Open Access Books#

Continuous learning is key for cyber security.

Learning (new) Cyber security techniques, vulnerabilities or new protection measures does not have to be boring and expensive.

The best security professionals share their knowledge under an open access license. So besides checking OWASP use, reuse the quality open access cyber security as provided here.

Cryptography#

  • A modern practical book about cryptography for developers with code examples. Practical Cryptography for Developers: https://cryptobook.nakov.com/

  • The Joy of Cryptography is a free undergraduate textbook that introduces students to the fundamentals of provable security. A lot of math. But this is crucial to really understand crypto. Created by Mike Rosulek. A cryptographer and associate professor in the School of EECS at Oregon State University. Check: https://joyofcryptography.com/

  • A Graduate Course in Applied Cryptography, By Dan Boneh and Victor Shoup. Download in PDF

DDoS QUICK GUIDE#

Great Guide with a simple but good overview of all DDoS methods and possible protection methods.

Download to the DDoS quick guide

IoT Security Reference Architecture for the Healthcare Industry#

A growing number of health-related IoT devices are currently available in the marketplace, each incorporating different aspects of the reference architectures explored in this document. Before standard solutions are available, health device developers, OEMs and IT managers should be able to identify the primary IoT and security management needs for their IoT for health solutions by using this reference architecture in conjunction with suitable risk assessment.

Read this Reference Architecture

Guide to data protection#

This guide is for those who have day-to-day responsibility for data protection. It explains the purpose and effect of each principle, gives practical examples and answers frequently asked questions. Check: Guide to Data Protection

Information Security Guide: Effective Practices and Solutions for Higher Education#

Great guide with all topics for IS explained. And with measurements included. Tailored for Education institutes. The Information Security Guide is mapped to several popular standards, including ISO/IEC 27002:2013, NIST, HIPAA, COBIT, PCI DSS, and the US federal Cybersecurity Frameworks. There are currently 17 chapters on information security, privacy, identity and access management, governance, risk, and compliance.

Check https://www.educause.edu/focus-areas-and-initiatives/policy-and-security/cybersecurity-program/resources/information-security-guide

Low-Level Software Security for Compiler Developers#

With software security becoming even more important in recent years, it is no surprise to see an ever increasing variety of security hardening features and mitigations against vulnerabilities implemented in compilers. This book aims to help developers of code generation tools such as JITs, compilers, linkers and assemblers to overcome this.

Link to Low-Level Software Security for Compiler Developers

Malware Reverse Engineering Handbook#

This handbook by CCDCOE Technology Branch researchers gives an overview of how to analyse malware executables that are targeting the Windows platform. The authors are presenting the most common techniques used in malware investigation including set up of LAB environment, network analysis, behavioural analysis, static and dynamic code analysis. The reader will become familiar with disassemblers, debuggers, sandboxes, system and network monitoring tools. Incident response and collaboration tools are also introduced.

Book landing page: https://ccdcoe.org/library/publications/malware-reverse-engineering-handbook/

Direct PDF link: https://ccdcoe.org/uploads/2020/07/Malware_Reverse_Engineering_Handbook.pdf

Pentesters Promiscuous Notebook (PPN)#

A GitBook for learning to do hands-on things from a practitioner.

Repository on Github

Programming Differential Privacy#

Programming Differential Privacy, A book about differential privacy, for programmers A great open book on this important security topic. Programming Differential Privacy uses examples and Python code to explain the ideas behind differential privacy! The book is suitable for undergraduate students in computer science, and no theory background is expected.

Programming Differential Privacy is executable. Using JupyterBook, so the same Sphinx based Jupyter tool chain as this Security Architecture book. Each chapter is actually generated from Python code. Programming Differential Privacy is a living, open-source book. Link to the GitHub repository.

Link to the book website:https://programming-dp.com/index.html

And to read the online html version directly click here.