Home | Amazing | Today | Tags | Publishers | Years | Account | Search 
Secure Programming with Static Analysis (Addison-Wesley Software Security Series)

Buy
The First Expert Guide to Static Analysis for Software Security!

 

Creating secure code requires more than just good intentions. Programmers need to know that their code will be safe in an almost infinite number of scenarios and configurations. Static source code analysis gives users the ability to review their work with a fine-toothed comb and uncover the kinds of errors that lead directly to security vulnerabilities. Now, there’s a complete guide to static analysis: how it works, how to integrate it into the software development processes, and how to make the most of it during security code review. Static analysis experts Brian Chess and Jacob West look at the most common types of security defects that occur today. They illustrate main points using Java and C code examples taken from real-world security incidents, showing how coding errors are exploited, how they could have been prevented, and how static analysis can rapidly uncover similar mistakes. This book is for everyone concerned with building more secure software: developers, security engineers, analysts, and testers.

 

About the Author


Brian Chess is a founder of Fortify Software. He currently serves as Fortify’s Chief Scientist, where his work focuses on practical methods for creating secure systems. Brian holds a Ph.D. in Computer Engineering from the University of California at Santa Cruz, where he studied the application of static analysis to the problem of finding security-relevant defects in source code. Before settling on security, Brian spent a decade in Silicon Valley working at huge companies and small startups. He has done research on a broad set of topics, ranging from integrated circuit design all the way to delivering software as a service. He lives in Mountain View, California.

 

Jacob West manages Fortify Software’s Security Research Group, which is responsible for building security knowledge into Fortify’s products. Jacob brings expertise in numerous programming languages, frameworks, and styles together with knowledge about how real-world systems can fail. Before joining Fortify, Jacob worked with Professor David Wagner at the

University of California at Berkeley to develop MOPS (MOdel Checking Programs for Security properties), a static analysis tool used to discover security vulnerabilities in C programs. When he is away from the keyboard, Jacob spends time speaking at conferences and working with customers to advance their understanding of software security. He lives in San Francisco, California.

(HTML tags aren't allowed.)

A History of Interest Rates, Fourth Edition (Wiley Finance)
A History of Interest Rates, Fourth Edition (Wiley Finance)

A History of INTEREST RATES

The late Sidney Homer published the First Edition of A History of Interest Rates in 1963 because he believed that a comprehensive history of this universal and basic economic and commercial price was necessary. Now in its Fourth Edition, A History of Interest Rates has become a classic in the fields of...

OpenGL Game Programming w/CD (Prima Tech's Game Development)
OpenGL Game Programming w/CD (Prima Tech's Game Development)
OpenGL® Game Programming teaches you how to use OpenGL to create dynamic 3D environments and effects for use in game development. Beginning with the histories of OpenGL and Microsoft® DirectX®, programming essentials for Microsoft Windows®, and 3D theory, you'll quickly move on to lessons on the functionality of OpenGL. Most of the...
Democracy and Pluralism: The Political Thought of William E. Connolly (Routledge Innovations in Political Theory)
Democracy and Pluralism: The Political Thought of William E. Connolly (Routledge Innovations in Political Theory)

William E. Connolly’s political theory forms a distinct and influential contribution to contemporary debates about the nature and prospects of democratic life in the twenty-first century. His original conceptualisations of pluralism, naturalism, the politics of the body, religion, secularism and his daring incorporation of contemporary...


MCSE Planning and Maintaining a Windows Server 2003 Network Infrastructure: Exam 70-293 Study Guide
MCSE Planning and Maintaining a Windows Server 2003 Network Infrastructure: Exam 70-293 Study Guide

The MCSE Planning and Maintaining a Windows Server 2003 Network Infrastructure (Exam 70-293) Study Guide is a one-of-a-kind integration of text, and Web-based exam simulation and remediation. This system gives you 100% coverage of the official Microsoft 70-293 exam objectives.

  • Completely Guaranteed Coverage of All...
Introduction to Probability and Stochastic Processes with Applications
Introduction to Probability and Stochastic Processes with Applications

An easily accessible, real-world approach to probability and stochastic processes

Introduction to Probability and Stochastic Processes with Applications presents a clear, easy-to-understand treatment of probability and stochastic processes, providing readers with a solid foundation they can build upon throughout their...

Terminological Ontologies: Design, Management and Practical Applications
Terminological Ontologies: Design, Management and Practical Applications

Information infrastructures are integrated solutions based on the fusion of information and communication technologies. They are characterized by the large amount of data that must be managed accordingly. An information infrastructure requires an efficient and effective information retrieval system to provide access to the items stored in the...

©2019 LearnIT (support@pdfchm.net) - Privacy Policy