Cyber Shelf

// Comparison

Foundations of Information Security vs Practical Packet Analysis: Which Should You Read?

Two cybersecurity books on Defensive, compared honestly: who each is for, what each does best, and which to read first.

Beginner
4/52019
Foundations of Information Security

A Straightforward Introduction

Jason Andress

Jason Andress' compact tour of the field: confidentiality / integrity / availability, identification and authentication, network and OS controls, written for newcomers and adjacent disciplines.

Beginner
4/52017
Practical Packet Analysis

Using Wireshark to Solve Real-World Network Problems

Chris Sanders

Chris Sanders' working manual for Wireshark, geared at troubleshooting and incident response rather than abstract protocol theory. Updated for Wireshark 2.x.

Read this if

Anyone new to the field who wants the entire territory mapped on a single shelf, in a single short book. Andress is the cleanest tour of CIA, IAM, network, software, operations, and crypto for newcomers.
Anyone who needs to read pcaps fluently: SOC analysts, incident responders, network engineers, security students. Sanders teaches Wireshark at exactly the level that turns the tool from intimidating into a working extension of your hands.

Skip this if

Anyone who already works in the field. The book is broad and shallow by design; specialists will find every chapter familiar.
Readers wanting deep protocol theory, custom-protocol auditing, or attack-side network research. For depth beyond troubleshooting and IR, follow with Attacking Network Protocols (Forshaw) and Silence on the Wire (Zalewski).

Key takeaways

  • Covers every major domain of security at survey-level depth, which is exactly what a beginner needs to choose a specialization.
  • The operations security chapter is unusually strong for an intro book; most authors skip it because it's unsexy, Andress doesn't.
  • Pairs naturally with one or two deep-dive books per topic from this catalog; treat it as the master index.
  • Capture filters are how you avoid drowning in volume; display filters are how you find the needle. The book teaches both fluently in the first hundred pages.
  • Reading TCP behaviour at the packet level (handshakes, retransmits, resets) is the core skill that makes every later analysis question tractable.
  • Wireshark's profile, coloring rule, and decode-as features turn it from a tool into a workflow; the book's chapter on customisation pays back fast.

How they compare

Foundations of Information Security and Practical Packet Analysis are both rated 4/5 in our catalog. Pick by topic preference and reading style rather than by rating.

Both books target beginner-level readers, so the choice is about topic, not difficulty.

Foundations of Information Security and Practical Packet Analysis both cover Defensive, so reading them in sequence reinforces the same material from different angles.

Keep reading

Foundations of Information Security

Alternatives to Foundations of Information SecurityWhat to read after Foundations of Information Security

Practical Packet Analysis

Alternatives to Practical Packet AnalysisWhat to read after Practical Packet Analysis

Related topics

Defensive