My 2007 and 2006 winners are posted too. Although I've been reviewing books seriously since 2000 and blogging since 2003, I only started listing my favorite books in 2006.
I did not spend enough time "hanging in the sky" (to quote John Denver) reading a book, and too much of my day job spilled into my evening reading hours. I prefer to avoid long-haul air travel, so I don't expect to read more on planes in 2009. Regarding work-life balance, I have more help at work for detection and response duties. We'll see how 2009 fares with respect to reading overall.
My ratings for 2008 can be summarized as follows:
- 5 stars: 7 books
- 4 stars: 8 books
- 3 stars: 4 books
- 2 stars: 1 book
- 1 star: 0 books
Here's my overall ranking of the five star reviews; this means all of the following are excellent books.
- 7. Beginning Perl, 2nd Ed by James Lee. Lee's book is excellent from start to finish. I found his explanations very clear and his writing style lively. He covered just about everything I hoped to read in a book of roughly 400 pages.
- 6. OSSEC HIDS by Rory Bray, Daniel Cid and Andrew Hay. I have to congratulate the author team for OHG. Writing a book for Syngress with many contributors is usually a recipe for disaster. OHG features three lead authors, four contributors, and one foreword author -- and they don't step on each others' toes.
- 5. Virtual Honeypots: From Botnet Tracking to Intrusion Detection by Niels Provos and Thorsten Holz. If you are at all interested in potentially deceiving intruders, buy and read Virtual Honeypots. You'll learn about more than VMware (QEMU, UML, etc.) as well as numerous open source tools you can download and try for free.
- 4. Googling Security: How Much Does Google Know About You? by Greg Conti. There's no question that Greg Conti writes excellent books. Last year's Security Data Visualization book earned 5 stars, and I put Googling Security in the same league. Conti takes a thorough and methodical look at the privacy consequences of Google's services, incorporating technical realities and thoughtful analysis.
- 3. Nmap Network Scanning by Gordon "Fyodor" Lyon. If you are looking for *the* book on Nmap, the search is over: NNS is a winner.
- 2. Applied Security Visualization by Raffy Marty. I think ASV is a great book on security visualization, but it will also help general security practitioners.
And, the winner of the Best Book Bejtlich Read in 2008 award is...
1. Malware Forensics: Investigating and Analyzing Malicious Code by Cameron H. Malin, Eoghan Casey, and James M. Aquilina. Malware Forensics is an awesome book. Last year Syngress published Harlan Carvey's 5-star Windows Forensic Analysis, and now we get to enjoy this new title. I should disclose that I co-wrote a forensics book with Curtis Rose, and I just delivered a guest lecture in a class taught by Eoghan Casey. However, I still call books as I see them, regardless of the author.
I can confidently say that anyone interested in learning how to analyze malware, or perform incident response, will benefit from reading Malware Forensics. The authors even maintain a Web site -- malwareforensics.com -- to support the book.
Looking at the publisher count, top honors in 2008 go to Addison-Wesley for 3 titles, followed by Syngress with 2, and finally Apress and a self-published title, each with one. Thank you to all publishers who sent me books in 2008. I have plenty more to read in 2009.
Richard Bejtlich is teaching new classes in DC and Europe in 2009. Register by 1 Jan and 1 Feb, respectively, for the best rates.