Secure Computing Systems

Secure Computing Systems provides a clear, structured introduction to modern system security for postgraduate students, computing students, early-career security professionals, and practitioners who want a stronger foundation in secure development, assessment, defence, incident response, and digital forensics.

Security is not something that can be added at the end of a project. It has to be considered across the whole lifecycle: from requirements and design, through coding and assessment, into live operation, incident handling, and evidence-based improvement. This book treats secure computing as a connected discipline, rather than a collection of isolated tools, techniques, or checklists.

Written in an accessible textbook style, the book explains the principles and practical reasoning behind secure systems without assuming prior specialist security experience. It is aimed at readers who already have a general computing background and want to understand how secure systems are designed, built, assessed, defended, and investigated.

Across seventeen chapters, the book covers:

• secure computing as a lifecycle
• security by design and threat modelling
• secure coding failure modes
• language, dependency, and review risk
• law, ethics, and rules of engagement
• reconnaissance, scanning, and vulnerability assessment
• web, API, identity, and business-logic failures
• configuration exploitation and privilege escalation
• network threats and network defence
• cloud security architecture
• detection engineering and security operations
• malware vectors, prevention, and analysis workflows
• incident response and incident coordination
• digital forensics and DFIR

The emphasis throughout is on responsible, evidence-based security practice. The book does not provide step-by-step exploitation recipes. Instead, it explains vulnerability mechanisms, control choices, trade-offs, limitations, and the professional responsibilities that sit around security work.

Each chapter includes learning outcomes, conceptual explanations, technical workflows, worked examples, summaries, and review questions. Case studies and current practice sections connect the material to real security practice, while references to recognised frameworks and communities such as NIST, OWASP, MITRE, CISA, NCSC, and SANS help readers place the material in a wider professional context.

Secure Computing Systems is suitable for taught modules in cyber security, secure software engineering, computer science, and digital forensics. It is also useful as a practical reference for developers, system administrators, security analysts, and technical managers who need to understand how security decisions fit together across the full system lifecycle.