Cyber Shelf

// What to read next

What to read after Sandworm

Where to go after Sandworm, picked from our catalog. The next step up from beginner level, weighted toward the topics this book covers.

Threat IntelligenceNarrativeGeopolitics

  1. 01 · 1989

    The Cuckoo's Egg

    Clifford Stoll's first-person account of investigating a 75-cent accounting discrepancy at LBNL that turned into a year-long pursuit of a KGB-paid intruder across early-internet networks.

    Beginner
    5/5Clifford Stoll

  2. 02 · 2020

    The Hacker and the State

    Ben Buchanan's argument that state-on-state cyber operations are not deterrence-shaped (like nuclear) but signaling-shaped: countries use cyber to shape the environment, not to threaten escalation. Builds the case from declassified incidents.

    Beginner
    5/5Ben Buchanan

  3. 03 · 2014

    @War

    Shane Harris on the entanglement of US military doctrine, the intelligence community, and private contractors after cyberspace was declared the fifth warfighting domain.

    Beginner
    4/5Shane Harris

  4. 04 · 2016

    Dark Territory

    Fred Kaplan's policy-side history of US cyber capability, from Reagan-era panic about WarGames to the institutional buildup of NSA's offensive arm and the political fights over its use.

    Beginner
    4/5Fred Kaplan

  5. 05 · 2021

    This Is How They Tell Me the World Ends

    Nicole Perlroth's reporting on the global zero-day market: how exploits get bought, by whom, and how the gray-then-black market shapes which vulnerabilities get fixed and which get hoarded.

    Beginner
    4/5Nicole Perlroth

  6. 06 · 2011

    A Bug Hunter's Diary

    Tobias Klein walks through seven real vulnerabilities he found and exploited, in the form of personal lab notes, what he tried, what failed, and what eventually shipped to vendors.

    Intermediate
    4/5Tobias Klein

  7. 07 · 2024

    La cyberdéfense

    French academic textbook on cyber defense — political, military, legal. The authors (researchers and former military-school faculty) cover the French organizational layer and the international ecosystem.

    Intermediate
    4/5Stéphane Taillat, Amaël Cattaruzza, Didier Danet

  8. 08 · 2014

    Countdown to Zero Day

    Kim Zetter's investigative reconstruction of Stuxnet, the joint US/Israeli operation that physically damaged Iranian uranium-enrichment centrifuges via a worm, and what its discovery revealed about state-level cyber capability.

    Beginner
    5/5Kim Zetter
Back to SandwormAlternatives to Sandworm