Cyber Shelf

// What to read next

What to read after Intelligence-Driven Incident Response

Where to go after Intelligence-Driven Incident Response, picked from our catalog. The next step up from intermediate level, weighted toward the topics this book covers.

Incident ResponseThreat IntelligenceDefensive

  1. 01 · 2014

    Incident Response and Computer Forensics

    Luttgens, Pepe, and Mandia's working playbook for running an enterprise IR engagement: pre-engagement readiness, evidence acquisition, network and host forensics, and the project-management discipline that separates a controlled response from a panic.

    Intermediate
    4/5Jason T. Luttgens, Matthew Pepe, Kevin Mandia

  2. 02 · 2020

    Building Secure and Reliable Systems

    Google's site-reliability and security teams jointly write down what it actually takes to build systems that are both safe and dependable, from threat models and design reviews to rollback culture and crisis response.

    Advanced
    5/5Heather Adkins, Betsy Beyer, Paul Blankinship, Piotr Lewandowski, Ana Oprea, Adam Stubblefield

  3. 03 · 2023

    Security Chaos Engineering

    Kelly Shortridge and Aaron Rinehart on treating security as a property of complex adaptive systems: instead of preventing failure, you continuously simulate it, and design the organization to learn from each result.

    Advanced
    5/5Kelly Shortridge, Aaron Rinehart

  4. 04 · 2020

    Security Engineering

    Ross Anderson's comprehensive textbook on the design of secure systems, covering protocols, access control, side channels, economics of security, and policy.

    Advanced
    5/5Ross Anderson

  5. 05 · 2014

    The Art of Memory Forensics

    Ligh, Case, Levy, and Walters' canonical reference on memory analysis with Volatility — the technique, the tooling, and the operating-system internals it depends on, across Windows, Linux, and macOS.

    Advanced
    5/5Michael Hale Ligh, Andrew Case, Jamie Levy, AAron Walters

  6. 06 · 2024

    Evasive Malware

    Kyle Cucci on the anti-analysis arms race: sandbox detection, anti-debug, anti-VM, packing, and the analyst-side tooling and tradecraft that get past those layers.

    Advanced
    4/5Kyle Cucci

  7. 07 · 2021

    Designing Secure Software

    Loren Kohnfelder, the original PKI author, on how to weave security thinking through requirements, design, implementation and operations rather than bolt it on at the end.

    Intermediate
    5/5Loren Kohnfelder

  8. 08 · 2012

    Practical Malware Analysis

    Still the gold standard textbook for static and dynamic malware analysis on Windows.

    Intermediate
    5/5Michael Sikorski, Andrew Honig
Back to Intelligence-Driven Incident ResponseAlternatives to Intelligence-Driven Incident Response