Leanpub Header

Skip to main content

Security Engineering Masterclass

This book is 100% completeLast updated on 2026-07-03
Security engineering is about building systems that continue to work when things go wrong. This book brings together the principles, tools, and practical techniques used to design secure applications, infrastructure, and operations at scale. From threat modeling and cryptography to cloud security, incident response, and compliance, it provides a clear path through the concepts and decisions that…

Minimum price

$19.00

$29.00

You pay

Author earns

$

Also available for 1 book credit with a Reader Membership

PDF
EPUB
About

About

About the Book

Security engineering is the discipline of building systems that survive in hostile environments. It sits at the intersection of deep technical knowledge, systematic risk thinking, and practical implementation. This book takes you from first principles through advanced architecture, cryptography, DevSecOps, detection and response, compliance, and the emerging threats reshaping our field. Whether you are starting your security career or sharpening your expertise after years in the trenches, this guide provides the frameworks, case studies, hands-on exercises, and reference material you need to think like an engineer and defend like one. Every chapter includes actionable checklists, real-world examples drawn from major breaches, and concrete implementation guidance grounded in current standards such as NIST SP 800-series, OWASP, MITRE ATT&CK, ISO 27001, PCI DSS v4.0, and GDPR.

Share this book

Bundle

Bundles that include this book

Author

About the Author

Steve T. Publications

Steve T. is a cybersecurity leader, researcher, and engineer with more than 20 years of experience across application security, infrastructure security, vulnerability management, software development, and secure engineering practices. Having built his career alongside the growth of the modern internet, he has worked through multiple generations of technology, evolving security threats, and changing development methodologies.

He is currently part of the advanced research organization at a leading cybersecurity company, where he focuses on emerging threats, security innovation, and the practical application of research. His work involves investigating new attack techniques, evaluating emerging technologies, conducting deep technical analysis, and helping organizations better understand and manage complex security risks.

In addition to his research responsibilities, Steve leads a team of senior engineers and subject matter experts who create technical books, training programs, and educational resources for security professionals. Through this work, he helps engineers, developers, architects, and security practitioners strengthen their skills and build more secure systems.

Steve's technical expertise spans software development, reverse engineering, web application security, penetration testing, security architecture, incident response, vulnerability research, operating system internals, and secure software development. His ability to analyze systems at both the source code and binary levels enables him to bridge the worlds of software engineering, security research, and practical defense.

Over the course of his career, Steve has worked with organizations across a wide range of industries, helping them identify, assess, and remediate security weaknesses in critical applications and infrastructure. He is recognized for combining deep technical expertise with a pragmatic approach to security, focusing on solutions that are effective, sustainable, and aligned with business goals.

Through his work in research, engineering, leadership, and education, Steve continues to contribute to the advancement of cybersecurity and the development of secure, resilient technology systems.

Contents

Table of Contents

The Complete Guide to Building, Protecting, and Operating Modern Systems

  1. About This Book

Introduction: The Security Engineer’s Mindset

  1. Why Security Engineering Matters Now
  2. How to Use This Book
  3. The Security Engineer’s Toolkit
  4. A Note on Scope and Limitations

Chapter 1: Foundations of Information Security

  1. The CIA Triad and Extended Security Properties
  2. The Attacker’s Perspective: Motivations, Capabilities, and Resources
  3. Defense in Depth and Layered Security
  4. The Security Engineering Lifecycle
  5. Security vs. Usability Trade-Offs
  6. Checklists and Best Practices

Chapter 2: Threat Modeling and Risk Assessment

  1. What Is Threat Modeling and Why It Matters
  2. STRIDE Methodology
  3. PASTA: A Risk-Centric Approach
  4. Attack Trees, Data Flow Diagrams, and Attack Surfaces
  5. Risk Assessment: DREAD, FAIR, and Qualitative vs. Quantitative
  6. Hands-On: Threat Modeling a Real Application Architecture
  7. Common Pitfalls and Anti-Patterns
  8. Checklists and Best Practices

Chapter 3: Secure Architecture and Design Principles

  1. Security by Design and Privacy by Design
  2. Core Engineering Principles
  3. Zero Trust Architecture
  4. Micro-Segmentation and Zone-Based Security
  5. Case Study: Designing a Secure Multi-Tier Web Application
  6. Checklists and Best Practices

Chapter 4: Applied Cryptography for Engineers

  1. Symmetric Encryption: AES and ChaCha20
  2. Asymmetric Encryption: RSA and ECC
  3. Hash Functions and Password Hashing
  4. TLS/SSL and Modern Transport Security
  5. Cryptographic Pitfalls and Implementation Errors
  6. Hands-On: Implementing Secure Key Management
  7. Checklists and Best Practices

Chapter 5: Application Security Engineering

  1. OWASP Top Ten:2025 — Deep Dives
  2. Input Validation, Output Encoding, and Context-Aware Security
  3. Secure Coding Practices Across Languages
  4. API Security
  5. Dependency and Supply Chain Security
  6. Hands-On: Code Review Exercise
  7. Checklists and Best Practices

Chapter 6: Cloud and Infrastructure Security

  1. The Shared Responsibility Model
  2. IAM in the Cloud
  3. Container and Kubernetes Security
  4. Infrastructure as Code Security
  5. Cloud-Native Security Tools
  6. Hands-On: Securing a Cloud Deployment with IaC
  7. Checklists and Best Practices

Chapter 7: Identity and Access Management

  1. Authentication Mechanisms
  2. Authorization Models
  3. Single Sign-On, SAML, OAuth 2.0, and OpenID Connect
  4. Identity Federation and Directory Services
  5. Privileged Access Management
  6. Hands-On: Designing an IAM Architecture
  7. Checklists and Best Practices

Chapter 8: Network Security Engineering

  1. Network Architecture Fundamentals
  2. Firewalls: Stateful, Next-Generation, and WAF
  3. Intrusion Detection and Prevention Systems
  4. DNS Security
  5. DHCP Security
  6. Wireless Security
  7. Segmenting Networks
  8. Hands-On: Designing a Secure Network Architecture
  9. Checklists and Best Practices

Chapter 9: DevSecOps and Secure Software Development

  1. Integrating Security into CI/CD
  2. SAST, DAST, IAST, and SCA
  3. Security Testing Automation
  4. Shift-Left Security
  5. Hands-On: Building a Secure CI/CD Pipeline
  6. Checklists and Best Practices

Chapter 10: Detection, Response, and Incident Management

  1. Security Monitoring: SIEM, EDR, and XDR
  2. Threat Hunting and Proactive Defense
  3. The Incident Response Lifecycle
  4. Digital Forensics Basics
  5. Tabletop Exercises and Incident Response Playbooks
  6. Hands-On: Responding to a Simulated Breach
  7. Checklists and Best Practices

Chapter 11: Risk Management and Security Governance

  1. Enterprise Risk Management Frameworks
  2. Security Metrics and KPIs/KRIs
  3. Third-Party and Vendor Risk Management
  4. Board-Level Communication
  5. Security Budgeting
  6. Hands-On: Building a Risk Register
  7. Checklists and Best Practices

Chapter 12: Compliance and Regulatory Landscape

  1. Major Frameworks: NIST CSF 2.0, ISO 27001, and SOC 2
  2. HIPAA, PCI DSS v4.0, and GDPR
  3. Audit Preparation and Evidence Collection
  4. Cross-Border Data Flows and Data Sovereignty
  5. Emerging Regulations
  6. Hands-On: Preparing for a SOC 2 Type II Audit
  7. Checklists and Best Practices

Chapter 13: Security Operations and Continuous Improvement

  1. SOC Design and Operations
  2. Vulnerability Management Lifecycle
  3. Patch Management Strategies
  4. Security Awareness Training
  5. Red Team, Blue Team, and Purple Team
  6. Hands-On: Designing a Vulnerability Management Program
  7. Checklists and Best Practices

Chapter 14: Emerging Threats and the Future of Security Engineering

  1. AI and Machine Learning in Attacks and Defense
  2. Post-Quantum Cryptography
  3. Supply Chain Attacks
  4. Ransomware Evolution
  5. State-Sponsored Cyber Warfare
  6. The Future of Autonomous Response
  7. Checklists and Best Practices

Chapter 15: Real-World Case Studies

  1. Equifax (2017): Unpatched Vulnerability, Delayed Response
  2. Colonial Pipeline (2021): Ransomware, Operational Impact
  3. SolarWinds Orion (2020): Supply Chain Attack
  4. LastPass (2022): Encrypted Vault Compromise
  5. 23andMe (2023): Credential Stuffing and API Abuse
  6. Hands-On: Post-Incident Analysis Exercise
  7. Checklists and Best Practices

Chapter 16: Career Development and Interview Preparation

  1. Security Engineering Skill Matrix and Career Paths
  2. Certifications: CISSP, OSCP, GSEC, and More
  3. Building a Security Portfolio
  4. Technical Interview Preparation
  5. Behavioral Interview Strategies
  6. Continuous Learning
  7. Checklists and Best Practices

Conclusion: The Security Engineer’s Operating Manual

  1. The Security Engineer’s Operating Manual
  2. The Through-Line: From Technical Practice to Career Strategy

References

Get the free sample chapters

Click the buttons to get the free sample in PDF or EPUB, or read the sample online here

The Leanpub 60 Day 100% Happiness Guarantee

Within 60 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.

See full terms...

Earn $8 on a $10 Purchase, and $16 on a $20 Purchase

We pay 80% royalties on purchases of $7.99 or more, and 80% royalties minus a 50 cent flat fee on purchases between $0.99 and $7.98. You earn $8 on a $10 sale, and $16 on a $20 sale. So, if we sell 5000 non-refunded copies of your book for $20, you'll earn $80,000.

(Yes, some authors have already earned much more than that on Leanpub.)

In fact, authors have earned over $15 million writing, publishing and selling on Leanpub.

Learn more about writing on Leanpub

Free Updates. DRM Free.

If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).

Most Leanpub books are available in PDF (for computers) and EPUB (for phones, tablets and Kindle). The formats that a book includes are shown at the top right corner of this page.

Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.

Learn more about Leanpub's ebook formats and where to read them

Write and Publish on Leanpub

You can use Leanpub to easily write, publish and sell in-progress and completed ebooks and online courses!

Leanpub is a powerful platform for serious authors, combining a simple, elegant writing and publishing workflow with a store focused on selling in-progress ebooks.

Leanpub is a magical typewriter for authors: just write in plain text, and to publish your ebook, just click a button. (Or, if you are producing your ebook your own way, you can even upload your own PDF and/or EPUB files and then publish with one click!) It really is that easy.

Learn more about writing on Leanpub