Best cybersecurity books from 2018

Practical Binary Analysis

Build Your Own Linux Tools for Binary Instrumentation, Analysis, and Disassembly

Dennis Andriesse on the binary toolchain you can actually script: ELF internals, dynamic taint analysis, symbolic execution and instrumentation with concrete code-along examples.

Click Here to Kill Everybody

Security and Survival in a Hyper-Connected World

Bruce Schneier's policy-level argument that as everything becomes a computer (cars, medical devices, infrastructure, voting), the security failures that used to merely cost us money will start costing lives — and the regulatory shape of that future is being decided now.

Cyber

La guerre permanente

A strategic analysis of cyber conflict as permanent, sub-threshold warfare — and what France and Europe should do about it — by a former senior French strategist and a consultant.

Cyberstructure

L'Internet, un espace politique

An engineer's lucid account of how the Internet actually works — and why its technical architecture is a political space that shapes human rights — by a DNS specialist at AFNIC.

Kubernetes Security

Liz Rice and Michael Hausenblas's freely-available O'Reilly short on the Kubernetes-specific security model: API server, RBAC, network policy, secrets, and the typical hardening steps that move a cluster from default to defensible.

Malware Data Science

Attack Detection and Attribution

Saxe and Sanders apply machine-learning techniques (classification, clustering, deep learning) to malware detection and attribution, with working Python code and real corpora.

Social Engineering

The Science of Human Hacking

Christopher Hadnagy's broad procedural reference on social engineering as a discipline — recon, pretexting, elicitation, microexpressions, and the structured engagement model his consultancy operationalized.

The Hacker Playbook 3

Practical Guide to Penetration Testing — Red Team Edition

Peter Kim's hands-on red-team field manual: assumed-breach scenarios, lateral movement, AV/EDR evasion, and the operational rhythm of a real engagement rather than a checklist of CVEs.

The Perfect Weapon

War, Sabotage, and Fear in the Cyber Age

The NYT national security correspondent's account of how cyber weapons became the tool states reach for short of war, from Stuxnet to Russian election interference. Strong on the politics and decision-making, light on the technology.

Open Source Intelligence Techniques and Tools

Hassan and Hijazi's pedagogical introduction to OSINT framed inside the broader intelligence cycle (collection → processing → analysis → dissemination) rather than around a specific toolchain.

Pentesting Azure Applications

The Definitive Guide to Testing and Securing Deployments

Matt Burrough on attacker behaviour against Azure tenants: identity, storage, VMs, key material handling, and the recon paths that work against real subscriptions.