Tuition fee EU nationals (2025/2026)
3500.00 €Programme Structure for 2025/2026
| Curricular Courses | Credits | |
|---|---|---|
| 1st Year | ||
|
System Security and Resilience Verification
6.0 ECTS
|
Mandatory Courses | 6.0 |
|
Security and Resilience of Infrastructures and Communication Networks
6.0 ECTS
|
Mandatory Courses | 6.0 |
|
Software and Application Security and Resilience
6.0 ECTS
|
Mandatory Courses | 6.0 |
|
Cyber-risk Management for Resilience
6.0 ECTS
|
Mandatory Courses | 6.0 |
|
Human Factor in Cybersecurity and Resilience
6.0 ECTS
|
Mandatory Courses | 6.0 |
|
Incidentes de Cibersegurança e Resiliência
6.0 ECTS
|
Mandatory Courses | 6.0 |
|
Fundamentals of Cybersecurity and Resilience Management
6.0 ECTS
|
Mandatory Courses | 6.0 |
|
Cryptography for Cybersecurity and Resilience
6.0 ECTS
|
Mandatory Courses | 6.0 |
|
Security Architectures and Zero-Trust Models
6.0 ECTS
|
Mandatory Courses | 6.0 |
System Security and Resilience Verification
LO1: Understand the importance of systems security verification and validation.
LO2: Familiarize with security assessment methodologies and frameworks.
LO3: Develop skills in system auditing and identifying vulnerabilities.
LO4: Learn how to conduct penetration testing and scoping tests.
LO5: Acquire knowledge of penetration testing methodologies and tools, for different types of systems and applications.
PC1: Introduction to Systems Security Verification and Validation
PC2: Security Assessment Methodologies
PC3: System Auditing
PC4: Penetration Testing Fundamentals
PC5: Penetration Testing Methodologies
PC6: Wired and Wireless Networks Security Testing
PC7: Web and Mobile Applications Security Testing
PC8: Reporting and Remediation
Periodic assessment:
Completion of several mini-assessment tests throughout the semester, counting a total of 30% for the final assessment - each mini-test has a minimum grade of 8. Realisation of a set of proposed practical group activities (laboratories), which count for 40% for the final assessment. Realisation of a final collaborative project (in group) with final presentation. The project will have a total weighting of 30%, where the presentation will have a weighting of 10%.
Assessment by exam (1st Season, 2nd Season):
Face-to-face exam (100% of the final grade)
Weidman, G., Penetration Testing: A Hands-On Introduction to Hacking, 2014, (1st edition). No Starch Press
Sharma, H., & Singh, H., Hands-On Red Team Tactics: A practical guide to mastering Red Team operations, 2018, Packt Publishing
Sehgal, K., & Thymianis, N., Cybersecurity Blue Team Strategies: Uncover the secrets of blue teams to combat cyber threats in your organization, 2023, Packt Publishing
Rehberger, J., Cybersecurity Attacks – Red Team Strategies: A practical guide to building a penetration testing program having homefield advantage, 2020, Packt Publishing
Oriyano, S.-P., Penetration Testing Essentials, 2016, (1st edition). Sybex
Engebretson, P., The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy, 2013, (2nd edition). Syngress
Diogenes, Y., & Ozkaya, D. E., Cybersecurity - Attack and Defense Strategies: Infrastructure security with Red Team and Blue Team tactics, 2018, Packt Publishing
II, W. E., Penetration Testing Fundamentals: A Hands-On Guide to Reliable Security Audits, 2018, (1st edition). Pearson IT Certification
Tanner, N. H., Cybersecurity Blue Team Toolkit, 2019, (1st edition). Wiley
GSE, D. M., Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber Security Incident Responder. (Incident Response ed. edition), 2014, CreateSpace Independent Publishing Platform
Don Murdoch, G. #99, Blue Team Handbook: SOC, SIEM, and Threat Hunting (V1.02): A Condensed Guide for the Security Operations Team and Threat Hunter, 2019, Independently published
Security and Resilience of Infrastructures and Communication Networks
LO1: Analyze the differences between on-premises, cloud-based, community, and hybrid infrastructures.
LO2: Analyze different types of communication networks used by industry.
LO3: Analyze types of cybersecurity threats in a holistic way, and specify the challenges associated with them.
LO4: Analyze for each type of infrastructure and communication network the associated cybersecurity risks and threats.
LO5: Analyze for each type of infrastructure and communication network the most common techniques to mitigate the risks associated with cybersecurity.
PC1: Information Systems and Communication Networks Infrastructures.
PC2: Network Security Technologies.
PC3: Distributed Systems Security.
PC4: Industrial Control Systems (ICS).
PC5: Security of Operating Systems, Cloud and Virtualized.
PC6: Security of Internet of Things (IoT) Systems
PC7: New Trends for Infrastructure and Network Security
Periodic assessment:
Completion of several mini-assessment tests throughout the semester, counting a total of 30% for the final assessment - each mini-test has a minimum grade of 8. Realisation of a set of proposed practical group activities (laboratories), which count for 40% for the final assessment. Realisation of a final collaborative project (in group) with final presentation. The project will have a total weighting of 30%, where the presentation will have a weighting of 10%.
Assessment by exam (1st Season, 2nd Season):
Face-to-face exam (100% of the final grade)
Josyula, V., Orr, M., Page, G., Cloud Computing: Automating the Virtualized Data Center, 2012, Cisco Press
Smith, J., Nair, R., The Architecture of Virtual Machines, 2005, IEEE
“Elasticity in Cloud Computing: What It Is, and What It Is Not”, in Proceedings of the 10th International Conference on Autonomic Computing (ICAC 2013), San Jose, June 24–28
Buyya, R., Broberg, J, Goscinski, A., Cloud Computing Principles and Paradigms, 2011, Wiley & Sons, 2011
Prentice-Hall, Cloud Computing: Concepts, Technology & Architecture, 2014, Earl, T., Puttini, R., Mahmood, Z.
Hwang, K., Fox, G., and Dongarra, J., Distributed and Cloud Computing (From Parallel Processing to the Internet of Things), 2011, Elsevier
Software and Application Security and Resilience
LO1: Identify and analyze vulnerabilities and threats in software and applications used in organizations, and understand the risks they pose to security and resilience.
LO2: Learn to apply secure coding practices to develop software and applications, considering different development methodologies and stages of the software development life cycle (SDLC).
LO3: Evaluate and implement security measures to mitigate vulnerabilities and address risks specific to web, mobile, cloud, and enterprise applications.
LO4: Learn to use security testing techniques and tools to assess the security posture of software and applications, including dynamic and static analysis, penetration testing, and code review.
LO5: Know and learn to integrate security and resilience considerations into the software development life cycle (SDLC), ensuring that software and applications are designed, developed, and maintained with a strong focus on security and resilience against potential attacks and risks.
PC1: Introduction to Software and Application Security
PC2: Software Development Processes and Security
PC3: Security of Web Applications
PC4: Security of Mobile Applications
PC5: Security of Cloud Applications
PC6: Security of Enterprise Applications
PC7: Software Security Testing and Assessment
PC8: Secure and Resilient Software Maintenance and Patch Management
PC9: Incident Response and Recovery in Software and Applications
PC10: Secure and Resilient Software Development Lifecycle
The Software and Applications Security and Resilience CU will adopt as core teaching and learning methodology Problem-Based Learning combined with Project-Based Learning. Gamification will be used as a strategy for student motivation and engagement. This pedagogical approach is articulated with the ISCTE pedagogical model because the student is considered an active agent in his learning process, knowledge is worked as a tool for the construction and development of more knowledge and is applied in various contexts.
BibliographyMarkow M. (2023), Secure, Resilient, and Agile Software Development, 2023, Auerbach Publications. ISBN: 978-1032475011
Schagaev, I., Zouev, E., & Thomas, K. (2019), Software Design for Resilient Computer Systems, 2019, (2nd edition). Springer
(1st edition). Addison-Wesley Professional, Cyber Security Engineering: A Practical Approach for Systems and Software Assurance, 2016, Mead, N. R., & Woody, C. (2016)
(1st edition). Addison-Wesley Professional, Software Security: Building Security In, 2006, McGraw, G. (2006)
Kohnfelder, L., Designing Secure Software: A Guide for Developers, 2021, No Starch Press
Howard, M., LeBlanc, D., & Viega, J., 24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them, 2009, (1st edition). McGraw Hill
Hoffman, A., Web Application Security: Exploitation and Countermeasures for Modern Web Applications, 2020, (1st edition). O’Reilly Media
Harwood, M., & Price, R., Internet and Web Application Security, 2022, (3rd edition). Jones & Bartlett Learning
Hughes C., Turner T., Springett S., Friedman A., Software Transparency: Supply Chain Security in an Era of a Software-Driven Society, 2023, Wiley. ISBN: 978-1394158485
Shortridge K., Rinehart A., Security Chaos Engineering: Sustaining Resilience in Software and Systems, 2023, O'Reilly Media. ISBN: 978-1098113827
Stuttard, D., & Pinto, M., The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws, 2011, (2nd edition). Wiley
Wyk, K. R. V., Graff, M. G., Peters, D. S., & Ph.D, D. L. B., Enterprise Software Security: A Confluence of Disciplines, 2014, (1st edition). AddisonWesley Professional
Merkow, M. S., & Raghavan, L., Secure and Resilient Software: Requirements, Test Cases, and Testing Methods, 2012, (1st edition). Auerbach Publications
Cyber-risk Management for Resilience
LO1: Understand the fundamental concepts, frameworks, and best practices in cybersecurity risk management.
LO2: Identify and assess cybersecurity risks within organizational contexts, considering specific threats and vulnerabilities.
LO3: Develop risk mitigation strategies tailored to an organization's posture and objectives, including the implementation of controls and countermeasures.
LO4: Implement security monitoring practices and utilize threat intelligence to proactively detect and respond to emerging threats.
LO5: Comprehend the role of governance, risk, and compliance (GRC) in cybersecurity risk management and adhere to relevant compliance frameworks and regulations.
LO6: Apply the knowledge and skills acquired to conduct a comprehensive cybersecurity risk assessment for an organization.
PC1: Principles of Cybersecurity Risk Management and Resilience
PC2: Risk Identification and Assessment
PC3: Risk Analysis and Mitigation Strategies
PC4: Security Controls and Countermeasures
PC5: Security Governance and Compliance
PC6: Supply Chain Risk Management
PC7: Risk Monitoring and Communication
PC8: Emerging Trends and Future Challenges in Risk Management
PC9: Risk Management Plan and Case Studies
The UC Cyber-risk Management for Resilience will adopt as core teaching and learning methodology Task-Based Learning, combined with Project-Based Learning and Problem-Based Learning. Gamification will be used as a strategy for student motivation and engagement. This pedagogical approach is articulated with the ISCTE pedagogical model because the student is considered an active agent in his learning process, knowledge is worked as a tool for the construction and development of more knowledge and is applied in various contexts.
BibliographyWheeler, E., Security Risk Management: Building an Information Security Risk Management Program from the Ground Up, 2011, (1st edition). Syngress
Talabis, M., & Martin, J., Information Security Risk Assessment Toolkit: Practical Assessments through Data Collection and Data Analysis, 2012, (1st edition). Syngress
Freund, J., & Jones, J., Measuring and Managing Information Risk: A FAIR Approach, 2014, (1st edition). Butterworth-Heinemann.
Calder, A., & Watkins, S., IT Governance: An International Guide to Data Security and ISO 27001/ISO 27002, 2019, (7th edition). Kogan Page
Brumfield, C., Cybersecurity Risk Management: Mastering the Fundamentals Using the NIST Cybersecurity Framework, 2021, (1st edition). Wiley.
Human Factor in Cybersecurity and Resilience
LO1: Understand the importance of the human factor in cybersecurity
LO2: Familiarize with the psychology of cyberattacks
LO3: Distinguish social engineering techniques in cybersecurity
LO4: Identify human error in cybersecurity and evaluate awareness campaigns within organizations
LO5: Reflect on ethical issues related to the human factor in cybersecurity
LO6: Critically analyze emerging approaches in cybersecurity awareness and organizational resilience
PC1. Psychology of human behavior and cybersecurity
Technology, people, and security
Beliefs, attitudes, and behaviors
Importance of the human factor
Vulnerabilities and threats
PC2. Cyberattacks
Psychological profiles of hackers and cybercriminals
Security policies in organizations
Safe use of social networks and digital media
PC3. Social Engineering and Psychological Manipulation Techniques
Social engineering techniques
Recognition and response to manipulation attempts (phishing, spear-phishing, etc.)
Behavioral psychology in social engineering
PC4. Human error and awareness campaigns
Types of human error and mitigation measures
Psychological aspects in responding to cybersecurity incidents
Role of leadership in cybersecurity
Awareness campaigns
PC5. Future trends and challenges
Challenges in cybersecurity and the human factor
Ethical issues related to human-centric cybersecurity
Innovative approaches to improving awareness and cyber resilience
Periodic Assessment (only available in 1st Season):
Analysis of 2 case studies throughout the semester: one individual and one in group. Each case study analysis (to be developed with a predefined structure by the instructor) and its respective discussion carry a weight of 35% towards the final grade, with a minimum grade of 8 points. The average grade of the two case study analyses must be equal to or greater than 9.5 points.
Completion of 2 mini-assessment tests throughout the semester, each with a minimum grade of 8 points. Each test contributes 15% towards the final grade.
Assessment by exam (1st Season, 2nd Season): Face-to-face exam (100% of the final grade)
Gheorghe A., Katina P., Gamification for Resilience: Resilient Informed Decision Making, 2023, Wiley. ISBN: 978-1394157747
Advances in Human Factors in Cybersecurity. Proceedings of the AHFE 2016 International Conference on Human Factors in Cybersecurity, July 27-31. Florida: Springer.
Hadnagy C., Social Engineering: The Science of Human Hacking, 2018, Wiley ISBN: 978-1119433385
Hallas B., Re-Thinking The Human Factor: A Philosophical Approach to Information Security Awareness Behaviour and Culture., 2018, Hallas Institute. ISBN: 978-1999695514
Leukfeldt, R. & Holt, T. J., The Human Factor of Cybercrime, 2019, NY: Routledge
Blokdyk G., Cybersecurity Awareness A Complete Guide. The Art of Service - Cybersecurity Awareness Publishing., 2023, ISBN: 978-1038801517
Gaspar de Matos, M. & Ferreira, M., Nascidos Digitais: Novas Linguagens, Lazer e Dependências., 2013, Lisboa: Coisas de Ler.
Lobato Miranda, G., Psicologia dos Comportamentos Online, 2015, Lisboa: Relógio de Água
Patrão, I. & Leal, I., Intervenção em Ciberpsicologia, 2019, Lisboa: Pactor
Incidentes de Cibersegurança e Resiliência
LO1: Identify and analyze diverse cybersecurity threats, including threat actors and motivations.
LO2: Collect and analyze threat intelligence to assess cybersecurity risks.
LO3: Implement advanced threat hunting and detection techniques.
LO4: Develop effective incident response plans and frameworks.
LO5: Understand how to conduct thorough investigations of cybersecurity incidents using forensic techniques.
LO6: Utilize incident response tools and technologies for detection and containment.
LO7: Execute incident response processes, including triage, communication, and post-incident activities.
PC1: Introduction to Cybersecurity Threats and Incidents
PC2: Collection and Analysis of Threat Intelligence
PC3: Threat Hunting and Detection
PC4: Incident Response Planning
PC5: Incident Detection and Monitoring
PC6: Incident Handling and Containment
PC7: Resilience and Recovery
PC8: Ethical and Legal Aspects of Cybersecurity Incidents
PC9: Incident Response Team Collaboration
PC10: Case Studies and Real-World Scenarios
Periodic assessment:
Completion of 2 mini-assessment tests throughout the semester, each with a minimum score of 8, each counting 15% towards the final grade. Completion of 4 group laboratories, each of which will count for 10% of the final grade. Carry out a final collaborative project (in group) with a final presentation. The project will have a total weighting of 30%, whereas the presentation will have a weighting of 10%.
Assessment by exam (1st Season, 2nd Season):
Face-to-face exam (100% of the final grade)
Wilhoit, K., & Opacki, J., Operationalizing Threat Intelligence: A guide to developing and operationalizing cyber threat intelligence programs, 2022, Packt Publishing
Martinez, R., Incident Response with Threat Intelligence: Practical insights into developing an incident response capability through intelligence-based threat hunting, 2022, Packt Publishing
Johansen, G., Digital Forensics and Incident Response: Incident response tools and techniques for effective cyber threat response, 3rd Edition (3rd ed. edition), 2022, Packt Publishing
Dahj, J. N. M., Mastering Cyber Intelligence: Gain comprehensive knowledge and skills to conduct threat intelligence for effective system defense, 2022, Packt Publishing
Costa-Gazcon, V., Practical Threat Intelligence and Data-Driven Threat Hunting: A hands-on guide to threat hunting with the ATT&CK™ Framework and open source tools, 2021, Packt Publishing
Roccia, T., Visual Threat Intelligence: An Illustrated Guide For Threat Researchers, 2023, Independently published
Roberts, A., Cyber Threat Intelligence: The No-Nonsense Guide for CISOs and Security Managers, 2021, (1st ed. edition). Apress
Johansen, G., Digital Forensics and Incident Response: Incident response techniques and procedures to respond to modern cyber threats, 2020, 2nd Edition, Packt Publishing
(A. Dehghantanha, M. Conti, & T. Dargahi, Eds.; 1st ed. 2018 edition), Cyber Threat Intelligence, 2018, Springer
Altheide, C., & Carvey, H., Digital Forensics with Open Source Tools, 2011, (1st edition). Syngress
Fundamentals of Cybersecurity and Resilience Management
LO1: Understand the fundamental concepts and terminologies of cybersecurity and cyber resilience.
LO2: Recognize the strategic alignment between cybersecurity and organizational goals and strategies.
LO3: Gain knowledge of key cybersecurity reference frameworks, standards, and regulatory requirements.
LO4: Develop skills in cybersecurity governance, risk assessment, and management.
LO5: Learn to measure and monitor security controls using relevant metrics and key performance indicators (KPIs).
LO6: Stay updated with emerging trends, technologies, and challenges in cybersecurity and resilience.
PC1: Introduction to Cybersecurity and Cyber Resilience
PC2: Cybersecurity Frameworks and Standards
PC3: Regulatory and Legislative Framework for Cybersecurity
PC4: Concepts of Cybersecurity and Cyber-resilience Management
PC5: Strategic Alignment of Cybersecurity with Organisational Strategy
PC6: Cybersecurity Governance, Policies and Risk Management
PC7: Cybersecurity Metrics and Performance Management
PC8: Emerging Trends and Future Directions
In the first week of the academic year, the student indicates whether he/she wants to be assessed in Season 1, in the periodic assessment modality or by exam.
Periodic assessment (only available in Season 1):
A series of mini-tests will be held throughout the semester, each with a minimum grade of 8, which will account for 50% of the final grade. A final project will be presented, which will account for 50% of the final grade.
Assessment by exam (Season 1 in case of student's choice, Season 2 and Special Season):
Face-to-face exam (100% of the final grade)
Wong, C., Security Metrics, a Beginner’s Guide, 2011, (1st edition). McGraw Hill
Wens, C. van der., ISO 27001 Handbook: Implementing and auditing an Information Security Management System in small and medium-sized businesses, 2019, Independently published
Trim, D. P., & Lee, D. Y.-I., Cyber Security Management: A Governance, Risk and Compliance Framework, 2014, (1st edition). Gower
Siegel, C. A., & Sweeney, M., Cyber Strategy: Risk-Driven Security and Resiliency, 2020, (1st edition). Auerbach Publications
Petrenko, S., Cyber Resilience, 2022, (1st edition). River Publishers
Hodson, C. J., Cyber Risk Management: Prioritize Threats, Identify Vulnerabilities and Apply Controls, 2019, (1st edition). Kogan Page
Calder, A., NIST Cybersecurity Framework: A pocket guide, 2018, ITGP
Brumfield, C., Cybersecurity Risk Management: Mastering the Fundamentals Using the NIST Cybersecurity Framework, 2021, (1st edition). Wiley
Cryptography for Cybersecurity and Resilience
LO1: Identify the main current cryptographic mechanisms, algorithms and protocols.
LO2: Understand the role of cryptography in cybersecurity and resilience of data, information and systems.
LO3: Determine the main threats and attacks to cryptography and learn how to mitigate them. Develop solutions based on cryptographic mechanisms and protocols.
LO4: Identify cybersecurity and resilience problems and apply cryptography to solve them.
LO5: Understand the future challenges of cryptography and their impact on cybersecurity and resilience. Develop the solutions.
PC1: Introduction and Fundamentals of Modern Cryptography
PC2: Mechanisms and Algorithms of Symmetric Cryptography
PC3: Mechanisms and Algorithms of Asymmetric Cryptography
PC4: Cryptographic Applications and Protocols
PC5: Cryptographic Vulnerabilities and Countermeasures
PC6: Advanced Cryptography Topics
PC7: Applications of Cryptography for Cyber Resilience
PC8: Case Studies and Practical Applications
Periodic assessment:
Completion of 2 mini-assessment tests throughout the semester, each with a minimum score of 8, each counting 15% towards the final grade. Completion of 4 laboratories, each of which will count for 10% of the final grade. Carrying out a final collaborative project (in group) with a final presentation. The project will have a total weighting of 30%, whereas the presentation will have a weighting of 10%.
Assessment by exam (1st Season, 2nd Season):
Face-to-face exam (100% of the final grade)
Paar C., Pelzl J., Preneel B., Understanding Cryptography: A Textbook for Students and Practitioners, 2014, Springer. ISBN: 978-3642446498.
Tilborg H., Jajodia S., Encyclopedia of Cryptography and Security, 2011, Springer. ISBN: 978-1441959058.
Aumasson J., Serious Cryptography: A Practical Introduction to Modern Encryption, 2017, No Starch Press. ISBN: 978-1593278267.
Bertaccini M., Cryptography Algorithms: A guide to algorithms in blockchain, quantum cryptography, zero-knowledge protocols, and homomorphic encryption, 2022, Packt Publishing. ISBN: 978-1789617139
Stallings W., Cryptography and Network Security - Principles and Practice, 2022, Pearson. ISBN: 978-0-13-670722-6.
Stinson D. R., Paterson M., Cryptography: Theory and Practice, 2019, Chapman and Hall/CRC. ISBN: 978-1138197015.
Nielson S. J., Monson C., Practical Cryptography in Python: Learning Correct Cryptography by Example, 2019, ISBN: 978-1484248997
Bray S., Implementing Cryptography Using Python, 2020, Wiley. ISBN: 978-1119612209.
Security Architectures and Zero-Trust Models
LO1: Understand the concept of security architectures and their role in modern cybersecurity and resilience.
LO2: Evaluate traditional security models and identify their strengths, weaknesses, and limitations.
LO3: Explain the principles and components of Zero-Trust architecture and its application in cybersecurity and resilience.
LO4: Learn the principles of designing and implementing Zero-Trust architectures.
LO5: Learn to apply Zero-Trust principles to cloud security, endpoint security, identity and access management, and data security.
LO6: Understand how to develop strategies for implementing Zero-Trust incident response techniques.
PC1: Introduction to Security Architectures
PC2: Traditional Security Models
PC3: Zero-Trust Principles
PC4: Implementing Zero-Trust Models
PC5: Zero-Trust and Cloud Security
PC6: Zero-Trust and Endpoint Security
PC7: Zero-Trust and Identity and Access Management (IAM)
PC8: Zero-Trust and Data Security
PC9: Zero-Trust and Incident Response
PC10: Zero-Trust Implementation Challenges and Future Trends
Periodic assessment:
Completion of two assessment tests throughout the semester, each with a minimum score of 8 points, counting 30% towards the final grade. Completion of individual and collaborative activities proposed throughout the semester, counting 30% towards the final grade. Carrying out a final collaborative project (in group) with a final presentation. The project will have a total weight of 40%, whereas the presentation will have a weight of 10%.
Assessment by exam (1st Season, 2nd Season):
Face-to-face exam (100% of the final grade)
Sherwood, N., Enterprise Security Architecture: A Business-Driven Approach, 2021, (1st edition). CRC Press.
Moyle, E., & Kelley, D., Practical Cybersecurity Architecture: A guide to creating and implementing robust designs for cybersecurity architects., 2020, Packt Publishing.
King, C., Osmanoglu, E., & Dalton, C., Security Architecture: Design, Deployment and Operations, 2001, (First Edition). McGraw-Hill Osborne Media.
Green-Ortiz, C., Fowler, B., Houck, D., Hensel, H., Lloyd, P., McDonald, A., & Frazier, J., Zero Trust Architecture, 2023, (1st edition). Cisco Press.
Finney, G., & Kindervag, J., Project Zero Trust: A Story about a Strategy for Aligning Security and the Business, 2022, (1st edition). Wiley.
Das, R., The Zero Trust Framework, 2023, (1st edition). CRC Press.
Ijlal, T., Zero Trust Security for Beginners: A no-fluff guide to implementing Zero Trust architecture using NIST, 2023, Independently published.
Gilman, E., & Barth, D., Zero Trust Networks: Building Secure Systems in Untrusted Networks, 2017, (1st edition). O’Reilly Media.