Sunshine on Secure Java: OWASP Top 10 - Writing Secure Web Applications

Ebook

Software Development Security: CISSP, #8

Ebook

Bug Bounty Hunting for Web Security: Find and Exploit Vulnerabilities in Web sites and Applications

Ebook

Learn Penetration Testing with Python 3.x: Perform Offensive Pentesting and Prepare Red Teaming to Prevent Network Attacks and Web Vulnerabilities (English Edition)

Ebook

The Browser Hacker's Handbook

Ebook

OWASP Top 10 Vulnerabilities: Beginner's Guide To Web Application Security Risks

Ebook

Malware Analysis and Detection Engineering: A Comprehensive Approach to Detect and Analyze Modern Malware

Ebook

Modern Cybersecurity Practices: Exploring And Implementing Agile Cybersecurity Frameworks and Strategies for Your Organization

Ebook

Securing SQL Server: Protecting Your Database from Attackers

Ebook

Penetration Testing for Jobseekers: Perform Ethical Hacking across Web Apps, Networks, Mobile Devices using Kali Linux, Burp Suite, MobSF, and Metasploit

Ebook

Hands-on Penetration Testing for Web Applications: Run Web Security Testing on Modern Applications Using Nmap, Burp Suite and Wireshark (English Edition)

Ebook

Advanced API Security: Securing APIs with OAuth 2.0, OpenID Connect, JWS, and JWE

Ebook

The Core of Hacking

Ebook

Advanced ASP.NET Core 3 Security: Understanding Hacks, Attacks, and Vulnerabilities to Secure Your Website

Ebook

Mastering Malware Analysis: The complete malware analyst's guide to combating malicious software, APT, cybercrime, and IoT attacks

Ebook

Hacking Web Apps: Detecting and Preventing Web Application Security Problems

Ebook

Backend Developer in 30 Days: Acquire Skills on API Designing, Data Management, Application Testing, Deployment, Security and Performance Optimization (English Edition)

Ebook

Penetration Testing with Kali Linux: Learn Hands-on Penetration Testing Using a Process-Driven Framework (English Edition)

Ebook

Next Generation Red Teaming

Ebook

Client-Side Attacks and Defense

Ebook

Seven Deadliest Web Application Attacks

Ebook

A Complete Guide to Burp Suite: Learn to Detect Application Vulnerabilities

Ebook

Software Engineering for Absolute Beginners: Your Guide to Creating Software Products

Ebook

JavaScript Security

Ebook

Building Progressive Web Applications with Vue.js: Reliable, Fast, and Engaging Apps with Vue.js

Ebook

Better Embedded System Software

Ebook

Burp Suite Essentials

Ebook

Beginning ASP.NET Security

Ebook

Web Application Security is a Stack: How to CYA (Cover Your Apps) Completely

Ebook

Alice and Bob Learn Application Security

Ebook

JavaScript Programming: 3 In 1 Security Design, Expressions And Web Development

Ebook

CompTIA Security+ Study Guide: Exam SY0-601

Ebook

Hacking: Ultimate Beginner's Guide for Computer Hacking in 2018 and Beyond: Hacking in 2018, #1

Ebook

How to Be Invisible: Protect Your Home, Your Children, Your Assets, and Your Life

Ebook

How to Become Anonymous, Secure and Free Online

Ebook

Remote/WebCam Notarization : Basic Understanding

Ebook

Tor and the Dark Art of Anonymity

Ebook

Make Your Smartphone 007 Smart

Ebook

Cybersecurity: The Beginner's Guide: A comprehensive guide to getting started in cybersecurity

Ebook

The Hacker Crackdown: Law and Disorder on the Electronic Frontier

Ebook

Hacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking

Ebook

Wireless Hacking 101

Ebook

Network+ Study Guide & Practice Exams

Ebook

Social Engineering: The Science of Human Hacking

Ebook

Cybersecurity For Dummies

Ebook

Mike Meyers CompTIA Security+ Certification Passport, Sixth Edition (Exam SY0-601)

Ebook

The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers

Ebook

CompTIA Network+ Review Guide: Exam N10-008

Ebook

Mike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601)

Ebook

Ultimate Guide for Being Anonymous: Hacking the Planet, #4

Ebook

CompTIA Network+ Certification Guide (Exam N10-008): Unleash your full potential as a Network Administrator (English Edition)

Ebook

Hacking With Kali Linux : A Comprehensive, Step-By-Step Beginner's Guide to Learn Ethical Hacking With Practical Examples to Computer Hacking, Wireless Network, Cybersecurity and Penetration Testing

Ebook

Practical Lock Picking: A Physical Penetration Tester's Training Guide

Ebook

Hacking For Dummies

Ebook

Dark Territory: The Secret History of Cyber War

Ebook

The Cyber Attack Survival Manual: Tools for Surviving Everything from Identity Theft to the Digital Apocalypse

Ebook

Security+ Boot Camp Study Guide

Ebook

How to Hack Like a Pornstar

Ebook

How to Hack Like a GOD: Master the secrets of hacking through real-life hacking scenarios

Ebook

Computer Networking: The Complete Beginner's Guide to Learning the Basics of Network Security, Computer Architecture, Wireless Technology and Communications Systems (Including Cisco, CCENT, and CCNA)

Ebook

Amazon Web Services (AWS) Interview Questions and Answers

Podcast episode

Ep. 33 - Code dependencies are the devil: Have you built your app on someone else's code? And beyond that, does the "secret sauce" of your product depend on external libraries or frameworks? While it's tempting to use the latest and greatest tech as soon as it comes out, that's not always a...

Podcast episode

UX in Cybersecurity: All links and images for this episode can be found on CISO Series () Security products and programs may be functional and work correctly, but are they usable in the sense that it fits into the work patterns of our users?  for the discussion that...

Podcast episode

Security Is Suffering From DevOps FOMO: All links and images for this episode can be found on CISO Series (https://cisoseries.com/security-is-suffering-from-devops-fomo/) Darn it. DevOps is having this awesome successful party and we want in! We've tried inserting ourselves in the middle...

Podcast episode

SWVHSC Micro Interviews: deepwatch & ExtraHop - Corey Bodzin, Michael Sanders - ESW #197: deepwatch Lens Score - The first SecOps maturity benchmarking and planning app. Answers CISO Questions: How mature is my Security Program? How do I compare to my peers? What one thing should I do next? This segment is sponsored by deepwatch. Visit to...

Podcast episode

SWVHSC Micro Interviews: deepwatch & ExtraHop - Corey Bodzin, Michael Sanders - ESW #197: deepwatch Lens Score - The first SecOps maturity benchmarking and planning app. Answers CISO Questions: How mature is my Security Program? How do I compare to my peers? What one thing should I do next? This segment is sponsored by deepwatch. Visit to...

Podcast episode

ESW #309 - Tal Morgenstern, Casey Smith: The CI/CD pipeline is the backbone of the software development process, so it's critical to ensure you are meeting and exceeding the most critical security measures. Throughout this podcast, Tal Morgenstern, Co-founder and CSO of Vulcan Cyber, will...

Podcast episode

ASW #240 - Kelly Shortridge, Eric Fourrier, Richard Yew: What does software resilience mean? Why is status quo application security unfit for the modern era of software? How can we move from security theater to security chaos engineering? This segment answers these questions and more. Segment Resources:...

Podcast episode

Making Compliance Suck Less with AJ Yawn: AJ Yawn is the co-founder and CEO at ByteChek, a startup that’s focused on making compliance suck less. He’s also a founding board member of the National Association of Black Compliance & Risk Management Professionals, and advisor at CISO MAG, and an advi

Podcast episode

EP111 How to Solve the Mystery of Application Security in the Cloud?: Guest:  , Infosec Consultant and and Topics: What got you interested in security and motivated you to make this your area of focus? You came from a developer background, right? Occasionally, we hear the sentiment that “developers...

Podcast episode

The DIY Lab - ASW #185: Lots of web hacking can be done directly from the browser. Throw in a proxy like Burp plus the browser's developer tools window and you've got a nearly complete toolkit. But nearly complete means there's still room for improvement. We'll talk about...

Podcast episode

Inherently Vulnerable By Design: All links and images for this episode can be found on CISO Series () Much of what we do as practitioners is to prevent inadvertent security problems - oversights, zero-days, etc. What about inherent and unavoidable problems? When the very design of...

Podcast episode

Prevention vs. Detection and Containment: All links and images for this episode can be found on CISO Series () We agree that preventing a cyber attack is better than detection and containment. Then why is the overwhelming majority of us doing detection and containment? Check out for the...

Podcast episode

Smarter Testing = Safer Digital Experiences: Application testing is a critical component of a software development lifecycle. A complete testing battery for any application includes not only functionality and usability testing but security and reliability testing as well. However, helping ensur...

Podcast episode

Josh Grossman - building Appsec programs, bridging security and developer gaps: Youtube VOD:   #appsec, #owasp, #ASVS, #joshGrossman, #informationsecurity, #SBOM, #supplychain, #podcast, #twitch, #brakesec, #securecoding, #Codeanalysis Questions and topics: 1. The background to the topic, why is it something that interests...

Podcast episode

Security from a Developer's Perspective - Josh Goldberg - ASW #262: A lot of appsec conferences have presentations for appsec audiences -- but that's not often the group that's building apps. What if more developer conferences had appsec content? We talk with Josh about security from the developer's point of view,...

Podcast episode

API Security

Podcast episode

How Can Security Work TOGETHER, Not Against, Developers - Joe Garcia - ASW #107: DevOps and Agile IT practices have been around for a while. However, security teams are just now catching up. We will discuss how security teams can stop being “showstoppers” for the developers and actually work with them, not against them. Focus...

Podcast episode

How Can Security Work TOGETHER, Not Against, Developers - Joe Garcia - ASW #107

Podcast episode

API Security: All links and images for this episode can be found on CISO Series () APIs are gateways in and out of our kingdom and thus they're also great access points for malicious hackers. How the heck do we secure them without overwhelming ourselves? Check out ...

Podcast episode

Threat Modeling Deep Dive - ASW #131: We threat model every day without realizing it. And, of course, we often threat model with systems and products within our organizations. So how formal does our approach need to be? How do we best guide the "what could go wrong" discussion with DevOps...

Podcast episode

Threat Modeling Deep Dive - ASW #131: We threat model every day without realizing it. And, of course, we often threat model with systems and products within our organizations. So how formal does our approach need to be? How do we best guide the "what could go wrong" discussion with DevOps...

Podcast episode

We're Market Leaders in Customer Confusion: All links and images for this episode can be found on CISO Series () We could offer a simpler explanation of our technology, but if we confuse you we can charge a lot more. This episode was recorded in front of a live audience at in San Francisco....

Podcast episode

S2 E1 - Securing Angular Apps with the Microsoft Identity Platform: Securing your Angular application is almost always necessary. And, it's almost always unnecessary for you to roll your own solution to authentication and security. Why? First, security is not easy and straight-forward. At first, you might be tempted...

Podcast episode

Highly Technical - ASW #170: This week, we welcome Nuno Loureiro, CEO at Probely, and Tiago Mendo, CTO at Probely, to talk about Dev(Sec)Ops Scanning Challenges & Tips! There's a plenitude of ways to do Dev(Sec)Ops, and each organization or even each team uses a different...

Podcast episode

#138 - Building Application Security Program - Derek Fisher

Podcast episode

Always Interesting - ASW #143: This week, we welcome John Morello, VP of Product at Palo Alto Networks, joins us to talk about Cloud Native Security Platforms! Modern appsec demonstrates the importance of a cloud native strategy for enterprise security and how much that strategy...

Podcast episode

Breaking John - ASW #136: This week, we welcome Andrei Serban, Co-Founder at Fuzzbuzz, to discuss Fuzz Testing! Fuzzing can be successful AppSec strategy for finding software bugs. And deploying a fuzzer no longer needs to be a cumbersome process. Find out how fuzzing can help...

Podcast episode

ASW #190 - Harshil Parikh: Developers ignore security issues. But can we really blame them? After all, security folks bombard them with an endless stream of issues that need to be addressed with no way for them to separate what’s actually critical from all the noise, all...

Podcast episode

How to protect continuous software delivery against supply chain attacks with Michael Plank: Software security is about securing websites against malicious attacks or using firewalls to prevent hackers entering your enterprise network. While this is part of software security there is much more that needs to be done – especially as more...

Podcast episode

Secure the Cloud and See ROI, Attack Your Way to Accurate Answers - ESW #330: In this interview, Raghu discusses the specific challenges in securing the cloud and how to overcome them. He shares how to make your life easier by making security a team sport, how to gain the visibility you need across clouds, data centers, and...