New Book Arrivals

Several books arrived at my door last week. I have time to add two to my reading list, after which I will read and review them. The others I will skim and not review, since I don't review books I don't at least try to read fully.

The first of the two books to make my short list is Syngress' Combating Spyware in the Enterprise. This book does not appear to have a lead author, but it has a technical editor and seven contributors. Sometimes this is a recipe for disaster. However, I want to read this book because it is the first on the spyware topic from one of my mainstream publishers. I also liked Syngress' related books Inside the Spam Cartel, Phishing Exposed, and Software Piracy.

The second book I plan to read is another Syngress book that I did not expect: How to Cheat at Securing a Wireless Network. This is another book in the Syngress format, with one lead author (Chris Hurley) and a ton of contributing authors. I gave Chris Hurley's previous book WarDriving three stars, but I hope this one is better.

I don't plan to read the following, but I may skim them for useful information. You can expect me to not sell these on eBay (as I'm sure some other review copy recipients do!) but I will probably give them away at NoVA Sec or ShmooCon gatherings.

Staying with the "cheating" line we come to How to Cheat at Managing Information Security. I don't plan to read this book because it seems to repeat a lot of information I already know. If this book concentrated on management issues, I would probably read it. Instead, I see short discussions of technical material across a wide range of issues. The book is probably aimed for managers who need to know some security, not security people who need to know some management. If you prefer books written by one author, though, this book is for you -- Mark Osborne wrote it.

Incidentally, I'm not a big fan of a "How to Cheat" theme, since I graduated from a military academy with an Honor Code. Staying with the management theme we come to Syngress' Syngress IT Security Project Management Handbook. This book is similar to the previous one, since Susan Snedaker wrote it, with Russ Rogers as technical editor. I'm not sure how much of this book I can skip and still feel comfortable about reviewing it. While there is more management than the previous book, I still see plenty of "tech overview" chapters. We'll see.

The last book is Cisco Press' Advanced Host Intrusion Prevention with CSA. I don't use Cisco host-based products. This book looks like a good manual for Cisco Security Agent, but I don't need to read one.

By the way, while searching I found this upcoming book: Designing BSD Rootkits by Jospeh Kong. I found this related Phrack article by the same person. I can't wait to read this book. Since that link just went did, here is another.