Here are 61 books that Security Engineering fans have personally recommended if you like
Security Engineering.
Shepherd is a community of 12,000+ authors and super readers sharing their favorite books with the world.
I taught myself to code back in 1994 while working the graveyard shift as a geologist in the environmental industry. My job consisted of sitting in a chair during the dark hours of the night in a shopping center in Stockton, CA, watching another geologist take samples from wells in the parking lot. A friend of mine suggested I learn to code because I liked computers. I don’t mean to make this out to be a “it’s so simple anyone can do it!” You need to have a relentless drive to learn, which is why I wrote my book, The Imposter’s Handbook - as an active step to learning what I didn’t know I didn’t know.
This book makes me jealous as the author has an incredible ability to communicate the densest of topics (Cryptography) in an engaging, wonderful way.
It draws you in and you find yourself transported to battlefields and war rooms of the past. I’ve always taken cryptography for granted - I type httpsinto my browser and navigate to a site and all’s well. I know things are reasonably secure - but why?
It turns out that RSA, the algorithm that underpins things like SSL and SSH, is a landmark of human achievement and did something that millennia of mathematicians and scientists could not: provide secure, end-to-end encryption. A wonderful story.
In his first book since the bestselling Fermat's Enigma, Simon Singh offers the first sweeping history of encryption, tracing its evolution and revealing the dramatic effects codes have had on wars, nations, and individual lives. From Mary, Queen of Scots, trapped by her own code, to the Navajo Code Talkers who helped the Allies win World War II, to the incredible (and incredibly simple) logisitical breakthrough that made Internet commerce secure, The Code Book tells the story of the most powerful intellectual weapon ever known: secrecy.
Throughout the text are clear technical and mathematical explanations, and portraits of the remarkable…
I started learning cryptography in the early 2000s with books borrowed from my university’s library, and with information I could find online. Since then I’ve practiced cryptography for 15 years in a variety of contexts: as an academic researcher, while working on my PhD; as a cryptography engineer for software and hardware pay-TV systems; as a consultant for private and public sector clients; as a vulnerability researcher in my spare time; as a code auditor for cryptography projects; as a start-up founder in the domain of IoT security; and as CSO (chief security officer) of a fintech start-up. I live in Lausanne, Switzerland, and besides crypto I enjoy literature, rock climbing, and playing classical guitar.
If you want to compose or play music, you need to know some basic music theory: notes, scales, chords, and so on. Likewise, solid cryptography knowledge requires understanding its foundations: concepts such as one-way function, pseudorandom generators, computational hardness, secure encryption, and zero-knowledge proofs. Goldreich’s books are the best starting point for those who want to delve into cryptography theory.
Cryptography is concerned with the conceptualization, definition and construction of computing systems that address security concerns. The design of cryptographic systems must be based on firm foundations. This book presents a rigorous and systematic treatment of the foundational issues: defining cryptographic tasks and solving new cryptographic problems using existing tools. It focuses on the basic mathematical tools: computational difficulty (one-way functions), pseudorandomness and zero-knowledge proofs. The emphasis is on the clarification of fundamental concepts and on demonstrating the feasibility of solving cryptographic problems, rather than on describing ad-hoc approaches. The book is suitable for use in a graduate course on…
I am an academic researcher and an avid non-fiction reader. There are many popular books on science or music, but it’s much harder to find texts that manage to occupy the space between popular and professional writing. I’ve always been looking for this kind of book, whether on physics, music, AI, or math – even when I knew that as a non-pro, I wouldn’t be able to understand everything. In my new book I’ve been trying to accomplish something similar: A book that can intrigue readers who are not professional economic theorists, that they will find interesting even if they can’t follow everything.
A simple (not perfect) test of whether you’re going to love this book: Just check out the author’s blog, called “shtetl-optimized”. The style is similar: sharp, funny, mixing professional theoretical Computer Science with broader takes.
I am still in the middle of the book, and nevertheless, I’m happy to recommend it. As an amateur with superficial CS knowledge, I am enjoying this introduction to classical complexity theory and the basic theory of quantum computation.
Aaronson’s distinctive style makes the ride all the more enjoyable. It’s neither a “real” textbook nor a pop-science book. It’s in a weird space somewhere in between, and I love it!
Written by noted quantum computing theorist Scott Aaronson, this book takes readers on a tour through some of the deepest ideas of maths, computer science and physics. Full of insights, arguments and philosophical perspectives, the book covers an amazing array of topics. Beginning in antiquity with Democritus, it progresses through logic and set theory, computability and complexity theory, quantum computing, cryptography, the information content of quantum states and the interpretation of quantum mechanics. There are also extended discussions about time travel, Newcomb's Paradox, the anthropic principle and the views of Roger Penrose. Aaronson's informal style makes this fascinating book accessible…
I started learning cryptography in the early 2000s with books borrowed from my university’s library, and with information I could find online. Since then I’ve practiced cryptography for 15 years in a variety of contexts: as an academic researcher, while working on my PhD; as a cryptography engineer for software and hardware pay-TV systems; as a consultant for private and public sector clients; as a vulnerability researcher in my spare time; as a code auditor for cryptography projects; as a start-up founder in the domain of IoT security; and as CSO (chief security officer) of a fintech start-up. I live in Lausanne, Switzerland, and besides crypto I enjoy literature, rock climbing, and playing classical guitar.
Although David is a friend, I only recommend his book because it’s great, both in terms of content and presentation. Real-World Cryptography is today’s reference book about cryptographic tools and applications: Modern schemes such as the SHA-3 hash function and the Noise protocol framework, end-to-end encryption protocols, cryptocurrencies’ cryptography mechanisms, as well as emerging techniques like fully-homomorphic encryption and multi-party computation; Wong’s book delivers a practice-oriented, accessible introduction, enriched by many visual illustrations (including original comics strips!), and exercises (with their solutions).
If you're browsing the web, using public APIs, making and receiving electronic payments, registering and logging in users, or experimenting with blockchain, you're relying on cryptography. And you're probably trusting a collection of tools, frameworks, and protocols to keep your data, users, and business safe. It's important to understand these tools so you can make the best decisions about how, where, and why to use them. Real-World Cryptography teaches you applied cryptographic techniques to understand and apply security at every level of your systems and applications. about the technologyCryptography is the foundation of information security. This simultaneously ancient and emerging…
I’ve been playing with computers and electronics since childhood. I even supported the people in my village with their computer issues back then. During my studies in electrical engineering, I learned how to solve technical challenges with structured approaches. At this time, I became fascinated by topics like cryptography and embedded system security. The books on this list helped me understand important concepts and practical real-world obstacles. I hope they are also of value to you!
I love this book because it has the power to pull even technical people out of their “security technology will save the world” bubble. I regularly encounter engineers randomly throwing countermeasures like strong encryption, secure boot, and TPMs at devices without knowing why.
This book provided me with a set of methods and practical hints for identifying and assessing relevant security threats—a much better starting point than penetration testing!
The only security book to be chosen as a Dr. Dobbs Jolt Award Finalist since Bruce Schneier's Secrets and Lies and Applied Cryptography! Adam Shostack is responsible for security development lifecycle threat modeling at Microsoft and is one of a handful of threat modeling experts in the world. Now, he is sharing his considerable expertise into this unique book. With pages of specific actionable advice, he details how to build better security into the design of systems, software, or services from the outset. You'll explore various threat modeling approaches, find out how to test your designs against threats, and learn…
I’ve been playing with computers and electronics since childhood. I even supported the people in my village with their computer issues back then. During my studies in electrical engineering, I learned how to solve technical challenges with structured approaches. At this time, I became fascinated by topics like cryptography and embedded system security. The books on this list helped me understand important concepts and practical real-world obstacles. I hope they are also of value to you!
I like embedded systems a lot, but I like hardware attacks on them even more because they represent very powerful attackers! I love the wonderful collection of expert knowledge and practical experience on side-channel analysis, fault attacks, and corresponding countermeasures created by Colin O'Flynn and Jasper van Woudenberg.
When reading through this one, I always remember my time as a PhD student, when my colleagues and I performed several tricky hardware attacks in our lab... That was definitely challenging but also a lot of fun!
The Hardware Hacking Handbook is a deep dive into embedded security, perfect for readers interested in designing, analysing, and attacking devices. You'll start with a crash course in embedded security and hardware interfaces and learn how to set up a test lab. Real-world examples and hands-on labs throughout allow you to explore hardware interfaces and practice various attacks.
I’ve been playing with computers and electronics since childhood. I even supported the people in my village with their computer issues back then. During my studies in electrical engineering, I learned how to solve technical challenges with structured approaches. At this time, I became fascinated by topics like cryptography and embedded system security. The books on this list helped me understand important concepts and practical real-world obstacles. I hope they are also of value to you!
When I first heard about cryptography at university, it sounded like mathematical magic. After looking into some randomly chosen crypto books, I was discouraged from digging deeper because they were full of math details.
Understanding Cryptography was different. It was aimed at engineering students like me, and it provided me with the most relevant facts necessary for designing secure devices. Since then, it has always been a great reference book for me.
Cryptography is now ubiquitous - moving beyond the traditional environments, such as government communications and banking systems, we see cryptographic techniques realized in Web browsers, e-mail programs, cell phones, manufacturing systems, embedded software, smart buildings, cars, and even medical implants. Today's designers need a comprehensive understanding of applied cryptography.
After an introduction to cryptography and data security, the authors explain the main techniques in modern cryptography, with chapters addressing stream ciphers, the Data Encryption Standard (DES) and 3DES, the Advanced Encryption Standard (AES), block ciphers, the RSA cryptosystem, public-key cryptosystems based on the discrete logarithm problem, elliptic-curve cryptography (ECC), digital…
I’ve been playing with computers and electronics since childhood. I even supported the people in my village with their computer issues back then. During my studies in electrical engineering, I learned how to solve technical challenges with structured approaches. At this time, I became fascinated by topics like cryptography and embedded system security. The books on this list helped me understand important concepts and practical real-world obstacles. I hope they are also of value to you!
I love thinking about potential vulnerabilities and threat scenarios in IoT devices, because they are everywhere and they have already gained a significant amount of power.
Practical IoT Hacking is a wonderful read that stimulates my imagination about how to tackle devices and systems, but it doesn’t stop there: it even addresses the practical security analysis needs of my students and me.
Geared towards security researchers, IT teams, and penetration testers, application testers, developers, and IT administrators, this book teaches readers how to get started with hacking Internet connected devices. Readers dig deep into technical (and related legal) issues, as they learn what kinds of devices to use as hacking tools and which make the best targets. The authors, all experts in the field, cover the kinds of vulnerabilities found in IoT devices, explain how to exploit their network protocols, and how to leverage security flaws and certain hardware interfaces found in the physical devices themselves.
Like most geeks, I've always loved efficiency and productivity. Coming from a Windows-dominated world, the command line I was faced with in my CompSci degree was Initially mystifying, but over time I have come to see it as the most powerful human-computer interface out there. After spending years wresting with the command line at work, I decided to write a book on bash, and have blogged extensively on this and related topics. I also run live courses on bash and the command line for O'Reilly. There's nothing I enjoy more than opening people's eyes to the power of the shell!
Regular expressions are the cornerstone of command line wizardry.
They are used in pretty much all command-line tools, and all programming languages.
If you read this book, you'll have a deep understanding of what's going on, and the knowledge to go from hand-waving and guessing your way through regular expression writing to the mastery the book promises.
Regular expressions are an extremely powerful tool for manipulating text and data. They are now standard features in a wide range of languages and popular tools, including Perl, Python, Ruby, Java, VB.NET and C# (and any language using the .NET Framework), PHP, and MySQL. If you don't use regular expressions yet, you will discover in this book a whole new world of mastery over your data. If you already use them, you'll appreciate this book's unprecedented detail and breadth of coverage. If you think you know all you need to know about regular expressions, this book is a stunning eye-opener.…
Jeremy N. Smith is the author of three acclaimed narrative non-fiction books, including Breaking and Entering, about a female hacker called “Alien” and the birth of our information insecurity age. He has written for The Atlantic, Discover, Slate, and the New York Times, among other outlets, and he and his work have been featured by CNN, NPR, NBC Nightly News, The Today Show, and Wired. He hosts The Hacker Next Door podcast and lives in Missoula, Montana.
The New Hacker’s Dictionary is the foremost compilation of the first fifty years of hacker lore, combining hilarious anecdotes and definitions to illuminate a hugely-influential but wildly-misunderstood culture more similar to beer-brewing monks than black-clad criminals. Though last updated in 1996, the technology, terms, and theories explained within still underlie the modern Internet, making this dictionary a dual cultural and architectural blueprint for anyone interested in how computing got to the present moment—and how to build a better future.
This new edition of the hacker's own phenomenally successful lexicon includes more than 100 new entries and updates or revises 200 more.
This new edition of the hacker's own phenomenally successful lexicon includes more than 100 new entries and updates or revises 200 more. Historically and etymologically richer than its predecessor, it supplies additional background on existing entries and clarifies the murky origins of several important jargon terms (overturning a few long-standing folk etymologies) while still retaining its high giggle value.
Sample definition
hacker n. [originally, someone who makes furniture with an axe] 1. A person who enjoys exploring the…
