Cybersecurity Resources
These recommendations are highly rated and often discussed in their space. Pick what you need from each category, or simply stick to one category to start with. You aren't expected to know everything about security, but having a passing familiarity, especially if you are a leader, can't hurt.
Table of Contents
Applications, Code, and Cryptography
All about applications, coding, scripting, and Cryptography.
Cybersecurity Management
Everything you need to effectively manage your cybersecurity program.
Cybersecurity Awareness and Social Engineering
Security awareness, phishing simulations, privacy, and social engineering.
Governance, Risk, and Compliance
Regulatory requirements and efforts with governance, risk, and compliance.
Operating Systems, Infrastructure, and Networking
Endpoints, operating systems, servers, network infrastructure, and more.
Pentesting, Incident Response, and Analysis
Penetration testing, code assessments, tabletops, incident response planning, and incident analysis.
Applications, Code, and Cryptography
All about applications, coding, scripting, and Cryptography.
Applications
Hacking, The Art of Exploitation book by Jon Erickson
The Shellcoder’s Handbook book by Chris Anley, John Heasman, Felix Lindner, Gerardo Richarte
The Web Application Hacker’s Handbook book by Dafydd Suttard, Marcus Pinto
Cryptography
The Code Book book by Simon Singh
Cryptography Engineering book by Niels Ferguson
Cybersecurity Management
Everything you need to effectively manage your cybersecurity program.
Building a Comprehensive IT Security Program book by Jeremy Wittkop
Liars & Outliers book by Bruce Schneier
Secrets and Lies book by Bruce Schneier
Security Engineering book by Ross Anderson
Threat Modeling book by Adam Shostack
Cybersecurity Awareness and Social Engineering
Security awareness, phishing simulations, privacy, and social engineering.
Social Engineering
Ghost in the Wires book by Kevin Mitnick
The Art of Deception book by Kevin Mitnick
No-Tech Hacking book by Johnny Long
Social Engineering book by Christopher Hadnagy
Governance, Risk, and Compliance
Regulatory requirements and efforts with governance, risk, and compliance.
HIPAA
A Concise Guide to HIPAA, HITECH and the Omnibus Rule: Making your Office Compliant book by Raymond Calore
Surviving a HIPAA Audit: Jump Start Guide book by Dave Sweigert
HIPAA Omnibus Rules Simplified - The HIPAA made EASY Approach to Privacy and Security Compliance for The Healthcare Facility book by HIPAA Made Easy
PCI
PCI DSS 3.2 – A Comprehensive Understanding to Effectively Achieve PCI DSS Compliance book by Haseen Usman Ahmed
PCI Compliance, Version 3.2: The Latest on PCI DSS Compliance book by Branden Williams
NIMS
NIMS Incident Command System Field Guide book by Informed
Operating Systems, Infrastructure, and Networking
Endpoints, operating systems, servers, network infrastructure, and more.
Operating Systems
The Linux Command Line book by William Shotts Jr.
Networking
TCP/IP Guide book by Charles Kozierok
Pentesting, Incident Response, and Analysis
Penetration testing, code assessments, tabletops, incident response planning, and incident analysis.
Penetration Testing
Red Team Field Manual book by Ben Clark
The Basics of Hacking and Penetration Testing book by Patrick Engebretson
Unauthorised Access book by Wil Allsopp
Incident Response
Blue Team Field Manual book by Alan White and Ben Clark
Blue Team Handbook: Incident Response Edition book by Don Murdoch
The Art of Memory Forensics book by Michael Ligh, Andrew Case, Jamie Levy, and Aaron Walters
Malware Analysis
Malware Analyst’s Cookbook and DVD book by Michael Ligh, Steven Adair, Blake Hartstein, and Matthew Richard
Practical Reverse Engineering book by Bruce Dang