Thinking Security Stopping Next Year's Hackers

  • ISBN13:


  • ISBN10:


  • Edition: 1st
  • Format: Hardcover
  • Copyright: 11/5/2015
  • Publisher: Addison-Wesley Professional

Note: Supplemental materials are not guaranteed with Rental or Used book purchases.

Purchase Benefits

  • Free Shipping On Orders Over $59!
    Your order must be $59 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • Get Rewarded for Ordering Your Textbooks! Enroll Now
List Price: $39.99 Save up to $14.00
  • Rent Book $25.99
    Add to Cart Free Shipping


Supplemental Materials

What is included with this book?

  • The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.
  • The Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.


If you’re a security or network professional, you already know the “do’s and don’ts”: run AV software and firewalls, lock down your systems, use encryption, watch network traffic, follow best practices, hire expensive consultants . . . but it isn’t working. You’re at greater risk than ever, and even the world’s most security-focused organizations are being victimized by massive attacks.


In Thinking Security, author Steven M. Bellovin provides a new way to think about security. As one of the world’s most respected security experts, Bellovin helps you gain new clarity about what you’re doing and why you’re doing it. He helps you understand security as a systems problem, including the role of the all-important human element, and shows you how to match your countermeasures to actual threats. You’ll learn how to move beyond last year’s checklists at a time when technology is changing so rapidly.


You’ll also understand how to design security architectures that don’t just prevent attacks wherever possible, but also deal with the consequences of failures. And, within the context of your coherent architecture, you’ll learn how to decide when to invest in a new security product and when not to.


Bellovin, co-author of the best-selling Firewalls and Internet Security, caught his first hackers in 1971. Drawing on his deep experience, he shares actionable, up-to-date guidance on issues ranging from SSO and federated authentication to BYOD, virtualization, and cloud security.


Perfect security is impossible. Nevertheless, it’s possible to build and operate security systems far more effectively. Thinking Security will help you do just that.

Author Biography

Steven M. Bellovin is the Percy K. and Vidal L. W. Hudson Professor of computer science at Columbia University, where he does research on networks and security--especially why the two don't get along--as well as related public policy issues. He joined the faculty in 2005 after many years at Bell Labs and AT&T Labs Research, where he was an AT&T Fellow. Bellovin has served as Chief Technologist of the Federal Trade Commission and he is a member of the National Academy of Engineering and is serving on the Computer Science and Telecommunications Board of the National Academies of Sciences, Engineering, and Medicine. In the past, he has been a member of the Department of Homeland Security's Science and Technology Advisory Committee, and the Technical Guidelines Development Committee of the Election Assistance Commission; he has also received the 2007 NIST/NSA National Computer Systems Security Awardand has been elected to the Cybersecurity Hall of Fame. Bellovin is the co-author of Firewalls and Internet Security: Repelling the Wily Hacker, Second Edition (Addison-Wesley, 2003), and holds a number of patents on cryptographic and network protocols.

Table of Contents

Part I: Defining the Problem
1. Introduction
2. Thinking about Security
3. Threat Models


Part II: Technologies
4. Antivirus Software
5. Firewalls and Intrusion Detection Systems
6. Cryptography and VPNs
7. Passwords and Authentication
8. PKI: Public Key Infrastructures
9. Wireless Access
10. Clouds and Virtualization


Part III: Secure Operations
11. Building Secure Systems
12. Selecting Software
13. Keeping Software Up to Date
14. People
15. System Administration
16. Security Process


Part IV: The Future
17. Doing Security Properly

Rewards Program

Write a Review