Cyber Shelf

// Prerequisites

What to read before Container Security

If Container Security feels too steep at intermediate level, here is what to read first. Lighter books in the same topics that build the prerequisites this one assumes.

CloudContainersDevSecOps

  1. 01 · 2018

    Kubernetes Security

    Liz Rice and Michael Hausenblas's freely-available O'Reilly short on the Kubernetes-specific security model: API server, RBAC, network policy, secrets, and the typical hardening steps that move a cluster from default to defensible.

    Intermediate
    4/5Liz Rice, Michael Hausenblas

  2. 02 · 2021

    Hacking Kubernetes

    A threat-modeling tour of a Kubernetes cluster, component by component, that teaches you to harden defaults by first showing you how each one gets broken.

    Intermediate
    4/5Andrew Martin, Michael Hausenblas

  3. 03 · 2020

    Alice and Bob Learn Application Security

    Tanya Janca's hands-on AppSec primer covering threat modeling, secure design, secure coding, testing, deployment, and the social side of running an AppSec program — through a friendly, narrative-driven structure.

    Beginner
    4/5Tanya Janca

  4. 04 · 2018

    Pentesting Azure Applications

    Matt Burrough on attacker behaviour against Azure tenants: identity, storage, VMs, key material handling, and the recon paths that work against real subscriptions.

    Intermediate
    3/5Matt Burrough

  5. 05 · 2017

    American Kingpin

    A propulsive account of how Ross Ulbricht built the Silk Road dark-web drug empire as Dread Pirate Roberts, and how a handful of investigators across rival agencies finally unmasked him.

    Beginner
    5/5Nick Bilton

  6. 06 · 2014

    Countdown to Zero Day

    Kim Zetter's investigative reconstruction of Stuxnet, the joint US/Israeli operation that physically damaged Iranian uranium-enrichment centrifuges via a worm, and what its discovery revealed about state-level cyber capability.

    Beginner
    5/5Kim Zetter

  7. 07 · 2011

    Kingpin

    Kevin Poulsen's reconstruction of Max Butler's career — from white-hat consultant to running CardersMarket, the carding forum that consolidated the early-2000s underground — and the FBI investigation that finally took him down.

    Beginner
    5/5Kevin Poulsen

  8. 08 · 2019

    Sandworm

    Long-form journalism on the GRU's hacking operations, the best non-technical book on what state-level cyber actually looks like.

    Beginner
    5/5Andy Greenberg
Back to Container SecurityWhat to read after Container Security