Review: Threats: What Every Engineer Should Learn From Star Wars

Threats: What Every Engineer Should Learn From Star Wars by Adam Shostack

My rating: 3 of 5 stars

A reminder that I use the tooltips on GR and 3 stars is “I liked it”

This book doesn’t have nearly as much Star Wars as I was hoping for, but the Star Wars aspect still helps a lot. Let me illustrate what I was expecting and what I got. What I was expecting is for a book that would follow one or more Star Wars movies and discuss the security issues in each scene (if the scene had any); basically like the Star Wars and Philosophy books that the author mentions in the acknowledgments section. What Shostack does instead is use specific moments in Star Wars to illustrate concepts in a a book that reads like a more entertaining version of the CISSP certification study book. That is to say, it’s not dry, but it’s also WAY more technical than you might expect from the title itself. (Or the trailer for the book)

Now, I’ve worked in the computer security field for my entire career, so the technical nature didn’t bother me, but I was looking for something a little lighter. That said, despite my career Shostack was still able to get me to see things in a different light thanks to his examples. I learned a lot – and I think that’s one of the better praises an author can get.

If you’re in the INFOSEC field and are a Star Wars fan, I strongly recommend. If you’re just a Star Wars fan, I think you’ll probably find most of it boring.

View all my reviews