Just finished reading Kevin Mitnick's 'The art of intrusion'. Took me ages to read as I don't think it was well written however did have some good stories in. Now im looking for my next read and don't know what to buy...

Im looking for a book to either expand my knowledge on web application security or the information security industry.

Here's what ive been looking at...

Web Hacking - By Stuart McClure, Saumil Shah
http://books.google.com/books?id=wL7RYFTuaVUC

and/or

InfoSec career hacking - By Aaron W. Bayles, Ed Brindley, James C. Foster, Chris Hurley, Johnny Long
http://books.google.com/books?id=HXbgHQUjPfgC

Can any one tell me if these are good buys or recommend other books that might interest me?!

Thanks in advance!

I just got a copy of the Web Security Testing Cookbook from O'Reilly the other day:

http://oreilly.com/catalog/9780596514839/index.html

which looks good so far

Seeing that you mention a less technical book in Mitnick's tome as well as wanting a deeper technical knowledge of web app security, that sets a wide range of topics from which to attempt a suggestion. BillV makes great recos for the web app area, so how about something less technical but very thought provoking?

Silence on the Wire by Michal Zalewski

Take a look and let me know what you think,
Don

Right! Ordering the books tomorrow! Im going to go for...

The Web Application Hacker's Handbook

and

Silence on the Wire (if I can find it cheaper than £26 ($45) from amazon uk)

Thank you to everyone for the suggestions, will let you all know what I think of the books once ive finished them.

 

I would also check out the Stealing the Network Series. They mix fiction with tech in some good imaginative ways. I love them.

For Web App stuff id check

http://www.webappsec.org/web_security_books.shtml

They have a good listing of some,

also check OWASP's books, they are free in ebook format!

http://stores.lulu.com/owasp

=)