A Curated List of Security Readings
What Sticks With You?
When you decide to work in Security you automatically sign up to a professional life of continuous learning. Technologies, cultures and threats are constantly changing, and anyone who is trying to “do security” in this environment must keep up.
Just because something is written (a book, a paper) or spoken (a presentation, a podcast) doesn’t mean it’s valuable. For books, I look to the cybersecurity canon to find curated titles. There, a Hall of Fame winner is one that is important to everyone in the industry, and can withstand the test of time. But there isn’t an industry resource for papers, so I thought I’d go to the socials (LinkedIn, Twitter, Mastodon) to find the answers.
As always, I was gratified that people chose to share their knowledge with me, and I was surprised by the selections. You can see that there is a wide, wide, wide array of topics and ages of these nominations.
Here’s the list (and any comments came from the nominating individual):
Aleph1: “Smashing the Stack for Fun and Profit” (Recommended twice)
