Must-read books for 2014 on information security and programming
While the whole country is preparing for a new economic crisis, frantically buying all sorts of goods, products and real estate, we offer everyone to do self-development, to invest in themselves. After all, buckwheat with macaroni will soon be eaten, but you can earn new grubs by investing time in self-education. You understand that in difficult times it is beneficial to be universal, unpretentious and not ill. We may talk about the last two qualities separately, but now let's discuss the range of the most interesting literature on information security and programming, published in 2014.
The book is written in the style of planning a football game. Here, the problems and difficulties that security experts face while testing protection systems are described in detail and step by step. In particular, attacks on various types of networks, bypassing antiviruses and hacking security systems are considered. The author of the book is Peter Kim, IT security specialist with many years of experience, the CEO of Secure Planet.
')
As it is not difficult to guess, the book is devoted to the analysis of RAM in order to prevent and investigate cybercrime. The text is based on the program of the 5-day master class, which is taught by the authors. And this is one of the few books dedicated to this subject. Here are the following topics:
The book is a collection of instructions and recommendations for responding to information security-related incidents. It describes common attack methods, software tools, network analysis methodology, examples of using tcpdump and Snort IDS, as well as many other issues. Basically, the content of the book reflects the experience of authors with teaching and working experience in the field of network security.
This book will help business owners and managers to make well-informed decisions to ensure the information security of their business. Here is available and briefly described how to recognize, understand, evaluate and mitigate the risks associated with information security. The book also touches upon such topics as planning measures for restoring and developing a business in the event of an attack; recommendations are given to integrate security measures into the company's development strategy and to change the management system of the company and personnel. Also describes the most effective ways to ensure the safety of important information available to management, in the office and at home.
This edition is devoted to the scientific approach to non-verbal communication in social engineering, which helps to recognize fraudsters and crooks who are trying to get into trust and build closer relations in order to circumvent the existing security systems. It describes how to build such attacks and how to recognize them. Visual analogies for the communication of non-verbal communication with social engineering and fraud have been made. Various "dirty" tricks used by fraudsters are described, recommendations are given that you should pay attention to first.
It details how to encrypt SSL and TLS, used on servers and in various web projects. In fact, this is a comprehensive guide to ensure that your systems are protected from information interception and attacks under the guise of an authorized user. Here you will find all sorts of materials on the theory, details of the implementation of encryption protocols, typical vulnerabilities, and tips on how to deploy data encryption systems.
Hackers can use reverse to detect system vulnerabilities. The book tells about the features of reverse engineering in x86, x64 and ARM architectures. The technologies for protecting virtual machines, as well as the use of rootkits and step-by-step analysis of the Windows kernel drivers are considered. The last question, by the way, is rarely covered in the literature. The book is valuable for its systematic presentation of the material, with a large number of practical examples and independent tasks. The bonus chapter also discusses tools for reversing.
The book addresses such issues as:
The cloud services boom brought with it numerous problems with ensuring their security. The book aims to highlight the fundamentals of the technologies needed to create secure cloud services. It also discusses the challenges and challenges that organizations face when migrating mission-critical applications to the cloud.
The author was dissatisfied with the JavaScript training literature presented on the market for writing this book. He set as his goal to submit the material in a simpler, more accessible, more intelligible, more human language, and not suspended technical.
This is a kind of recommendation book on harmonious life as a professional technician. The author shares with the developers tips in such areas as career and productivity, personal finances and investments, and even fitness and personal relationships. The material is submitted in a playful style, the book consists of 71 short chapters structurally, at the end of each of them concrete steps are written to achieve an early result.
Actually, this book speaks the title, there is nothing special to add here. This is a practical guide that discusses various aspects and stages of creating games in the genre of "arcade" in Python using Pygame libraries.
This is a step-by-step tutorial on C programming for beginners, for those who are just taking the first steps in programming. Of course, she will not teach you the heights of skill, but if you have not yet decided which language you would like to learn first, then pay attention to this book.
One of the main difficulties many developers face is the completion of the game. Many projects fail due to excessive complexity of their own code. In this book, in the form of separate "recipes" are collected various templates that will help "unravel" and optimize your game.
Do you have a great idea for the game, but do not have enough skills and knowledge to implement it? Do you want to learn professional approaches to game development? Want to create games using physics and artificial intelligence? Then this book is for you. Here you will find not only the theory, but also dozens of examples of code and tasks to consolidate the material studied. Despite the fact that the author chose the language of Python, it is not so important, because the approach to the development of games is more important.
Today, one application can often be used on a variety of devices: a smartphone, tablet, laptop, TV, and so on. This book demonstrates the different kinds of logical interconnection of all these devices. You will learn how to create applications designed for the ecosystem of devices using different approaches. Understand that instead of offering everything at once on all possible devices, it is better to choose the best for each type of gadgets. Learn how to measure the performance of your ecosystem of devices, and more.
With this book you will:
What books on programming or information security, published in 2014, can you recommend? What did you read, read, are you going to read, someone advised?
And if you are not a fan of reading, are afraid to blind completely, or you are instantly feeling sleepy from a book, then our research and education department has a regularly updated youtube channel , where you can find many lectures on programming, algorithms, databases, security, product management and other relevant topics.
Security
Hacker Tactics: A Practical Guide to Penetration Testing (The Hacker Playbook: A Practical Guide To Penetration Testing)
The book is written in the style of planning a football game. Here, the problems and difficulties that security experts face while testing protection systems are described in detail and step by step. In particular, attacks on various types of networks, bypassing antiviruses and hacking security systems are considered. The author of the book is Peter Kim, IT security specialist with many years of experience, the CEO of Secure Planet.
The Art of Memory Analysis: Detecting Malware and Threats in Windows, Linux, and Mac (Detection of Malware and Threats in Windows, Linux and Mac)
')
As it is not difficult to guess, the book is devoted to the analysis of RAM in order to prevent and investigate cybercrime. The text is based on the program of the 5-day master class, which is taught by the authors. And this is one of the few books dedicated to this subject. Here are the following topics:
- How analysis of volatile memory contributes to cybercrime investigation
- Procedure for detecting hidden malware and integrated threats
- Using opensource-tools for detection and analysis
- How to protect computer memory from potential threats
Instructions for responding to cyber threats (Blue Team Handbook: Incident Responder: A condensed field guide)
The book is a collection of instructions and recommendations for responding to information security-related incidents. It describes common attack methods, software tools, network analysis methodology, examples of using tcpdump and Snort IDS, as well as many other issues. Basically, the content of the book reflects the experience of authors with teaching and working experience in the field of network security.
Cybersecurity Practices Guide for Executives (Cybersecurity for Executives: A Practical Guide)
This book will help business owners and managers to make well-informed decisions to ensure the information security of their business. Here is available and briefly described how to recognize, understand, evaluate and mitigate the risks associated with information security. The book also touches upon such topics as planning measures for restoring and developing a business in the event of an attack; recommendations are given to integrate security measures into the company's development strategy and to change the management system of the company and personnel. Also describes the most effective ways to ensure the safety of important information available to management, in the office and at home.
Social Engineering: Human Factors and Security (Unmasking the Social Engineer: The Human Element of Security)
This edition is devoted to the scientific approach to non-verbal communication in social engineering, which helps to recognize fraudsters and crooks who are trying to get into trust and build closer relations in order to circumvent the existing security systems. It describes how to build such attacks and how to recognize them. Visual analogies for the communication of non-verbal communication with social engineering and fraud have been made. Various "dirty" tricks used by fraudsters are described, recommendations are given that you should pay attention to first.
Bulletproof SSL and TLS: Deploying SSL / TLS and PKI on servers and in web applications (Bulletproof SSL and TLS: Understanding and Deploying SSL / TLS and Secure Servers and Web Applications)
It details how to encrypt SSL and TLS, used on servers and in various web projects. In fact, this is a comprehensive guide to ensure that your systems are protected from information interception and attacks under the guise of an authorized user. Here you will find all sorts of materials on the theory, details of the implementation of encryption protocols, typical vulnerabilities, and tips on how to deploy data encryption systems.
Practical Reverse Engineering: x86, x64, ARM, Windows kernel, utilities and obfuscation (Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation)
Hackers can use reverse to detect system vulnerabilities. The book tells about the features of reverse engineering in x86, x64 and ARM architectures. The technologies for protecting virtual machines, as well as the use of rootkits and step-by-step analysis of the Windows kernel drivers are considered. The last question, by the way, is rarely covered in the literature. The book is valuable for its systematic presentation of the material, with a large number of practical examples and independent tasks. The bonus chapter also discusses tools for reversing.
Java Battleship: Building Secure Web Applications (Iron-Clad Java: Building Secure Web Applications)
The book addresses such issues as:
- secure authentication and session management
- creating a system of tight access control in multi-user web applications,
- counteraction to cross-site scripting, cross-site request forgery and clickjacking
- protection of important data during storage and shipment,
- prevention of attacks using code injection, including SQL,
- securing file I / O operations and loading
- logging, error handling, intrusion detection methods
Creating a security infrastructure for a cloud project (Building the Infrastructure for Cloud Security: A Solutions View (Expert’s Voice in Internet Security))
The cloud services boom brought with it numerous problems with ensuring their security. The book aims to highlight the fundamentals of the technologies needed to create secure cloud services. It also discusses the challenges and challenges that organizations face when migrating mission-critical applications to the cloud.
Programming
A smart way to learn javascript (Smarter Way to Learn JavaScript)
The author was dissatisfied with the JavaScript training literature presented on the market for writing this book. He set as his goal to submit the material in a simpler, more accessible, more intelligible, more human language, and not suspended technical.
The manual developer's life (Soft Skills: The software developer's life manual)
This is a kind of recommendation book on harmonious life as a professional technician. The author shares with the developers tips in such areas as career and productivity, personal finances and investments, and even fitness and personal relationships. The material is submitted in a playful style, the book consists of 71 short chapters structurally, at the end of each of them concrete steps are written to achieve an early result.
Creating arcade games in Python and using Pygame (Program Arcade Games: With Python and Pygame)
Actually, this book speaks the title, there is nothing special to add here. This is a practical guide that discusses various aspects and stages of creating games in the genre of "arcade" in Python using Pygame libraries.
Learning C Programming in One Day (C Programming Success for a Day: Beginners' Guide To C Programming)
This is a step-by-step tutorial on C programming for beginners, for those who are just taking the first steps in programming. Of course, she will not teach you the heights of skill, but if you have not yet decided which language you would like to learn first, then pay attention to this book.
Game Programming Patterns
One of the main difficulties many developers face is the completion of the game. Many projects fail due to excessive complexity of their own code. In this book, in the form of separate "recipes" are collected various templates that will help "unravel" and optimize your game.
Game Development with Python
Do you have a great idea for the game, but do not have enough skills and knowledge to implement it? Do you want to learn professional approaches to game development? Want to create games using physics and artificial intelligence? Then this book is for you. Here you will find not only the theory, but also dozens of examples of code and tasks to consolidate the material studied. Despite the fact that the author chose the language of Python, it is not so important, because the approach to the development of games is more important.
Planning UX in applications for the device ecosystem (Designing Multi-Device Experiences: An Approach to User Experiences across Devices)
Today, one application can often be used on a variety of devices: a smartphone, tablet, laptop, TV, and so on. This book demonstrates the different kinds of logical interconnection of all these devices. You will learn how to create applications designed for the ecosystem of devices using different approaches. Understand that instead of offering everything at once on all possible devices, it is better to choose the best for each type of gadgets. Learn how to measure the performance of your ecosystem of devices, and more.
JavaScript and JQuery: Interactive Front-End Web Development (JavaScript and JQuery: Interactive Front-End Web Development)
With this book you will:
- learn basic programming concepts
- get information about the main elements of the JavaScript language and can write your own scripts,
- take the first steps in using jQuery, which helps simplify the process of writing scripts,
- You will learn how to independently repeat elements and mechanics peeped on other sites, such as scrolling, data filters, forms, content updates using Ajax, etc.
What books on programming or information security, published in 2014, can you recommend? What did you read, read, are you going to read, someone advised?
And if you are not a fan of reading, are afraid to blind completely, or you are instantly feeling sleepy from a book, then our research and education department has a regularly updated youtube channel , where you can find many lectures on programming, algorithms, databases, security, product management and other relevant topics.
Source: https://habr.com/ru/post/248733/
All Articles