The following book series is
free to read online. I hope you benefit from them and will buy the off-line versions. The entire book series can be downloaded from
Leanpub.
Kim's other books can be found
here
Holistic Info-Sec for Web Developers - Fascicle 0
Holistic and in-depth coverage of:
- The chosen threat modelling approach - application to the development team
- Setting up your tool-belt
- The process of penetration testing - application to the development team
- A collection of processes and practises formulated from penetration testing, useful for augmenting each and every Scrum Sprint
- Physical: Apply learnings from first four chapters to topic of Physical security
- People: Apply learnings from first four chapters to topic of People security
Holistic Info-Sec for Web Developers - Fascicle 1
Holistic and in-depth coverage of:
- VPS: Apply learnings from first four chapters of Fascicle 0 to topic of VPS security
- Network: Apply learnings from first four chapters of Fascicle 0 to topic of Network security
- Cloud: Apply learnings from first four chapters of Fascicle 0 to topic of Cloud security
- Web Applications: Apply learnings from first four chapters to topic of Application security
Holistic Info-Sec for Web Developers - Fascicle 2
Holistic and in-depth coverage of:
- Mobile:
Apply learnings from first four chapters of Fascicle 0 to topic of Mobile security
- IoT:
Apply learnings from first four chapters of Fascicle 0 to topic of IoT security