Cyber Shelf

// Prerequisites

What to read before Security Engineering

If Security Engineering feels too steep at advanced level, here is what to read first. Lighter books in the same topics that build the prerequisites this one assumes.

Security ArchitectureDefensiveCryptography

  1. 01 · 2024

    Serious Cryptography

    Jean-Philippe Aumasson's working introduction to modern cryptography, written for engineers who need both intuition and enough mathematical depth to evaluate the choices a library is making for them.

    Intermediate
    5/5Jean-Philippe Aumasson

  2. 02 · 2010

    Cryptography Engineering

    A working engineer's introduction to cryptography that takes implementation pitfalls more seriously than most.

    Intermediate
    4/5Niels Ferguson, Bruce Schneier, Tadayoshi Kohno

  3. 03 · 2021

    Real-World Cryptography

    David Wong's hands-on tour of the cryptographic primitives, protocols and pitfalls that show up in actual production systems, with deliberate attention to TLS, Noise, modern AEAD, and post-quantum.

    Intermediate
    5/5David Wong

  4. 04 · 2020

    Building Secure and Reliable Systems

    Google's site-reliability and security teams jointly write down what it actually takes to build systems that are both safe and dependable, from threat models and design reviews to rollback culture and crisis response.

    Advanced
    5/5Heather Adkins, Betsy Beyer, Paul Blankinship, Piotr Lewandowski, Ana Oprea, Adam Stubblefield

  5. 05 · 2023

    Security Chaos Engineering

    Kelly Shortridge and Aaron Rinehart on treating security as a property of complex adaptive systems: instead of preventing failure, you continuously simulate it, and design the organization to learn from each result.

    Advanced
    5/5Kelly Shortridge, Aaron Rinehart

  6. 06 · 2021

    Designing Secure Software

    Loren Kohnfelder, the original PKI author, on how to weave security thinking through requirements, design, implementation and operations rather than bolt it on at the end.

    Intermediate
    5/5Loren Kohnfelder

  7. 07 · 2012

    Practical Malware Analysis

    Still the gold standard textbook for static and dynamic malware analysis on Windows.

    Intermediate
    5/5Michael Sikorski, Andrew Honig

  8. 08 · 2013

    The Practice of Network Security Monitoring

    Richard Bejtlich's NSM playbook: how to deploy collection sensors, validate that you actually see what you think you see, and build detection workflows around open-source tools.

    Intermediate
    5/5Richard Bejtlich
Back to Security EngineeringWhat to read after Security Engineering