Must-read books for 2014 on information security and programming

    While the whole country is preparing for a new economic crisis, frantically buying up all kinds of goods, products and real estate, we invite everyone to do self-development and invest in themselves. After all, buckwheat with pasta will soon be eaten, but then you can earn new grubs by investing time in self-education. You understand, in difficult times, it is beneficial to be universal, unpretentious and not ill. We may talk about the last two qualities separately, and now we will discuss the assortment of the most interesting literature on information security and programming, published in 2014.


    Hacker Playbook: Practical Guide To Penetration Testing

    The book is written in the style of planning a football game. Here are detailed and step-by-step problems and difficulties that security experts encounter when testing security systems. In particular, attacks on various types of networks, antivirus bypasses and hacking of security systems are considered. The author of the book is Peter Kim, IT security specialist with many years of experience, CEO of Secure Planet.

    The Art of Memory Analysis: Detecting Malware and Threats in Windows, Linux, and Mac Memory (The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory)

    It is not hard to guess, the book is devoted to the analysis of RAM in order to prevent and investigate cybercrime. The text is based on a 5-day workshop program taught by the authors. Moreover, this is one of the few books devoted to this topic. The following topics are covered here:
    • How volatile memory analysis helps investigate cybercrime
    • Procedure for detecting hidden malware and complex threats
    • Using opensource tools for discovery and analysis
    • How to protect computer memory from potential threats

    Cyber ​​Threat Response Guide (Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber ​​Security Incident Responder)

    The book is a collection of instructions and recommendations for responding to incidents related to information security. Common attack methods, software tools, network analysis methodology, examples of using tcpdump and Snort IDS, as well as many other issues are described here. Basically, the content of the book reflects the experience of authors with experience in teaching and working in the field of network security.

    Cybersecurity for Executives: A Practical Guide

    This book will help business owners and managers make well-informed decisions to ensure the information security of their business. It is accessible and briefly described how it is possible to recognize, understand, evaluate and mitigate the risks associated with information security. The book also touches on such topics as planning measures to restore and develop a business in the event of an attack, gives recommendations on integrating security measures in the company's development strategy, and on changing the company and personnel management system. It also describes the most effective ways to safeguard important information held by management in the office and at home.

    Social Engineering: The Human Factor and Security (Unmasking the Social Engineer: The Human Element of Security)

    This publication is dedicated to the scientific approach to non-verbal communications in social engineering, which helps to identify fraudsters and crooks trying to gain confidence and establish closer relationships in order to circumvent existing security systems. It describes how such attacks are built and how to recognize them. Visual analogies are drawn to connect non-verbal communication with social engineering and fraud. Various “dirty” tricks used by scammers are described, recommendations are given, what you need to pay attention to first of all.

    Bulletproof SSL and TLS: Understanding and Deploying SSL / TLS and PKI to Secure Servers and Web Applications)

    It details the SSL and TLS encryption used on servers and in various web projects. In fact, this is an exhaustive guide to protecting your systems from interception of information and attacks under the guise of an authorized user. Here you will find all kinds of materials on the theory, details of the implementation of encryption protocols, characteristic vulnerabilities, as well as tips on the deployment of data encryption systems.

    Reversing in practice: x86, x64, ARM, the Windows kernel, utilities and obfuscation (Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation)

    Hackers can use reverse engineering to detect vulnerabilities in systems. The book talks about the features of reverse engineering in the architectures x86, x64 and ARM. Technologies for protecting virtual machines, as well as the use of rootkits and step-by-step analysis of Windows kernel drivers are considered. The last question, incidentally, is rarely covered in the literature. The book is valuable for its systematic presentation of the material, with a large number of practical examples and independent assignments. The bonus chapter also discusses tools for reversing.

    Java Armadillo: Building Secure Web Applications (Iron-Clad Java: Building Secure Web Applications)

    The book addresses issues such as:
    • secure authentication and session management
    • creation of a tight access control system in multi-user web applications,
    • counteraction to cross-site scripting, falsification of cross-site requests and clickjacking (clickjacking)
    • protection of important data during storage and forwarding,
    • Prevention of attacks using code injection, including SQL,
    • securing file I / O and download operations,
    • use of logging, error handling, intrusion detection methods

    Creating the Cloud Infrastructure Security Infrastructure (Building the Infrastructure for Cloud Security: A Solutions View (Expert's Voice in Internet Security))

    The boom in cloud services has brought with it numerous security challenges. The book is intended to illuminate the fundamental foundations of the technologies needed to create secure cloud services. It also talks about the challenges and challenges organizations face when moving mission-critical applications to the clouds.


    A smart way to learn JavaScript (A Smarter Way to Learn JavaScript: The new approach that uses technology to cut your effort in half)

    To write this book, the author was spurred by dissatisfaction with the educational literature on sale in JavaScript. He set as his goal to present the material easier, more accessible, more intelligible, more human language, and not remotely technical.

    Manual of the life of the application developer (Soft Skills: The software developer's life manual)

    This is a kind of recommendation book on a harmonious life as a professional technician. The author shares tips with developers in such areas as career and productivity, personal finance and investment, and even fitness and personal relationships. The material is presented in a humorous style, structurally the book consists of 71 short chapters, at the end of each of them specific steps are written to achieve an early result.

    Creating Arcade Games in Python and using Pygame (Program Arcade Games: With Python and Pygame)

    Actually, this book has a talking name, there is nothing special to add here. This is a practical guide that discusses the various aspects and stages of creating arcade games in Python using the Pygame libraries.

    Learning C Programming in One Day (C Programming Success in a Day: Beginners' Guide To Fast, Easy and Efficient Learning of C Programming)

    This is a step-by-step tutorial on C programming for beginners, for those who are just taking their first steps in programming. Of course, she will not teach you the heights of mastery, but if you have not yet decided which language you would like to learn first, then pay attention to this book.

    Game Programming Patterns

    One of the main difficulties that many developers face is the completion of the game. Many projects fail due to the over complexity of their own code. In this book in the form of separate "recipes" collected various templates that will help to "untangle" and optimize your game.

    Game development with Python (Game Development with Python)

    Do you have a great idea for the game, but lack the skills and knowledge to implement it? Do you want to learn professional approaches to game development? Want to create games using physics and artificial intelligence? Then this book is for you. Here you will find not only the theory, but also dozens of code examples and tasks to consolidate the material covered. Despite the fact that the author chose the Python language, this is not so important, since the approach to game development is much more important.

    UX Planning for Device Ecosystem Applications (Designing Multi-Device Experiences: An Ecosystem Approach to User Experiences across Devices)

    Today, one application can often be used on a variety of devices: smartphone, tablet, laptop, TV and so on. This book demonstrates the different types of logical interconnectedness of all these devices. You’ll learn how to create applications designed for the device ecosystem using different approaches. You will understand that instead of offering everything at once on all possible devices, it is better to choose the best for each type of gadget. Learn how to measure the performance of your device ecosystem, and more.

    JavaScript and JQuery: Interactive Front-End Web Development Web Development (JavaScript and JQuery: Interactive Front-End Web Development)

    With the help of this book you:
    • learn basic programming concepts,
    • get information about the main elements of the JavaScript language and you can write your own scripts,
    • take the first steps in using jQuery, which helps simplify the scripting process,
    • You’ll learn how to independently repeat elements and mechanics seen on other sites like scrolling, data filters, forms, updating content using Ajax, etc.

    What programming or information security books published in 2014 can you recommend? What have you read, are you reading, are you going to read, did someone advise?

    And if you are not a fan of reading, you are afraid to go blind completely or instantly fall asleep from a book, then our Department of Research and Education has a regularly updated youtube channel , which contains many lectures on programming, algorithms, databases, security, product management and other relevant topics.

    Also popular now: