Best Book Bejtlich Read in 2011

It's time to name the winner of the Best Book Bejtlich Read award for 2011!

I've been reading and reviewing digital security books seriously since 2000. This is the 6th time I've formally announced a winner; see my bestbook label for previous winners.

Compared to 2010 (31 books), 2011 saw a decrease to 22 books. Remember all reading is neither equal nor fast. When I review a book, I am sure to read it and not just skim it. For 10 books last year, I chose not to read them but to instead post impressions. Posts called "impressions" provide my sense of the book but I do not publish them in my Amazon.com reviews.

My ratings for 2011 can be summarized as follows:

  • 5 stars: 10 books

  • 4 stars: 7 books

  • 3 stars: 4 books

  • 2 stars: 1 book

  • 1 stars: 0 books

Please remember that I try to avoid reading bad books. If I read a book and I give it a lower rating (generally 3 or less stars), it's because I had higher hopes.

Here's my overall ranking of the five star reviews; this means all of the following are excellent books. The links point to my reviews. And, the winner of the Best Book Bejtlich Read in 2011 award is...

  • Hacking: The Art of Exploitation, 2nd Ed by Jon Erickson; No Starch. My review said in part:

    Jon Erickson's Hacking, 2nd Ed (H2E) is one of the most remarkable books in the group I just read. H2E is in some senses amazing because the author takes the reader on a journey through programming, exploitation, shellcode, and so forth, yet helps the reader climb each mountain. While the material is sufficiently technical to scare some readers away, those that remain will definitely learn more about the craft.

Looking at publishers, for the first year I can remember no publisher won more than one title. No Starch breaks the string of 3 straight previous BBBR victories held by Syngress.

Thank you to all publishers who sent me books in 2011. I have plenty more to read in 2012.

Congratulations to all the authors who wrote great books in 2011, and who are publishing titles in 2012!

Comments

bryan said…
Thanks for the book recommendations, as a new information assurance graduate I have purchased a lot of books you have reviewed or mentioned in attempt to bridge the gap between my college education and reality. So far it seems to be working. Keep an eye out for my future resume.
3:57 PM
Anonymous said…
I guess it should read "My ratings for 2011" instead of "2010" :-) ?

Michael
2:02 AM
Richard Bejtlich said…
Michael -- thanks, fixed!
9:09 AM
Don Clifton said…
Richard,

I totally agree with the choice and my close second was the Malware Analyst's Cookbook.

Don
11:05 AM
Post a Comment

Popular posts from this blog

Zeek in Action Videos

Image
This is a quick note to point blog readers to my Zeek in Action YouTube video series for the Zeek network security monitoring project .  Each video addresses a topic that I think might be of interest to people trying to understand their network using Zeek and adjacent tools and approaches, like Suricata, Wireshark, and so on.  I am especially pleased with Video 6 on monitoring wireless networks . It took me several weeks to research material for this video. I had to buy new hardware and experiment with a Linux distro that I had not used before -- Parrot .  Please like and subscribe, and let me know if there is a topic you think might make a good video.
Read more

MITRE ATT&CK Tactics Are Not Tactics

Image
Just what are "tactics"? Introduction MITRE ATT&CK  is a great resource, but something about it has bothered me since I first heard about it several years ago. It's a minor point, but I wanted to document it in case it confuses anyone else. The MITRE ATT&CK Design and Philosophy document from March 2020 says the following: At a high-level, ATT&CK is a behavioral model that consists of the following core components: • Tactics, denoting short-term, tactical adversary goals during an attack; • Techniques, describing the means by which adversaries achieve tactical goals; • Sub-techniques, describing more specific means by which adversaries achieve tactical goals at a lower level than techniques; and • Documented adversary usage of techniques, their procedures, and other metadata. My concern is with MITRE's definition of "tactics" as "short-term, tactical adversary goals during an attack," which is oddly recursive. The key word in the tacti
Read more

New Book! The Best of TaoSecurity Blog, Volume 4

Image
  I've completed the TaoSecurity Blog book series . The new book is  The Best of TaoSecurity Blog, Volume 4: Beyond the Blog with Articles, Testimony, and Scholarship .  It's available now for Kindle , and I'm working on the print edition.  I'm running a 50% off promo on Volumes 1-3 on Kindle through midnight 20 April. Take advantage before the prices go back up. I described the new title thus: Go beyond TaoSecurity Blog with this new volume from author Richard Bejtlich. In the first three volumes of the series, Mr. Bejtlich selected and republished the very best entries from 18 years of writing and over 18 million blog views, along with commentaries and additional material.  In this title, Mr. Bejtlich collects material that has not been published elsewhere, including articles that are no longer available or are stored in assorted digital or physical archives. Volume 4 offers early white papers that Mr. Bejtlich wrote as a network defender, either for technical or pol
Read more