My Books

Over the years I have published a number of books. These are listed in reverse chronological order below and are linked for further detail. I list those books that are yet to be released first working towards the source and my first publication in the 90's.

Non-Fiction (Technical)
Official (ISC)2 Guide to the CISSP(R)-ISSMP(R) CBK
Set to be published 22nd May 2009.
I am the author of the "Law, Investigations, Forensics and Ethics" domain.

Cisco Router and Switch Forensics
Set to be published in early 2009, this book deals with the issues surrounding the forensic analysis of Cisco network devices. I am the author of the chapter on collecting volitile data from Cisco Routers.

Mobile Malware Attacks and Defense
I wrote the section covering the forensic analysis of MMC (Mobile Malware or Mobile Malicious Code). This is the best Book for Analyzing and Mitigating Mobile Malicious Code!

The IT Regulatory and Standards Compliance Handbook: How to Survive Information Systems Audit and Assessments (Paperback)

This is my first attempt at a sole publication. I authored the 750+ pages in this book as a technical guide to Information Technology Audit and Compliance. This publication covers Windows, Unix, Databases, the web, laws and planning and about anything else you can thin k of adding.

Check Point NGX R65 Security Administration
This title is a continuation of Syngress' best-selling references on Check Point's market leading Firewall and VPN products.

The Official CHFI Study Guide (Exam 312-49)
This is the first book I co-authored with Dave Kleiman. The other authors (which I am one) include: Jesse "James" Varsalone and Timothy Clinton.
This is the only official, EC-Council-endorsed CHFI (Computer Hacking Forensics Investigator) study guide. It was written for security professionals, systems administrators, IT consultants, legal professionals, IT managers, police and law enforcement personnel studying for the CHFI certification, and professionals needing the skills to identify an intruder's footprints and properly gather the necessary evidence.

Windows NT Security: Step by Step
The SANS Institute SANS Institute © 2001 (Co-Author)
This book is a little dated now with the depreciation of Windows NT but remains the definative guideline for NT security.

“A Comparative analysis of Firewalls” in “The Internet Hot Sheet”
Having been published in Sept 1999 and initially written in 1998, this book is long forgotten. Few people look for the quantitative history of Firewall products a decade ago. But you never know...

The following books are not yet published. These are on the proverbial drawing board and will be completed in the future.

Non-Fiction (Technical)
Finance, Economics and the Security Professional
This is a work in progress. The goal is to create a quantitative framework for modeling IT Security using economics, finance and stochastic control methods (including optimal control estimation). This is still a few years away.

The unified framework modeling book for CIP
This is an ongoing work lead by Bob Radvanovsky' of Infracritical. The expectation is for completion in 2009/2010.


The Alia
This is my first attempt at writing fiction. I do not have a publisher as yet, but I am open to being contacted by one. I have a number of contacts in the technical writing field, but have not found one in the realm of science fiction as yet.