Recommended reading

I would say it depends on what subject. For example Carrier's book on File System Analysis is one of my references, however if you want a book on network forensics it would not be appropriate. Harlan Carvey writes great books on Windows Forensic Analysis, however if you are looking for a book on Mac OSX his books would not be what someone might recommend.

Have you had a chance to review the books under "Education" at the bottom of the page?

If you can narrow your focus I am sure you will get better responses.

I had the same question when I first entered the field and even more so when I first started my academic path. I bought a lot of books and did at first wonder if I would ever use them. So far, they have all be useful and helped me find areas I didn't even consider previously, including social engineering etc.

Forensic Focus have a selection of recommended texts at the links below -

UK - http//www.forensicfocus.com/computer-forensics-books-uk

US - http//www.forensicfocus.com/computer-forensics-books-us

I have created my own list of the texts which are on my own bookshelf -

UK - http//www.forhacsec.com/toolbox/bookshelf-uk/

US - http//www.forhacsec.com/toolbox/bookshelf-us/

However it does help to have an idea which area you want to focus on, such as -

Windows Forensics
Incident Response
Mobile Forensics & Cell Site Analysis
Network Forensics
Compliance and Governance
Mac Forensics

Good luck!

If money is an issue, go with white papers.

I get most of mine from various blogs, forensic focus, SANS, as well as good searches for whatever topic I am studying.

You don't need to buy a book to get knowledge. Remember, the material you find in books today was probably in a white paper previously.

I agree with twjolson. whenever a books is published it's already at least 12 months out of date if not more. At least with whitepapers you get more current information.

I too use -

Forensic Focus
SANS
Schneier
InfoSecIsland
Krebs
Tech Republic
Google Scholar can be useful too

Twitter is also a good source for occasional nugget of information and link that leads you something juicy.

There are also a host of podcasts for when you don't have the time or inclination to read a load of text and just want the highlights.

NetSecPodcast
Liquid Matrix
PaulDotCom

If money is an issue, go with white papers.

I get most of mine from various blogs, forensic focus, SANS, as well as good searches for whatever topic I am studying.

You don't need to buy a book to get knowledge. Remember, the material you find in books today was probably in a white paper previously.

I (respectfully) disagree.
The "basics" you cannot get through a number of various, often controiversial or however unorganized/random sources.

Someone "new" to the field will *need* some base books (sure some info might be not-updated-to-the-last-find, but rarely it will become actually "completely" outdated) because in a book there is an Author which talks of topics in a given order and provides a structure to the info, these structures won't get outdated.

Speaking of MS filesystems and operating systems, from time to time I find something of use in books written for NT 3.5 or NT 4.0 that is still valid "as is" or a same given *something* has been replaced by *something else*.

Of course it makes little sense to study info about a device that you will never see, but the "general" or "fundamentals" won't change that much.

jaclaz

Thank you for all the suggestions. I am focusing mainly on Windows forensics for now but would very much like to branch out into mobile, specifically Android.
I had completely missed the forensic focus recommended books, that is a great help
I read white papers as often as I can, forensic focus and tech republic are my current goto’s.

I have created my own list of the texts which are on my own bookshelf -

UK - http//www.forhacsec.com/toolbox/bookshelf-uk/

US - http//www.forhacsec.com/toolbox/bookshelf-us/

There is some really interesting looking stuff on your list, I have one or two of the hacking exposed series already that I frequently refer to as well as a couple of Mitnick books.
I will defiantly be looking at some of Andrew Hogg's.

Thank you

Thanks.

I've found all the books I put on there very useful and although some are on very similar topics, at the very least they provide an additional source, with a ever so slight difference of opinion when citing as references in papers and reports which can really aide in getting your point across.

I enjoy the Mitnick books as although there's still stuff to learn it's in a more flowy format and makes a welcome change and provides an 'easier' read every now and then.

Hope you find them some of use. If you find any which aren't on there and you recommend let me know.