The best books about DevSecOps (it is just like DevOps, done securely)

Why am I passionate about this?

I have worked in IT for over 25 years, creating and securing software. I am completely obsessed with ensuring that our software is more reliable, that its integrity can be trusted, and that it keeps our secrets safe. I am not only a computer scientist but an ethical hacker who works hard to create a dialogue between software developers and all of the people who work in our security industry. I am a teacher, a community leader, and a computer nerd who shares messages and lessons wherever she goes.


I wrote...

Alice and Bob Learn Application Security

By Tanya Janca,

Book cover of Alice and Bob Learn Application Security

What is my book about?

My book is for people who want to know what application security is, to start working in that field, or for software developers who want to ensure they create secure software.

It has short stories of the two characters, Alice and Bob, who have lives, jobs, families, and even health conditions that they need to manage, all while they do their jobs. Throughout the book, there is code, stories from the author, and countless examples of how all of the security decisions we make protect, or hurt, the customers that we strive to serve. The book follows the system development life cycle (SDLC - requirements, design, coding, testing, and release/maintenance), sprinkling security activities into every phase. 

Shepherd is reader supported. When you buy books, we may earn an affiliate commission.

The books I picked & why

Book cover of The DevOps Handbook: How to Create World-Class Agility, Reliability, & Security in Technology Organizations

Tanya Janca Why did I love this book?

The DevOps Handbook is literally an instructional guide on how to do DevOps, properly.

It includes security, it includes how to run operations in a smooth and reliable manner, and of course, how to develop amazing software. It gets into all the nitty gritty, with every detail you would need in order to create a good DevOps system development lifecycle within your organization.

This is a technical book with technical examples.

By Gene Kim, Jez Humble, Patrick Debois , John Willis , Nicole Forsgren

Why should I read it?

1 author picked The DevOps Handbook as one of their favorite books, and they share why you should read it.

What is this book about?

This award-winning and bestselling business handbook for digital transformation is now fully updated and expanded with the latest research and new case studies!

"[The DevOps Handbook] remains a must-read for any organization seeking to scale up its IT capability and expand DevOps practices across multiple departments or lines of business." -Mike Perrow, TechBeacon

For years, The DevOps Handbook has been the definitive guide for taking the successes laid out in the bestselling The Phoenix Project and applying them in any organization. Now, with this fully updated and expanded edition, it's time to take DevOps out of the IT department and…


Book cover of The Phoenix Project: A Novel about IT, DevOps, and Helping Your Business Win

Tanya Janca Why did I love this book?

The Phoenix Project is a storybook about affect fictious company called parts unlimited.

I swear I must have worked at this company at some point in my career, it feels so familiar! It follows a story of an organization that used waterfall in order to make software and all the problems that happened from using this very old software development methodology.

Throughout the story they ‘discover’ how to do DevOps, slowly improving all of their process is until they have a smooth-oiled software creation machine. This includes many stories about security and why the old ways of doing information security just don't work within a DevOps environment.

The characters in this book are both lovable, and relatable. I would never have thought a fictitious story about an IT department could be so fun to read!

By Gene Kim, Kevin Behr, George Spafford

Why should I read it?

2 authors picked The Phoenix Project as one of their favorite books, and they share why you should read it.

What is this book about?

***Over a half-million sold! And available now, the Wall Street Journal Bestselling sequel The Unicorn Project***

"Every person involved in a failed IT project should be forced to read this book."-TIM O'REILLY, Founder & CEO of O'Reilly Media

"The Phoenix Project is a must read for business and IT executives who are struggling with the growing complexity of IT."-JIM WHITEHURST, President and CEO, Red Hat, Inc.

Five years after this sleeper hit took on the world of IT and flipped it on it's head, the 5th Anniversary Edition of The Phoenix Project continues to guide IT in the DevOps revolution.…


Book cover of Accelerate: The Science of Lean Software and DevOps: Building and Scaling High Performing Technology Organizations

Tanya Janca Why did I love this book?

Accelerate is a book about data. The authors used data collected during their PhD projects in order to prove The DevOps is effective.

They have all sorts of different ways to measure DevOps, it sufficiency, and the fact that way more projects succeed when you do DevOps, rather than waterfall methodology.

The book essentially show can be used as evidence of return on investment when modernizing your IT department. I am a person who loves data, and thus I absolutely love this book. Also, if you listen to the audiobook version, one of the authors reads it to you and her personality really shines through in a fun way.

I really enjoyed listening to Nicole read a book about to me about data!

By Nicole Forsgren, Jez Humble, Gene Kim

Why should I read it?

3 authors picked Accelerate as one of their favorite books, and they share why you should read it.

What is this book about?

Winner of the Shingo Publication Award


Accelerate your organization to win in the marketplace.


How can we apply technology to drive business value? For years, we've been told that the performance of software delivery teams doesn't matter that it can't provide a competitive advantage to our companies. Through four years of groundbreaking research to include data collected from the State of DevOps reports conducted with Puppet, Dr. Nicole Forsgren, Jez Humble, and Gene Kim set out to find a way to measure software delivery performance and what drives it using rigorous statistical methods. This book presents both the findings and…


Book cover of The Unicorn Project: A Novel about Developers, Digital Disruption, and Thriving in the Age of Data

Tanya Janca Why did I love this book?

The Unicorn Project book picks up where The Phoenix Project book ended.

There is a new character introduced named Maxine, and I want to be Maxine when I grow up! Her character is brave, fun, and endlessly patient as she transforms the way they build software to more effective and productive methods.

She has a family, and life outside her org, which is something I feel all of us can relate to, balancing life and work. She really saves the day, over and over again, as the book proceeds to change, update, and improve every single thing they do within parts unlimited, the fictitious company in this story.

It was a very fun sequel to The Phoenix Project.

By Gene Kim,

Why should I read it?

1 author picked The Unicorn Project as one of their favorite books, and they share why you should read it.

What is this book about?

The Phoenix Project wowed over a half-million readers. Now comes the Wall Street Journal Bestselling The Unicorn Project!

"The Unicorn Project is amazing, and I loved it 100 times more than The Phoenix Project..."-FERNANDO CORNAGO, Senior Director Platform Engineering, Adidas

"Gene Kim does a masterful job of showing how ... the efforts of many create lasting business advantages for all."-DR. STEVEN SPEAR, author of The High-Velocity Edge, Sr. Lecturer at MIT, and principal of HVE LLC.

"The Unicorn Project is so clever, so good, so crazy enlightening!"--CORNELIA DAVIS, Vice President Of Technology at Pivotal Software, Inc., Author of Cloud Native…


Book cover of Investments Unlimited: A Novel About DevOps, Security, Audit Compliance, and Thriving in the Digital Age

Tanya Janca Why did I love this book?

This book is set in the same universe as The Phoenix Project and The Unicorn Project, but it's at a new company named investments unlimited.

It's also a fictitious story, but with all brand new characters, and brand new problems! In this book they cover security much more deeply than any of the other previous books, talking about how compliance and audit can work together with the information security and DevOps teams.

They talk about common problems that I have faced in many organizations, and a lot of the stories feel so familiar I wonder if the authors have followed me around throughout my career.

Although of course they save the day in the end, there are many parts of the book where we're not quite sure if they're going to make it or not with various characters learning to see things in new ways, so that they can make everything finally come together in the end.

By Helen Beal, Bill Bensing, Jason Cox , Michael Edenzon , John Willis

Why should I read it?

1 author picked Investments Unlimited as one of their favorite books, and they share why you should read it.

What is this book about?

In the vein of the bestselling The Phoenix Project and The Unicorn Project, Investments Unlimited radically rethinks how organizations can handle the audit, compliance, and security of their software systems-even in highly regulated industries. By introducing concepts, tools, and ideas to reimagine governance, Investments Unlimited catalyzes a more humane way to enable high-velocity software delivery that is inherently more secure.

Investments Unlimited, Inc. has accomplished what many other firms in their industry have failed to do: they have successfully navigated the transition from legacy ways of working to the digital frontier. With the help of DevOps practices, Investments Unlimited delivers…


You might also like...

Act Like an Author, Think Like a Business: Ways to Achieve Financial Literary Success

By Joylynn M Ross, Falessia Booker (editor),

Book cover of Act Like an Author, Think Like a Business: Ways to Achieve Financial Literary Success

Joylynn M Ross

New book alert!

What is my book about?

Act Like an Author, Think Like a Business is for anyone who wants to learn how to make money with their book and make a living as an author. Many authors dive into the literary industry without taking time to learn the business side of being an author, which can hinder book sales and the money that can be made as an author.

This resource serves as a guide to mastering the art of financial literary success and to help avoid the mistakes that many authors make while learning the ropes on their own. This book helps authors “think outside…

Act Like an Author, Think Like a Business: Ways to Achieve Financial Literary Success

By Joylynn M Ross, Falessia Booker (editor),

What is this book about?

Do you want to make money with your book? Do you want to make a living as an author? There’s more to doing so than simply writing and publishing your book. Many authors dive into the literary industry without taking time to learn the business side of being an author. This could dramatically hinder your book sales and the money you can make as an author. Without a guide such as this, mastering the art of financial literary success can take you years, and you’ll be sure to make mistakes during the learning phase. Some mistakes could cost you money;…


5 book lists we think you will like!

Interested in information technology, computer networks, and software?

11,000+ authors have recommended their favorite books and what they love about them. Browse their picks for the best books about information technology, computer networks, and software.

Information Technology Explore 42 books about information technology
Computer Networks Explore 11 books about computer networks
Software Explore 57 books about software