Being able to understand and change reality through our knowledge and skill is literal magic. We’re building systems with so many exciting and unexpected properties that can be exploited and repurposed for both good and evil. I want to keep some of that magic and help people engineer – build great systems that make people’s lives better. I’ve been securing (and breaking) systems, from operating rooms to spaceships, from banks to self-driving cars for over 25 years. The biggest lesson I’ve learned is that if security is not infused from the start, we’re forced to rely on what ought to be our last lines of defense. This list helps you infuse security into your systems.
This book captures lessons from many authors at Google, some of whom I’ve worked with over the years. The chapters on availability (7, 8, 9) were a revelation to me. I had no idea how Google approaches the topic of resilience and recovery in their systems, and I now think of the whole topic very differently. The biggest takeaway is how to think about the design of systems.
Can a system be considered truly reliable if it isn't fundamentally secure? Or can it be considered secure if it's unreliable? Security is crucial to the design and operation of scalable systems in production, as it plays an important part in product quality, performance, and availability. In this book, experts from Google share best practices to help your organization design scalable and reliable systems that are fundamentally secure.
Two previous O'Reilly books from Google-Site Reliability Engineering and The Site Reliability Workbook-demonstrated how and why a commitment to the entire service lifecycle enables organizations to successfully build, deploy, monitor, and maintain…
When I worked in application security at Microsoft, we still had products that shipped every few years. I learned to scale application security in that world, but many people live in a different world now. AAS helped me understand which of our approaches translated well, which had to be transformed, and which needed to be discarded or replaced. I regularly refer back to it, even a few years later.
Agile continues to be the most adopted software development methodology among organizations worldwide, but it generally hasn't integrated well with traditional security management techniques. And most security professionals aren't up to speed in their understanding and experience of agile development. To help bridge the divide between these two worlds, this practical guide introduces several security tools and techniques adapted specifically to integrate with agile development.
Written by security experts and agile veterans, this book begins by introducing security principles to agile practitioners, and agile principles to security practitioners. The authors also reveal problems they encountered in their own experiences with…
We’ve all experienced the overwhelming level of political and social divisiveness in our country. This invisible “virus” of negativity is, in part, the result of the name-calling and heated rhetoric that has become commonplace among commentators and elected leaders alike.
My book provides a clear perspective on the historical and…
Loren’s been contributing to security for over 40 years, and this book captures his hard-won wisdom in a way that’s both humble and accessible. It scales from principles and design approaches to in-depth explanations of exactly how things go wrong and how to avoid those problems. (Also, I was honored to write the foreword.)
Designing Secure Software consolidates Loren Kohnfelder's more than twenty years of experience into a concise, elegant guide to improving the security of technology products. Written for a wide range of software professionals, it emphasizes building security into software design early and involving the entire team in the process. The book begins with a discussion of core concepts. The second part, perhaps this book's most important contribution, covers the process of designing and reviewing a software design with security considerations in mind. The final section details the most common coding flaws that create vulnerabilities, making copious use of code snippets written…
As we move to a world in which security is everyone’s job, we have to understand that’s a change in what we expect of people, and change is hard. This book is short and actionable and will help security pros understand the changes that need to happen. Unlike a lot of business books, it’s not full of platitudes or repetition. Even when we’re not actively leading change, understanding the challenges leaders face enables us to plan and participate better to achieve our goals.
The international bestseller--now with a new preface by author John Kotter. Millions worldwide have read and embraced John Kotter's ideas on change management and leadership. From the ill-fated dot-com bubble to unprecedented M&A activity to scandal, greed, and ultimately, recession--we've learned that widespread and difficult change is no longer the exception. It's the rule. Now with a new preface, this refreshed edition of the global bestseller Leading Change is more relevant than ever. John Kotter's now-legendary eight-step process for managing change with positive results has become the foundation for leaders and organizations across the globe. By outlining the process every…
Few of us take the time to analyze our financial needs and goals to answer that pressing question. In Wealth Odyssey, author Larry R. Frank Sr. uses his extensive financial background to provide a universal road map that will help…
Boeing used to be a paragon of how engineering-driven companies could deliver amazing products and amazing profits. This book chronicles how that changed, and how Boeing lost its guiding principles. It shows how prioritizing the stock price over the business or the people who flew in its planes led to decisions that literally killed hundreds of people. Engineering concerns were regularly set aside for schedule or cost reasons. Most of us don’t work on products whose failures cause hundreds of deaths, but there’s an important lesson about being proud of the work you do and the products you deliver, and how that can make for a great business.
NEW YORK TIMES BUSINESS BESTSELLER • A suspenseful behind-the-scenes look at the dysfunction that contributed to one of the worst tragedies in modern aviation: the 2018 and 2019 crashes of the Boeing 737 MAX.
An "authoritative, gripping and finely detailed narrative that charts the decline of one of the great American companies" (New York Times Book Review), from the award-winning reporter for Bloomberg.
Boeing is a century-old titan of industry. It played a major role in the early days of commercial flight, World War II bombing missions, and moon landings. The planemaker remains a cornerstone of the U.S. economy, as…
How to anticipate and address software threats before you’ve written a line of code. The proven tools in this book can be applied by anyone. They give you a structured and systematic approach that are be applied at any scale – from a website built with CI/CD to complex waterfall projects like spacecraft.
This book captures years of experience in a simple, accessible, and practical way.
Who Will Take Care of Me When I'm Old?
By
Joy Loverde,
Everything you need to know to plan for your own safe, financially secure, healthy, and happy old age.
For those who have no support system in place, the thought of aging without help can be a frightening, isolating prospect. Whether you have friends and family ready and able to help…
This manual addresses the need to ensure that people are at the centre of the organisation. There has never been a timelier reminder of the need to ensure that leading, supporting and developing staff are critical aspects of creating the right organisational culture to grow and develop. Written with sensitivity,…
