The more that you read, the more things you will know. The more that you learn, the more places you’ll go. ― Dr. Seuss
We at Practical DevSecOps are big fans of books, more so when the topic is DevSecOps. We get at least a few queries every week asking guidance on how to get started in DevSecOps, this blog post will answer exactly that. Following are some of our favorite books on DevSecOps, which are both practical and insightful
This book is one of the classics of the DevOps revolution by Gene Kim and others, If you haven’t heard about this book, now is the perfect chance to grab a copy and enjoy this novel with coffee or tea. Don’t worry, it’s fictional but very technical(mostly)
Fancy a quick introduction to the art of DevSecOps and tasks involved in it? Then look no further than DevOpsSec from Jim Bird. Bird has surprisingly summarized the ocean of DevSecOps into 80+ pages. If you are a bit skeptical about the DevSecOps approach, like Jim (the author) was at the beginning of his DevSecOps Journey and why he is a staunch believer now you must read this book.
Agile Application security is one of those rare books which brings together many experts in the field and lays a strong foundation for future generations. A very comprehensive guide to not only DevSecOps practices but practical implementations, if we want to pick one book from this list, Agile Application Security would be the one.
Looking for practical advice from someone who has already done it? then this book from Zane Lackey of Etsy fame is just perfect, he takes you through on his journey of coming from a traditional security background and how Etsy’s DevOps implementation changed his views on running successful modern security programs.
A very recent addition to the growing list of DevSecOps Books from Julien of the Mozilla security team. The publisher sums it up nicely “Securing DevOps explores how the techniques of DevOps and security should be applied together to make cloud services safer. This introductory book reviews the latest practices used in securing web applications and their infrastructure and teaches you techniques to integrate security directly into your product. You’ll also learn the core concepts of DevOps, such as continuous integration, continuous delivery, and infrastructure as a service.”
Though dry at times with lots of emphasis on standards, policies and compliance aspects of DevSecOps, definitely summarises lots of good information into a book.
If programming scares you or you are just starting your career, you must read this amazing book from Photobox CISO Dinis Cruz. Dinis wrote this book for Generation Z (those who were born after 1996) but the tools (ChatOps, Docker, Jira, AI, etc.,) and techniques he shared, apply to anyone who wants to start learning DevOps.
This is another classic from Gene Kim and Jez Humble, a worthy sequel to The Phoenix Project. This book shows how a perfect marriage between DevOps and security would look like, showcases interesting case studies on how different organizations have achieved DevOps maturity.
The Software Reliability Engineering (DevOps) book from Google’s Operations Team. Do we need to say more? Go grab a copy!
Why this book is listed here? Any practical implementation of a well oiled DevSecOps pipeline needs a good understanding of Continuous Integration and Continuous Delivery. The author explains the need for CI/CD in cross-functional teams and how deploying in an agile, iterative process is the best way to develop software in a fast and secure manner.
Do you want to learn the Practical DevSecOps tools and techniques in these books and implement them faster in your organization? then please check out our courses and certifications.
Stay in touch with us and learn the latest in DevSecOps
Highly Recommend this training. It has been one of the best so far, fully hands-on and covered lots of topics in Secure SDLC. Kudos to the team on delivering such high quality training.
About Practical DevSecOps
Practical DevSecOps, provides world class DevSecOps Training and Certifications. Learn DevSecOps from Industry experts with practical, hands-on training in our state of the art online lab and achieve your DevSecOps Certification.
Lesson 4: Hacking Containers Like A BossComments: 6Introduction In the previous lesson, we have learned how to perform reconnaissance of a docker container. In this lesson, we will learn how to "exploit the containers". By the end of this lesson, you will be able to...
Lesson #3: Container reconnaissance techniques for beginnersComments: 11Introduction We started our docker security journey with Docker basics like Docker images, Dockerfile and Docker Registry, we are now laying the groundwork for attacking the docker containers. The...
Lesson 2: Docker Images, Docker Layers, and RegistryComments: 23Introduction In the previous lesson, we have learned the advantages and disadvantages of docker. We also configured the lab environment and looked at a hello world docker example. In this lesson, we are...
Want more interesting content on DevSecOps ? Join our mailing list, we will be sure to send you weekly updates on DevSecOps.
Ready to get started?
Get in touch, or Register now!