Hacker News new | ask | show | jobs
by tptacek 4897 days ago
_The Art Of Software Security Assessment_ is the current canonical text.

Here's a reading list; I'd add Zalewsky's _Tangled Web_ to it, but change little else: http://amzn.to/cthr46