My new book Blitzscaling Security is now available.
The wait is over! After two years of introspection, in-depth research, and fervent writing, my new book, Blitzscaling Security, has finally hit the shelves!
Why this book?
This book is my endeavor to make sense of the pervasive nihilism within the infosec industry.
Let's face it – our current approach isn't working. Many widely accepted practices barely make an impact. Companies continue to suffer breaches, security projects remain frozen in their tracks, and attackers face little to no resistance while compromising businesses.
Upon closer examination, I can't help but notice a massive disconnect between what companies perceive as good security and what attackers actually exploit in the field.
In this book, we take a step back from the noise and reassess security practices using first principles.
What is in it for you?
As the reader, you'll have the opportunity to shadow Alex, the first security engineer at a rapidly growing company. The journey begins with the initial hiring call and follows the day-to-day operations of a security engineer in a fast-paced environment. You'll experience their struggles when challenging established practices, their frustrations when prioritizing security tasks, their savvy tactics to bypass corporate red tape to get things done, and their triumphant moments when implementing counter-intuitive solutions that truly make a difference.
Each challenge, event, observation, and interaction with colleagues will spark reflections on the situation. We'll analyze it using first principles and determine the best course of action to secure the company. We'll then compare our newly found convictions with the common practices endorsed by many organizations to better appreciate the divergence from the conventional wisdom propagated by many security evangelists.
You may not agree with every principle and tenet presented in this book – and that's perfectly fine. However, it will offer a refreshing perspective that should ultimately help you succeed in your mission to secure companies, even in the most challenging contexts.
That is my promise to you.