Best cybersecurity books from 2020

Building Secure and Reliable Systems

Best Practices for Designing, Implementing, and Maintaining Systems

Google's site-reliability and security teams jointly write down what it actually takes to build systems that are both safe and dependable, from threat models and design reviews to rollback culture and crisis response.

Security Engineering

A Guide to Building Dependable Distributed Systems

Ross Anderson's comprehensive textbook on the design of secure systems, covering protocols, access control, side channels, economics of security, and policy.

The Hacker and the State

Cyber Attacks and the New Normal of Geopolitics

Ben Buchanan's argument that state-on-state cyber operations are not deterrence-shaped (like nuclear) but signaling-shaped: countries use cyber to shape the environment, not to threaten escalation. Builds the case from declassified incidents.

À la trace

Enquête sur les nouveaux territoires de la surveillance

An investigative map of modern surveillance — from data brokers and facial recognition to contact-tracing — charting how continuous digital tracking became normal, by a French tech journalist.

Alice and Bob Learn Application Security

Tanya Janca's hands-on AppSec primer covering threat modeling, secure design, secure coding, testing, deployment, and the social side of running an AppSec program — through a friendly, narrative-driven structure.

Black Hat Go

Go Programming For Hackers and Pentesters

Tom Steele, Chris Patten, and Dan Kottmann show how to use Go's networking primitives, concurrency model, and cross-compilation to write offensive tooling that runs almost anywhere.

Container Security

Fundamentals for Securing Containerized Applications

Liz Rice's first-principles introduction to how Linux containers actually work — namespaces, cgroups, capabilities, seccomp, image layering — and the security implications that fall out of those mechanics.

The Ghidra Book

The Definitive Guide

The reference manual for the NSA's open-source disassembler, written by the author of The IDA Pro Book. Exhaustive on the tool, thinner on the craft of reversing itself.

Web Security for Developers

Real Threats, Practical Defense

Malcolm McDonald's developer-side primer on the OWASP-class issues, framed around real attacks and defended with code patterns rather than vendor products.

Intelligence artificielle, cybersécurité et cyberdéfense

An academic examination of how artificial intelligence reshapes cybersecurity and cyberdefence — opportunities, threats and strategic implications — by France's most prolific cyberwar scholar.