How to read more security + engineering books
Ever since I wrapped up writing my own book back in 2021, I’ve been trying to learn more broadly about other domains in security and software engineering.
A lot of the learning came from ad-hoc googling, but I feel like one of the best ways to gain a solid foundation of a topic is to read a well-written book. So in this post, I’d like to share what I learned about reading technical books and how to learn more from books with less time and money.
Affording technical books
First of all, one of the issues I ran into when trying to read more technical books was gaining access to the books that I wanted to read. Technical books are really expensive — averaging somewhere around 50–100 USD per book.
To work around this issue, I got an O’Reilly learning subscription (https://learning.oreilly.com/home/). It’s a learning platform subscription that gives you access to a large library of technical books. Bug bounty bootcamp for example, is available through O’Reilly. Although the O’Reilly catalog is extensive, it doesn’t include a lot of new publications, books that are from smaller publishers, and books that are not purely technical.
In addition, the membership is quite pricey (currently $49 a month), so see if you can get it through your university, a public library, or work. The Toronto public library system, for example, offers free O’Reilly subscriptions to the public. Many universities in the US also provide students with free memberships. Some libraries also provide free LinkedIn learning or Udemy subscriptions!
Open source and libraries
You can also try to find open-source versions of books about the same topic. It might take some searching to find the right resources, but the same information is probably available somewhere else on the Internet. For example, you can find a wealth of tech books in this Github repo: https://github.com/EbookFoundation/free-programming-books. Some of the books in this repo are quite outdated, but you can find good material about the fundamentals of security, programming, and networking.