- Serious Cryptography, 2nd Ed. - Jean-Philippe Aumasson - 2024 - Cryptography concepts explained for engineers who need to use it correctly.
- The Web Application Hacker's Handbook, 2nd Ed. - Stuttard & Pinto - 2011 - Practical web security testing and attack/defense thinking.
- Hacking: The Art of Exploitation, 2nd Ed. - Jon Erickson - 2008 - Low-level security from first principles: buffer overflows, shellcode, and network exploits.
- The Tangled Web - Michal Zalewski - 2011 - A deep and honest look at how browsers and the web work — and why security is hard.
- Threat Modeling - Adam Shostack - 2014 - Designing for security; identifying and addressing threats systematically.