Cyber Shelf

// Prerequisites

What to read before Alice and Bob Learn Application Security

If Alice and Bob Learn Application Security feels too steep at beginner level, here is what to read first. Lighter books in the same topics that build the prerequisites this one assumes.

AppSecFoundationsDevSecOps

  1. 01 · 2019

    Foundations of Information Security

    Jason Andress' compact tour of the field: confidentiality / integrity / availability, identification and authentication, network and OS controls, written for newcomers and adjacent disciplines.

    Beginner
    4/5Jason Andress

  2. 02 · 2021

    How Cybersecurity Really Works

    Sam Grubb's gentle, exercise-driven introduction for non-specialists who need a working mental model of attacker behaviour and basic defence.

    Beginner
    4/5Sam Grubb

  3. 03 · 2019

    The Pragmatic Programmer

    Thomas and Hunt's career-defining set of practical heuristics for writing software professionally — orthogonality, broken-windows, DRY, tracer bullets, and the underlying argument that craftsmanship is a posture, not a process.

    Beginner
    5/5David Thomas, Andrew Hunt

  4. 04 · 2018

    Click Here to Kill Everybody

    Bruce Schneier's policy-level argument that as everything becomes a computer (cars, medical devices, infrastructure, voting), the security failures that used to merely cost us money will start costing lives — and the regulatory shape of that future is being decided now.

    Beginner
    4/5Bruce Schneier

  5. 05 · 2025

    Linux Basics for Hackers

    OccupyTheWeb's introduction to Linux from the angle that hackers and pentesters actually need it: shells, networking, scripting, and Kali tooling.

    Beginner
    4/5OccupyTheWeb

  6. 06 · 2002

    The Art of Deception

    Kevin Mitnick and William Simon's case-study collection of social-engineering attacks: PBX scams, helpdesk impersonation, dumpster-diving, the casual lies that sound true. The technology dates the book; the human side is timeless.

    Beginner
    4/5Kevin Mitnick, William L. Simon

  7. 07 · 2020

    Web Security for Developers

    Malcolm McDonald's developer-side primer on the OWASP-class issues, framed around real attacks and defended with code patterns rather than vendor products.

    Beginner
    4/5Malcolm McDonald

  8. 08 · 2018

    Cybersécurité — Un ouvrage unique pour les managers

    French-language management-oriented cybersecurity handbook by Hennion and Makhlouf: governance, ISO 27001, risk management, GDPR, business continuity — operational panorama, no technical depth.

    Beginner
    3/5Romain Hennion, Anissa Makhlouf
Back to Alice and Bob Learn Application SecurityWhat to read after Alice and Bob Learn Application Security