// Prerequisites
What to read before Incident Response and Computer Forensics
If Incident Response and Computer Forensics feels too steep at intermediate level, here is what to read first. Lighter books in the same topics that build the prerequisites this one assumes.
01 · 2019
Foundations of Information Security
Jason Andress' compact tour of the field: confidentiality / integrity / availability, identification and authentication, network and OS controls, written for newcomers and adjacent disciplines.
Beginner4/5Jason Andress02 · 2021
How Cybersecurity Really Works
Sam Grubb's gentle, exercise-driven introduction for non-specialists who need a working mental model of attacker behaviour and basic defence.
Beginner4/5Sam Grubb03 · 2021
Practical Linux Forensics
Bruce Nikkel's reference for forensic analysts working post-mortem on Linux images: filesystems, journaling, logs, persistence locations, and the chain of custody discipline around them.
Intermediate4/5Bruce Nikkel04 · 2017
Practical Packet Analysis
Chris Sanders' working manual for Wireshark, geared at troubleshooting and incident response rather than abstract protocol theory. Updated for Wireshark 2.x.
Beginner4/5Chris Sanders05 · 2020
Web Security for Developers
Malcolm McDonald's developer-side primer on the OWASP-class issues, framed around real attacks and defended with code patterns rather than vendor products.
Beginner4/5Malcolm McDonald06 · 2021
Cyberjutsu
Ben McCarty maps declassified medieval ninja scrolls onto modern adversary tradecraft. More analogy-driven than technical, useful for security-program framing.
Beginner3/5Ben McCarty07 · 2021
Designing Secure Software
Loren Kohnfelder, the original PKI author, on how to weave security thinking through requirements, design, implementation and operations rather than bolt it on at the end.
Intermediate5/5Loren Kohnfelder08 · 2012
Practical Malware Analysis
Still the gold standard textbook for static and dynamic malware analysis on Windows.
Intermediate5/5Michael Sikorski, Andrew Honig