We modeled the Cybersecurity Canon after the Baseball or Rock & Roll Hall-of-Fame, except for cybersecurity books. We have more than 25 books on the initial candidate list, but we are soliciting help from the cybersecurity community to increase the number to be much more than that. Please write a review and nominate your favorite.
The Cybersecurity Canon is a real thing for our community. We have designed it so that you can directly participate in the process. Please do so!
Book Review by Canon Committee Member, Steve Winterfeld: Hacking Exposed Series (1999) by McGraw-Hill Education
There are not a lot of technical books that meet the definition of “timeless, genuinely represents an aspect of the community that is true and precise, reflects the highest quality and, if not read, will leave a hole in the cybersecurity professional’s education that will make the practitioner incomplete,” but the Hacking Exposed series does. It started in 1999, has sold almost 1 million copies, and has been translated into almost 30 languages.
The Hacking Exposed series belongs in the Cybersecurity Canon under the technical category as well as history. It is hard to protect your network without understanding the tools and methodologies the hackers, cyber criminals and advanced persistent threats use. This series allows security professionals to quickly educate themselves or look up answers to questions about incidents.
It had to have been a dark and stormy night when Stuart McClure sat down to write Hacking Exposed. The book is designed to give the novice practitioner the framework to build the basic skills needed to become a cybersecurity professional as well as provide reference on specific techniques for the experienced professional. The basic book is broken into four parts – 1) Casing the establishment, 2) Endpoint and server hacking, 3) Infrastructure hacking, and 4) Application and data hacking.
There are several books in the series (most having updated versions) to meet just about every functional or infrastructure need:
It is vital for cybersecurity professionals to understand how the threat works and what tools and techniques they use. These books are very hands on with sample code, visuals depicting how to use tools, plus features like threat vector maps and a countermeasures cookbook. They are designed to provide practical how-to advice on what to do. They show how to use many of the same tools the threat uses to protect your systems.
Bottom line: This series is mandatory reading if you want to understand what is happening at a technical level.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.