To brush back up on security and learn new things that have become the standard in the past five years or so, I've bought a stack of books I'm working my way through. The first two I decided to start with are "Defensive Security Handbook" by Brotherston and Berlin and "Practical Cloud Security" by Dotson.
"Defensive Security Handbook" built nicely upon what I already knew from doing security as a sysadmin and what was taught in the Security+ study materials. It's basically a crash-course in how to set up good security policies and procedures if you're a sysadmin or something similar who has been handed a whole environment and been told "oh, by the way, we think this was secure, but you need to make sure and you need to bring the security up to date.". Needless to say, I wish I'd had this book when I was at All-Spec, but it came out long after I'd left there. If you find yourself in a similar situation, or just want to make sure your security is right, or are trying to make the move from the infrastructure side of IT to the security side, I highly recommend this book. I finished it in a week or so, and enjoyed it. The writing is engaging as well as informative. The book isn't meant to be a comprehensive security book, just a starting point with suggestions on where to go beyond what's covered in the book. 5/5
"Practical Cloud Security", conversely, was a slog. The problem might be the fact that I have very little hands-on experience with cloud, but I kept finding myself getting bored by this book, and I'm not sure I retained much of the information I read. It's definitely geared for someone facing a move to a cloud environment, or starting a position with a company that has a cloud environment, who's going "now what?". I do like that for any specific cloud security features, the name of each feature in each cloud environment was listed. I'll reserve judgement on the book for now, and just give it a 3/5.
Next up on the menu will be "Violent Python" and "Applied Incident Response". Happy hacking.
No comments:
Post a Comment