
Ask HN: IT Security - SkinFlute
I recently have been attending and researching anything and everything about IT security, primarily windows.<p>Are there any books&#x2F;resources&#x2F;etc. that you would recommend for an individual who is passionate about learning? I have seen countless books on the subject, but I would rather not waste the limited time I have reading something that isn&#x27;t helpful.<p>I have a degree in Management Information Systems, with a minor in Computer Science, so I&#x27;m not a fish within IT (if that matters)
======
mtmail
There was a recent discussion about (free) online training courses
[https://news.ycombinator.com/item?id=12786545](https://news.ycombinator.com/item?id=12786545)

P.S. Welcome to HN. Prefix your question with 'Ask HN' and it will go into
[https://news.ycombinator.com/ask](https://news.ycombinator.com/ask) which
requires less upvotes to get attention

~~~
SkinFlute
Thank you for the tip!

------
zelon88
There was another good post the other day that highlighted some good security
blogs. The best in my opinion were
[http://www.schneier.com/blog/](http://www.schneier.com/blog/),
[https://threatpost.com/](https://threatpost.com/),
[http://krebsonsecurity.com/](http://krebsonsecurity.com/). In addition to
these, joining some hacker forums to see the kind of shenanigans and tools
they employ could be helpful.

~~~
SkinFlute
Thank you! I appreciate the help

------
Canada
Windows Internals: [https://technet.microsoft.com/en-
us/sysinternals/bb963901.as...](https://technet.microsoft.com/en-
us/sysinternals/bb963901.aspx)

~~~
SkinFlute
Have you read this book? I have seen this book being recommended before, and
am curious to see what you would rank it

~~~
Canada
Yeah, it's the text for Windows architecture and internals. Security is
ultimately about understanding how things work, so if you're going to delve
into that you might as well learn how the system works. The security chapter
should be of interest to you at least.

------
abrookewood
If you're after specific advice on how to secure particular resources (e.g.
Windows Server 2012), you can have a look at the CIS Security Benchmarks. They
are comprehensive resources on the steps you should take to lock down
operating systems etc. The windows ones are here:
[https://benchmarks.cisecurity.org/downloads/browse/index.cfm...](https://benchmarks.cisecurity.org/downloads/browse/index.cfm?category=benchmarks.os.windows)

------
nick1024
I was a fan of this one. Lots of expert authors, lots of good information!

[https://www.amazon.com/dp/B01I0QTHYK#nav-
subnav](https://www.amazon.com/dp/B01I0QTHYK#nav-subnav)

~~~
SkinFlute
Thank you for your response, but I feel like this book wouldn't really be
beneficial to me. I have taken courses covering this material in great detail

------
inovica
Can you be a bit more specific about what you are wanting to look at. Is it a
broad overview or are you wanting to look into (or become an expert in) a
focused area?

~~~
SkinFlute
For now I think a broad overview would be a better option, then I can narrow
in on areas that I feel weak in.

