Save Big On Open-Box & Pre-owned: Buy "Beautiful Security: Leading Security Experts Expla...” from Amazon Warehouse Deals and save 44% off the $39.99 list price. Product is eligible for Amazon's 30-day returns policy and Prime or FREE Shipping. See all Open-Box & Pre-owned offers from Amazon Warehouse Deals.
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your email address or mobile phone number.
Beautiful Security: Leading Security Experts Explain How They Think 1st Edition
Use the Amazon App to scan ISBNs and compare prices.
2016 Book Awards
Browse award-winning titles. See all 2016 winners
Frequently Bought Together
Customers Who Bought This Item Also Bought
Special Offers and Product Promotions
About the Author
John is CTO of the SaaS Business Unit at McAfee, his second stint at McAfee. Previously, he was their Chief Security Architect, after which he founded and served as CEO of Stonewall Software, which focused on making anti-virus technology faster, better and cheaper. John was also the founder of Secure Software (now part of Fortify).
John is author of many security books, including Building Secure Software (Addison-Wesley), Network Security with OpenSSL (O'Reilly), and the forthcoming Myths of Security (O'Reilly). He is responsible for numerous software security tools and is the original author of Mailman, the GNU mailing list manager. He has done extensive standards work in the IEEE and IETF and co-invented GCM, a cryptographic algorithm that NIST has standardized. John is also an active advisor to several security companies, including Fortify and Bit9. He holds a MS and BA from the University of Virginia.
Top Customer Reviews
For me the most interesting chapters were the one with case studies. In this book you will learn how to steal people's credit card numbers at airports (run a cut-rate WiFi access point), how to scan for malicious websites without getting infected (harder than it looks, and a constant battle of measures and countermeasures), and the true history of Pretty Good Privacy, as told by its inventor, Phil Zimmermann (not as lurid as the versions you have probably heard, but still full of twists and turns). You'll learn the going rates for stolen personal and financial information (not that much, so if you're going to steal it, you need to steal a lot) and how to run your own cyber money-laundering network (which seems to be where most of the money and the risk is). Microsoft plays a prominent role in the book, sometimes as hero, sometimes as chump.
The layout and production of the book are very good, and it has a good index (a glossary would have been nice, too). I have a couple of minor gripes: the book is set in itty-bitty type (I measured it at 8 points on 12 point line spacing); and although the book has two editors, the preface is written in the first person singular (apparently by Oram, but this is not stated).Read more ›
You'll find plenty of security-related history in the book. Phil Zimmerman's chapter on PGP's Web Of Trust is one example. Pieter Zatko's discussion of his work on the LH0phtCrack is another. Both stories help expose mindsets which, sadly, haven't changed a whole lot.
Security, as with testing or overall quality, is at its most fundamental roots a culture issue. Not every story focuses on this aspect, but pointing out bad culture is a common theme through many of the chapters. Zatko's discussion of "Learned Helplessness," John McManus's Security by Design, and Jim Routh's Forcing Firms to Focus are all great reads on this line. Many of the stories correctly emphasize that security isn't just about someone hacking code - it's a much broader issue.
As with any good security book, there's plenty of well-done content which will likely scare you in to re-thinking how you and your company approach security. Beautiful Security can help you identify practices, problems, and mindsets which leave you, your company, or your clients at risk.
Overall it's a very useful, highly readable book on a critical subject.
A premise of the book is that most people don't give security much attention until their personal or business systems are attacked or breached. The book notes that criminals often succeed by exercising enormous creativity when devising their attacks. They think outside of the box which the security people built to keep them out. Those who create defenses around digital assets must similarly use creativity when designing an information security solution.
Unfortunately, far too few organizations spend enough time thinking creatively about security. More often than not, it is simply about deploying a firewall and hoping the understaffed security team can deal with the rest of the risks.
The 16 essays, arranged in no particular theme are meant to show how fascinating information security can be. This is in defense to how security is often perceived, as an endless series of dialogue boxes and warnings, or some other block to keep a user from the web site or device they want to access. Each of the 16 essays is well-written, organized and well-argued. The following 4 chapter are particularly noteworthy.Read more ›
Most Recent Customer Reviews
I am about half way through the book and I am impressed at the content. The experts all provide knowledge from their experience in infosec to make a great combination. Read morePublished on December 3, 2012 by Ronda M
I like computer security: it is always entertaining and insightful. This book is no exception. It offers a large panorama on Security, as seen from many point of view since this is... Read morePublished on May 30, 2011 by Bruno Vernay
Recently I have been asked by a lot of people how do you get in the security field? I used to say a lot of hard work and a lot of luck. Read morePublished on April 9, 2010 by Daniel D. Lohin
BEAUTIFUL SECURITY: LEADING SECURITY EXPERTS EXPLAIN HOW THEY THINK provides a collection of essays on digital security and comes from experts who explain how social networking and... Read morePublished on August 19, 2009 by Midwest Book Review
Beautiful Security goes well beyond the confines of traditional security books that dive into technical minutia and bore you to tears. Read morePublished on July 15, 2009 by Wesley M. Talbert
"Beautiful Security" from O'Reilly, which I just finished reading, is truly an awesome book.
Now, I will probably have a high opinion of my own chapter ("Beautiful Log... Read more