Below I have compiled a list of books that are highly recommended to read by various experts. It would be great if you could express your opinion in the comments about those with whom you are familiar. If you had to choose one, which would it be?
And I, in turn, pledge to research the most recommended and share my opinion.
So far I have only had a taste of each and am trying to feel the aftertaste. I'm sure this review will be useful to many! Let's go:
A rather old book, but it was recommended to me for some reason, advised more often than others, and I listened. The book makes an impression of a persistent encyclopedia - classification and history of viruses, types of behavior, protection strategies and so on. It is useful in terms of understanding what follows from what and why it is arranged that way.
This one is old, too and what's even worse, the examples in it hopelessly got old as well, but ... According to experts, this is one of those books, which is a good one to start one's acquaintance with cybersecurity as such. It is attractive in it's simple presentation and in it's detailed explanations of difficult things using simple language. Materials are divided into two parts - I would presumably call them security and design.
I was confused by the endless amount of web dumps, although it's better than no examples. There are many of them in the book, which I think makes it very "practical". The content revolves around network security and ways to continuously analyze it. As an expert I know explained to me, it's not a rare challenge for a professional to identify a persistent person who came to buy something and one who conceived a pernicious attack (DoS). And since oftentimes they behave very similarly, it is important not to confuse with whom it is time to say goodbye, and with whom your company will earn money...
It immediately makes an impression that Adam works for Microsoft, and the book is written based on his professional experience. I am impressed by the fact that the author teaches us to think systematically and to model any threat, and in order to not be very general, separately identifies points relevant to system architects, application developers and security specialists. I'm much easier to memorize complicated things through funny stories and jokes, and in this book there are plenty of cautionary tales.
Experts say that this is the first book that spanned x86, x64 and ARM, and that’s cool already. At the beginning of reading it seemed to me that it's just a godsend, because Information is presented very easily, without any abstruse terms. It turns out this is a trick, because immediately after the introduction, I was stuck for an hour - I had to get into wiki and read about the specifics of the Windows kernel, reverse-engineering, process architecture and the malicious code.
As an Android owner, somehow it never occurred to me how vulnerable my phone could be. Having got acquainted with the work of Drake, I realized that only the forms of threats differ. A lot of the material in this book is devoted to the threats for mobiles as a whole, another part gives a detailed description of the device’s operating system and gives advice on how to take into account the common risks associated with mobile application development.