I’ve recently picked up and read, all with in the last week actually. I read about it here, http://blogs.msdn.com/threatmodeling/archive/2009/06/26/beautiful-security.aspx, a solid blog about Application Threat modeling from Microsoft. I’m not a developer but I’m very interested in security as a whole so I like to try and stay on top of it when I can.
The book is titled Beautiful Security, amazon link, that is not very technical but has some technical aspects to it. It is more about observations and case studies about various aspects of security including, development, metrics, wireless, logs, etc in the security field as well as some ideas to improve the areas. Some are humorous and more well written then others, each section is written by a different author so each has a different style. It can defiantly be used to help come up with some ideas which you can implement in your own environment. Many of this though is not new for most people in the security industry but it is indeed a quick and easy read. Since this if my first book review, I think I’ll keep this up though, I’ve come up with a rating system.
1-5 with a 1 = don’t bother, a 3= if you are in the area or semi intersted and finally a 5=a must read.
I give this book a 3. It is semi entertaining, not as entertaining as Kevin Mitnick’s books but you can draw some ideas and see where other companies went wrong and right. If you have time and are interested in the security thought process, indeed pick this up.
Entries (RSS)