Book Review: Securing Systems: Applied Security Architecture and Threat Models

Title: Securing Systems: Applied Security Architecture and Threat Models

Author: Brook S.E. Schoenfield

Publisher: CRC Press

As a security architect, it’s a rare find when someone writes a book about your field.  Most books are selling a religion or disappointing short on content.  This is neither of those.

The length of the title of this book should give you an inkling to the depth of the content.  This is being a CRC Press book, it is deep, lengthy and disappointingly short on diagrams and editing.  It has taken me a about five months of reading (approximately two hours per week) to get through the book.

But, it is worthwhile in pursuing, because hidden among the thousands of words is the wisdom of someone who has actually ‘done’ security architecture.  Who understands the challenges of designing secure systems and practicing it in a commercial environment.

The Author loosely bases the book on his ATASM method, ‘Architecture, Threats, Attack Surfaces, Mitigations’ approach to security architecture.  It is worthwhile, but gets rather lots in the commentary.  Maybe after a second it will become clearer to me.

If it appears I’m unfairly criticism the book, and thus the author, then maybe I am, but the individual/group that deserve to take come of that are the editors.  While the book has a conversational style which works well in describing the day-to-day life of a Security Architect, it makes learning a method very hard.

Moreover, when learning a method, you need some clear signposting as to where you are [in that method], what the next steps are and how the work you are doing impinges upon those next steps.   Some graphics would be good, there are precious few and those that are there aren’t always helpful.

I could go on, but it seems unfair for what is such a useful book.  I would encourage anyone to purchase the book (remembering that the hardcover version is £47 at the time of writing), but it is most certainly not an easy read!

Publisher link: https://www.crcpress.com/Securing-Systems-Applied-Security-Architecture-and-Threat-Models/Schoenfield/p/book/9781482233971

Amazon link:  http://amzn.eu/d/ex9TePK

Leave a Reply

Your email address will not be published. Required fields are marked *