- Shopping Bag ( 0 items )
From Barnes & NobleThe Barnes & Noble Review
Virtually every significant piece of software needs security testing, but most developers or testers don't know how to do it. The solution? This smart, comprehensive guide.
Calling this book's authors "insiders" doesn't do them justice. One created the industry's definitive methodology for automated testing. Another leads Symantec's Application Security Center of Excellence. Yet another wrote the legendary L0phtCrack password auditor. The fourth is a full-time penetration tester. They know this stuff.
What stuff? Threat modeling. Network and local attacks. Cross-site scripting. Reverse engineering. Crypto weaknesses. Determining which flaws represent real vulnerabilities, and which don't. And perhaps most important: integrating penetration and security testing into your development lifecycle.
By the way, if someone you know is foolish enough to think their code's already safe, this book's chapter-length tour of software vulnerabilities will disabuse them. Quick. Bill Camarda, from the January 2007 Read Only