Home | Amazing | Today | Tags | Publishers | Years | Account | Search 
24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them

Buy

"What makes this book so important is that it reflects the experiences of two of the industry's most experienced hands at getting real-world engineers to understand just what they're being asked for when they're asked to write secure code. The book reflects Michael Howard's and David LeBlanc's experience in the trenches working with developers years after code was long since shipped, informing them of problems." --From the Foreword by Dan Kaminsky, Director of Penetration Testing, IOActive

Eradicate the Most Notorious Insecure Designs and Coding Vulnerabilities

Fully updated to cover the latest security issues, 24 Deadly Sins of Software Security reveals the most common design and coding errors and explains how to fix each one-or better yet, avoid them from the start. Michael Howard and David LeBlanc, who teach Microsoft employees and the world how to secure code, have partnered again with John Viega, who uncovered the original 19 deadly programming sins. They have completely revised the book to address the most recent vulnerabilities and have added five brand-new sins. This practical guide covers all platforms, languages, and types of applications. Eliminate these security flaws from your code:

  • SQL injection
  • Web server- and client-related vulnerabilities
  • Use of magic URLs, predictable cookies, and hidden form fields
  • Buffer overruns
  • Format string problems
  • Integer overflows
  • C++ catastrophes
  • Insecure exception handling
  • Command injection
  • Failure to handle errors
  • Information leakage
  • Race conditions
  • Poor usability
  • Not updating easily
  • Executing code with too much privilege
  • Failure to protect stored data
  • Insecure mobile code
  • Use of weak password-based systems
  • Weak random numbers
  • Using cryptography incorrectly
  • Failing to protect network traffic
  • Improper use of PKI
  • Trusting network name resolution
(HTML tags aren't allowed.)

SQL Server Tacklebox Essential tools and scripts for the day-to-day DBA
SQL Server Tacklebox Essential tools and scripts for the day-to-day DBA

For the day-to-day DBA, there are dangers around every corner; monsters waiting to strike down the unsuspecting database with a resource-hungry query, an inefficient data load, or even outright data corruption. When the worst happens, and SQL Server is down, or performance is suffering, customers are quick to complain.. During such difficult...

Unix Advanced: Visual QuickPro Guide
Unix Advanced: Visual QuickPro Guide
If you've mastered the flavors, commands, and technical jargon surrounding Unix, are comfortable working from within the command line, and are now itching to take your Unix skills to the next level, this is the place to start! Using a task-based teaching style and easy visual approach, author Chris Herborth does more than just enumerate commands...
Recording Tips for Engineers, Second Edition: For cleaner, brighter tracks
Recording Tips for Engineers, Second Edition: For cleaner, brighter tracks
"Crammed with everything you need, and I mean everything. Simple explanations with brilliant illustrations, every conceivable studio tip and trick, a few 'rock star' anecdotes and, as usual, Tim's humor is great." Bob Schwall, Battery Studios

Over a thousand easy-to-use tips, hints, tricks, how-tos, setups,
...

Text Mining: Classification, Clustering, and Applications
Text Mining: Classification, Clustering, and Applications
This book is a worthy contribution to the field of text mining. By focusing on classification (rather than exhaustively covering extraction, summarization, and other tasks), it achieves the right balance of coherence and comprehensiveness. It collects papers by the leading authors in the field, who employ and explain a variety of...
Drupal Development Tricks for Designers
Drupal Development Tricks for Designers
In the first guide, Planning and Managing Drupal Projects, we walked through the process of planning a site, figuring out the user experience, and working with content architecture. In the second, Design and Prototyping in Drupal, we started looking at how to create solid, user-centered design that works for a...
The Truth About Being a Leader
The Truth About Being a Leader

Praise for The Truth About Being a Leader

“If you ever met Dr. Otazo, you certainly would read her new Truth book. She is as she writes—engaging, pithy, memorable. Take ‘Truth 33: Questions Unite; Answers Divide.’ Now ain’t that the truth....

©2021 LearnIT (support@pdfchm.net) - Privacy Policy