Review of Rogue Code by Mark Russinovich

This is the third book in what is now called the Jeff Aiken Series that Mark has written the previous ones where Zero Day and Trojan Horse. Mark works for Microsoft as a Technical Fellow in the Cloud and Enterprise Division. In the technical and security world he is known to most as the author of the Sysinternal tools many sysadmins and security professionals use on a daily basis in their work. He is also known for his Windows Internals series of books from Microsoft Press.

The book is about the new adventure of Jeff Aiken as he is hired by the New York Stock Exchange to do an internal penetration test with his new business partner and old friend from the CIA named Frank. The story takes him from New York City to Brasil as the story progresses.The story also covers the world of high frequency trading and a bit of the world of startups as they look at the big payoff of going public and the internal struggles we see in many of them. Mark does a great job showing the parallel stories for the criminal organization, the people at the NYSE, his and Daryl's, the High Frequency Trading company and the startup working on launching their IPO. Mark ties all of the stories together in the book keeping the reader engaged.

As always when it comes to Marks books I tend to look at what relates to my world as a security professional and I have to say when it comes to this book I was not let down. The techniques, process and technology used matches perfectly with the real world and in one or two cases it goes a bit in to the future of possible attacks but are not in any way impossible. One of the things that kept coming to my mind was that some of those technical actions mentioned I have experience or have seen others in the security community also experience in one way or another (Except the gun battles and the assassins). I have to say Mark got a great balance in this book between the technical parts, on going story of Jeff and the action making this book one of the most reads for any security professional that wants a good story and relate to their own world.