Being a relative newb to the world of information security, I thought I would do a quick review of Andy Gill's book Breaking into Information Security: Learning the Ropes 101.

Last year when I first started out on this journey, Andy's blog was mentioned to me as good place to start reading to find out more about how to get started in the Industry.  The book is an extension of his already well written blog posts, with lots of extra content covering all the basics you need to be familiar with when getting started in the information security industry.  In each chapter he breaks down the key components down into nice byte sized chunks, making it a super easy read.

For me, the key highlights were chapters that covered Infrastructure, Web Application Testing and importance of reporting your findings to clients.  Andy also helps differentiate penetration testing vs bug bounty hunting, whilst also providing a breakdown of the methodology used in both, highlighting tools and resources used.  Andy has also taken the time to reference all the different tools and various resources mentioned throughout the book for further reading.

Final thoughts

Having met Andy a few times, you can see that his writing style reflects his real life personality. Definitely worth buying and certainly a book that I would recommend.

Available from Leanpub at link below:
Breaking into Information Security: Learning the Ropes 101