journal that I edit. Each essay is short and sweet. The letters were written for neurosurgeons but have been re-edited so that they apply to all human beings. They cover topics such as leadership, empathy, vulnerability, stress, burnout, and on and on…. These essays are relevant for all who strive to craft a better version of themselves.
Life lessons learned by the author during his 40+ year neurosurgery career are shared and translated into real-life scenarios. Between the covers are many lessons that are derived from the experiences of the author and then applied to all humans. The mastering of these lessons should translate into a sense of pride and satisfaction. In keeping with the theme of the book, this process should culminate in the feeling at the end of the day that ‘Today was, indeed, a good day.’
Today Was A Good Day: A Collection of Essays From The Heart Of A Neurosurgeon
About the Book Today Was A Good Day: A Collection of Essays From The Heart Of A Neurosurgeon features many topics that pertain to how neurosurgeons interact with others and how each of us can use introspection to modify how we are using tools and strategies such as empathy, respect, stress management, and much more. This book provides some insights into leadership, effective communication, and fulfillment from the perspective of a neurosurgeon, and it causes the reader to think about and consider many, many attributes of a leader. We all want to have a good day. This book provides strategies…
