As 2017 closes, this month’s theme is hackers and threats. We focus on the growing underground economy, advanced threats, APTs, new classes of vulnerabilities, exploitation techniques, reverse engineering and how to combat these growing information security problems.
When it comes to learning the ins and outs of hacking, the various editions of Hacking Exposed are a great resource. The assorted titles in the series provide the reader with a hands-on and tactical approach to learning how to hack and perform penetration testing.
There are also webinars and articles with catchy titles such as How to Beat Hackers at Their Own Game - Think Like a Hacker. But being a hacker with the requisite skills and knowledge is not something that can be learned in a single book or webinar.
In Hacking the Hacker: Learn From the Experts Who Take Down Hackers (Wiley 978-1119396215), author Roger Grimes takes somewhat of a different approach. He doesn’t attempt to turn the reader into a world-class hacker. Rather his approach is to provide a high-level overview of the core security concepts that revolve around hacking. Along with interviews of leading information security professionals. As a security architect at Microsoft, the book provides a real-world approach to the topic.
While the book is not nearly as deep as other hacking books, Grimes provide a good introduction to the core areas of hacking. The book is a high-level overview of the hacking and information security landscape. It is written more towards the IT managers and CIO, rather than the system engineer who would be analyzing captured network data in Wireshark.
About half of the 50 chapters are comprised of technical overviews, with the other half being interviews and profiles of luminaries in the information security space. These interviews with experts such as Joanna Rutkowska, Mark Russinovich, Bruce Schneier, Gary McGraw and more; provide insights into how they got into the field, how they become successful, and their views on what are the most pressing problems facing the industry.
Those looking to embark on a career in information security should pay attention to these interviews. The professionals profiled share some unique points on what made them successful in the industry.
At 275 pages, Hacking the Hacker is a solid introduction to the topic. There’s not enough here to make you an elite hacker. But it will provide the reader with an understanding of what hackers do, the tools and techniques they utilize, and what it is they can do to secure their enterprises.