10 Books Every DevSecOps Enthusiast Must Read

Written by Mohammed A. Imran

December 17, 2018

The more that you read, the more things you will know. The more that you learn, the more places you’ll go. ― Dr. Seuss

We at Practical DevSecOps are big fans of books, more so when the topic is DevSecOps. We get at least a few queries every week asking guidance on how to get started in DevSecOps, this blog post will answer exactly that. Following are some of our favorite books on DevSecOps, which are both practical and insightful

1. The Phoenix project, A Novel about IT, DevOps, and Helping Your Business Win

This book is one of the classics of the DevOps revolution by Gene Kim and others, If you haven’t heard about this book, now is the perfect chance to grab a copy and enjoy this novel with coffee or tea. Don’t worry, it’s fictional but very technical(mostly)

2. DevOpsSec

   Fancy a quick introduction to the art of DevSecOps and tasks involved in it? Then look no further than DevOpsSec from Jim Bird. Bird has surprisingly summarized the ocean of DevSecOps into 80+ pages. If you are a bit skeptical about the DevSecOps approach, like Jim (the author) was at the beginning of his DevSecOps Journey and why he is a staunch believer now you must read this book.

3. Agile Application Security

   Agile Application security is one of those rare books which brings together many experts in the field and lays a strong foundation for future generations. A very comprehensive guide to not only DevSecOps practices but practical implementations, if we want to pick one book from this list, Agile Application Security would be the one.

4. Building a Modern Security Program

    Looking for practical advice from someone who has already done it? then this book from Zane Lackey of Etsy fame is just perfect, he takes you through on his journey of coming from a traditional security background and how Etsy’s DevOps implementation changed his views on running successful modern security programs.

5. Securing DevOps

    A very recent addition to the growing list of DevSecOps Books from Julien of the Mozilla security team. The publisher sums it up nicely “Securing DevOps explores how the techniques of DevOps and security should be applied together to make cloud services safer. This introductory book reviews the latest practices used in securing web applications and their infrastructure and teaches you techniques to integrate security directly into your product. You’ll also learn the core concepts of DevOps, such as continuous integration, continuous delivery, and infrastructure as a service.”

6. Hands-On Security in DevOps: Ensure continuous security, deployment, and delivery with DevSecOps

   Though dry at times with lots of emphasis on standards, policies and compliance aspects of DevSecOps, definitely summarises lots of good information into a book.

7. Generation Z Developers

   If programming scares you or you are just starting your career, you must read this amazing book from Photobox CISO Dinis Cruz. Dinis wrote this book for Generation Z (those who were born after 1996) but the tools (ChatOps, Docker, Jira, AI, etc.,) and techniques he shared, apply to anyone who wants to start learning DevOps.

8. The DevOps Handbook: How to Create World-Class Agility, Reliability, and Security in Technology Organizations

   This is another classic from Gene Kim and Jez Humble, a worthy sequel to The Phoenix Project. This book shows how a perfect marriage between DevOps and security would look like, showcases interesting case studies on how different organizations have achieved DevOps maturity.

9. SRE and The site Reliability workbook

   The Software Reliability Engineering (DevOps) book from Google’s Operations Team. Do we need to say more? Go grab a copy!

10. Continuous Delivery

      Why this book is listed here?  Any practical implementation of a well oiled DevSecOps pipeline needs a good understanding of Continuous Integration and Continuous Delivery. The author explains the need for CI/CD in cross-functional teams and how deploying in an agile, iterative process is the best way to develop software in a fast and secure manner.

Do you want to learn the Practical DevSecOps tools and techniques in these books and implement them faster in your organization? then please check out our courses and certifications.

Follow Us

Stay in touch with us and learn the latest in DevSecOps

Highly Recommend this training. It has been one of the best so far, fully hands-on and covered lots of topics in Secure SDLC. Kudos to the team on delivering such high quality training.

About Practical DevSecOps

Practical DevSecOps, provides world class DevSecOps Training and Certifications. Learn DevSecOps from Industry experts with practical, hands-on training in our state of the art online lab and achieve your DevSecOps Certification.

Related Articles

No Results Found

The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.

Follow Along

Want more interesting content on DevSecOps ? Join our mailing list, we will be sure to send you weekly updates on DevSecOps.

Ready to get started?

Get in touch, or Register now!