Home | Amazing | Today | Tags | Publishers | Years | Account | Search 
Hunting Security Bugs

Buy
Hunting Security Bugs, 9780735621879 (073562187X), Microsoft Press, 2006

Your essential reference to software security testing—from the experts.

Learn how to think like an attacker—and identify potential security issues in your software. In this essential guide, security testing experts offer practical, hands-on guidance and code samples to help you find, classify, and assess security bugs before your software is released.

Discover how to:

  • Identify high-risk entry points and create test cases
  • Test clients and servers for malicious request/response bugs
  • Use black box and white box approaches to help reveal security vulnerabilities
  • Uncover spoofing issues, including identity and user interface spoofing
  • Detect bugs that can take advantage of your program’s logic, such as SQL injection
  • Test for XML, SOAP, and Web services vulnerabilities
  • Recognize information disclosure and weak permissions issues
  • Identify where attackers can directly manipulate memory
  • Test with alternate data representations to uncover canonicalization issues
  • Expose COM and ActiveX repurposing attacks

About the Authors

Tom Gallagher has been intrigued with both physical and computer security from a young age. In 1999, Tom graduated from Loyola University of New Orleans and was hired to work as a penetration tester for Microsoft SharePoint. Since then, he has continued to work on the security of different parts of Microsoft Office and is currently the lead of the Office Security Test team. This team is primarily focused on penetration testing, writing security testing tools, and educating program managers, developers, and testers about security issues.

Bryan Jeffries has been interested in computers for as long as he can remember. Upon graduating from North Carolina State University in 2001 with a BS degree in Computer Science, he left his home state of North Carolina to work for Microsoft Corporation in Redmond, Washington. He has been working as a software engineer in Microsoft SharePoint Products and Technologies for the past five years and is responsible for driving security testing across Microsoft Office Server System.

Lawrence Landauer's first interest in computers was as a hobby. After graduating from Montana State University in 1995 with a BS degree in Industrial and Management Engineering, he has since worked for Microsoft Corporation as a software engineer working on coding, testing, and training projects related to security, personal productivity, and deployment.

(HTML tags aren't allowed.)

Ontological Engineering: with examples from the areas of Knowledge Management, e-Commerce and the Semantic Web. First Edition
Ontological Engineering: with examples from the areas of Knowledge Management, e-Commerce and the Semantic Web. First Edition
Ontologies provide a common vocabulary of an area and define - with different levels of formality - the meaning of the terms and the relationships between them. Ontologies may be reused and shared across applications and groups Concepts in the ontology are usually organized in taxonomies and relations between concepts, properties of concepts, and...
Mastering Autodesk Inventor 2009 and Autodesk Inventor LT 2009
Mastering Autodesk Inventor 2009 and Autodesk Inventor LT 2009
Create Full-Featured Digital Prototypes—the Inventor Way

Whether you're designing airplanes, appliances, or industrial machinery, this complete guide to Autodesk Inventor 2009 shows you how to produce and manage build-worthy 3D virtual prototypes. A team of industry professionals and Autodesk developers combines years...

How I Made It: 40 Successful Entrepreneurs Reveal How They Made Millions
How I Made It: 40 Successful Entrepreneurs Reveal How They Made Millions

Every year thousands of hopeful entrepreneurs decide to take the plunge. Many fail, but many go on to achieve great success and huge profits. Why is it that some race ahead to glory while others fall at the first hurdle?

In How I Made It, 40 successful British entrepreneurs explain how they managed to defy the...


Clear Blogging: How People Blogging Are Changing the World and How You Can Join Them
Clear Blogging: How People Blogging Are Changing the World and How You Can Join Them
Almost overnight, blogging has become a social, political, and business force to be reckoned with. Your fellow students, workers, and competitors are joining the blogosphere--and making money, influencing elections, getting hired, growing market share, and having fun--to the tune of 8,000 new bloggers a day.

Clear Blogging sets out to...

PHP Solutions: Dynamic Web Design Made Easy, Second Edition
PHP Solutions: Dynamic Web Design Made Easy, Second Edition

This is the second edition of David Power's highly-respected PHP Solutions: Dynamic Web Design Made Easy. This new edition has been updated by David to incorporate changes to PHP since the first edition and to offer the latest techniques--a classic guide modernized for 21st century PHP techniques, innovations, and...

Effective Monitoring and Alerting: For Web Operations
Effective Monitoring and Alerting: For Web Operations

With this practical book, you’ll discover how to catch complications in your distributed system before they develop into costly problems. Based on his extensive experience in systems ops at large technology companies, author Slawek Ligus describes an effective data-driven approach for monitoring and alerting that enables you to...

©2019 LearnIT (support@pdfchm.net) - Privacy Policy