I recently started reading Building Secure and Reliable Systems, which was authored by various folks at Google (some of whom I know). Since my work is at the intersection of so much of this — reliable logging systems which must also be secure, it’s an interesting read.
In my experience, the most challenging part about securing our systems are the constant trade-offs one needs to make. Since no system can be made 100% secure, knowing where the marginal risk is no longer worth addressing is quite difficult — I’m hoping this book improves my ability to make these trade-offs correctly.