Chris and Robert go over a plethora of recommendations they have accumulated over their years of experience in the industry.
Chris’s recommendations
1. Book: Agile Application Security: Enabling Security in a Continuous Delivery Pipeline
by Laura Bell (Author), Michael Brunton-Spall (Author), Rich Smith (Author), Jim Bird (Author)
2. Website: Iron Geek
Adrian Crenshaw records many major, non-commercial security conferences and posts the talks to Youtube
3. Book: The DevOps Handbook: How to Create World-Class Agility, Reliability, and Security in Technology Organizations
by Gene Kim (Author), Patrick Debois (Author), John Willis (Author), Jez Humble (Author)
4. News Source: The Register
News site, but has great sources and a bit of British humor attached to technology failures
http://www.theregister.co.uk/security/
5. Blog: TechBeacon
6. Book: Threat Modeling: Designing for Security
by Adam Shostack (Author)
7. Book: The Tangled Web: A Guide to Securing Modern Web Applications
by Michal Zalewski (Author)
8. Book: Start with Why: How Great Leaders Inspire Everyone to Take Action
by Simon Sinek (Author)
Not a security book, but a good approach for those trying to change a security culture
Robert’s Recommendations
1. Books by Martin Fowler (Author)
He wrote many books on understanding Architecture.
https://martinfowler.com/books/
2. Book: Software Security: Building Security In
by Gary McGraw (Author)
3. Book: Core Software Security: Security at the Source
by James Ransome (Author) and Anmol Misra (Author)
4. Book: Threat Modeling: Designing for Security
by Adam Shostack (Author)
5. Websites: Troy Hunt
6. Conferences: #AppSec USA, , B-Sides, Source, Converge
https://www.convergeconference.org/
7. Website: Google Alerts
Use this to be notified about specific topics you want to learn about.
8. Book: The Checklist Manifesto: How to Get Things Right
by Atul Gawande (Author)
9. Book Securing Systems: Applied Security Architec
FOLLOW OUR SOCIAL MEDIA:
➜Twitter: @AppSecPodcast
➜LinkedIn: The Application Security Podcast
➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast
Thanks for Listening!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~