The Best Security Books to have in your library

GIAC Advisory Board

What are the best security books to have in your library? To find out, SANS polled the GIAC Advisory Board. Students that scored over 90 on their GIAC certification exams were invited to join the Advisory Board. Their answers are shown below. The ones in bullet point received multiple votes.

SECURITY BOOKS

• The Art of War for Security Managers - Scott A. Watson

• Beyond Fear - Bruce Schneier

• Botnets: The Killer Web App - Schiller, Binkly et al

• Counter Hack Reloaded: A Step-by Step Guide to Computer Attacks and Effective Defenses (2nd Edition) - Edward Skoudis and Tom Liston

• Extrusion Detection - Richard Bejtlich

• Google Hacking for Penetration Testers, Vol. 1 - Long, Skoudis, Eijkelenborg

• Gray Hat Hacking: The Ethical Hacker's Handbook - Harris, Harper, Eagle, Ness, Lester

• Hacker's Challenge I, II, III Series - Schiffman, Pennington, Pollio, O'Donnell

• The Hacker's Handbook: The Strategy Behind Breaking Into and Defending Networks - Susan Young and Dave Aitel

• Hacking Exposed-VOIP - David Endler and Mark Collier

• Hacking: The Art of Exploitation - Jon Erickson

• Inside Network Perimeter Security - Stephen Northcutt and Judy Novak

• Internet Forensics - Robert Jones

• Metasploit Toolkit for Penetration Testing, Exploit Development, and Vulnerability Research - James Foster

• The Oracle Hacker's Handbook: Hacking and Defending Oracle - David Litchfield

• Network Intrusion Detection, 3rd Edition - Stephen Northcutt and Judy Novak

• Professional Pen Testing for Web Applications - Andres Andre

• RailsSpace: Building a Social Networking Website with Ruby on Rails - Michael Hartl and Aurelius Prochazka

• Real Digital Forensics: Computer Security and Incident Response - Jones, Bejtlich, Rose

• Reversing: Secrets of Reverse Engineering - Eldad Eilam

• Secrets and Lies - Bruce Schneier

• Security Data Visualization Graphical Techniques for Network Analysis - Greg Conti

• Security Metrics: Replacing Fear, Uncertainty, and Doubt - Andrew Jacquith

• Security Warrior - Anton Chuvakin

• Securing VoIP Networks: Threats, Vulnerabilities, and Countermeasures - Peter Thermos and Ari Takanen

• The Shellcoder's Handbook, 2nd Edition - Chris Anley

• Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks - Michal Zalewski

• The Tao of Network Security Monitoring: Beyond Intrusion Detection - Richard Bejtlich

• The TCP/IP Guide - Charles M. Kozierok (No Starch Press)

• The Web Application Hacker's Handbook - Dafydd Stuttard and Marcus Pinto

• Wi-Foo: The Secrets of Wireless Hacking (and Wi-Foo, 2nd edition) - Andrew Vladimirov, Konstantin V. Gavrilenko, Andrei A. Mikhailovsky

• 802.11 Wireless Networks: The Definitive Guide (Second Edition) - Matthew S. Gast. ISBN 0-596-10052-3