Thursday, March 31, 2011

Review of Computer Incident Response and Product Security Posted just published my three star review of Computer Incident Response and Product Security by Damir Rajnovic. From the review:

When I first learned that Cisco Press was publishing a book about product security (Computer Incident Response and Product Security, or CIRAPS), I was excited to see what they might create. Cisco's Product Security Incident Response Team (PSIRT) is one of the best in the industry, with a long history and mature processes. Furthermore, no published book currently provides extensive coverage for companies trying to design, build, and run their own PSIRT. Rather than focusing on this topic and thoroughly examining it, however, CIRAPS spends only 100 pages out of a 215 page book talking about PSIRT issues. While there are parts of CIRAPS that I found interesting, I don't think they justify reading the whole book.


Anonymous said...

I just wanted to drop a comment that I really enjoy your reviews. You're concise. You give specific examples (which helps illustrate that you've actually read the material, which some reviews leave me questioning...). You always justify and mention the stars you've awarded. You give an idea of where the book is positioned or for what audience, either overtly or based on what people like me know of your background/skillset. And all without going into the "too long, didn't read" zone. I really appreciate it!


dre said...

I'd appreciate it if you would highlight the areas of the book that you felt were interesting.

I spent at least an hour digging for gems in this book, but couldn't find a single one.