Home | Amazing | Today | Tags | Publishers | Years | Account | Search 
The Manager's Guide to Web Application Security: A Concise Guide to the Weaker Side of the Web

Buy

The Manager's Guide to Web Application Security is a concise, information-packed guide to application security risks every organization faces, written in plain language, with guidance on how to deal with those issues quickly and effectively. Often, security vulnerabilities are difficult to understand and quantify because they are the result of intricate programming deficiencies and highly technical issues. Author and noted industry expert Ron Lepofsky breaks down the technical barrier and identifies many real-world examples of security vulnerabilities commonly found by IT security auditors, translates them into business risks with identifiable consequences, and provides practical guidance about mitigating them.

The Manager's Guide to Web Application Security describes how to fix and prevent these vulnerabilities in easy-to-understand discussions of vulnerability classes and their remediation. For easy reference, the information is also presented schematically in Excel spreadsheets available to readers for free download from the publisher’s digital annex. The book is current, concise, and to the point—which is to help managers cut through the technical jargon and make the business decisions required to find, fix, and prevent serious vulnerabilities.

What you’ll learn

  • Executives: Quickly comprehend what the application security team is saying in terms of risk and remediation
  • Security experts: Understand how to express threats in terms of business risk to executives
  • Details about currently relevant vulnerabilities, by vulnerability class and risk level
  • Decision criteria for what type of security audit is required for your environment
  • Downloadable information tables, examples, and reusable forms
  • Information about standards compliance, including appendices that detail relevant standards, such as COBIT5 IT Security, Experian EI3PA Security Audit Standard, and PCI DSS

Who this book is for

The Manager's Guide to Web Application Security is written for senior executives who have to make business decisions about managing the risk of web applications.

Table of Contents

1. Understanding IT Security Risks

2. Types of Web Application Security Testing

3. Web Application Vulnerabilities and the Damage They Can Cause

4. Web Application Vulnerabilities and Countermeasures

5. How to Build Preventative Countermeasures for Web Application Vulnerabilities

6. How to Manage Security on Applications Written by Third Parties

7. Integrating Compliance with Web Application Security

8. How to Create a Business Case Cost for Web Application Security

9. Parting Thoughts

A. COBIT 5 for Information Security

B. Experian EI3PA Security Audit

C. ISO/IEC 17799:2005 and the ISO/IEC 27000:2014 Series

D. North American Energy Council Security Standard for Critical Infrastructure Protection (NERC CIP)

E. NIST 800 Guidelines

F. Payment Card Industry (PCI) Data Security Standard

G. Sarbanes-Oxley Security Compliance Requirements

H. Sources of Information

(HTML tags aren't allowed.)

Diagnosing Wild Species Harvest: Resource Use and Conservation
Diagnosing Wild Species Harvest: Resource Use and Conservation

Diagnosing Wild Species Harvest bridges gaps of knowledge fragmented among scientific disciplines as it addresses this multifaceted phenomenon that is simultaneously global and local. The authors emphasize the interwoven nature of issues specific to the ecological, economic, and socio-cultural realms of wild species harvest.

...

Practical Django Projects, Second Edition
Practical Django Projects, Second Edition

Build a django content management system, blog, and social networking site with James Bennett as he introduces version 1.1 of the popular Django framework.

You’ll work through the development of each project, implementing and running the applications while learning new features along the way.

Web...

CSS and Documents
CSS and Documents
Cascading Style Sheets (CSS) is a powerful tool that transforms the presentation of a document or a collection of documents, and it has spread to nearly every corner of the web as well as into many ostensibly non-web environments. For example, Gecko-based browsers use CSS to affect the presentation of the browser chrome itself,...

Bisociative Knowledge Discovery: An Introduction to Concept, Algorithms, Tools, and Applications
Bisociative Knowledge Discovery: An Introduction to Concept, Algorithms, Tools, and Applications

Modern knowledge discovery methods enable users to discover complex patterns of various types in large information repositories. However, the underlying assumption has always been that the data to which the methods are applied to originates from one domain. The focus of this book, and the BISON project from which the contributions are...

PC Audio Editing with Adobe Audition 2.0: Broadcast, desktop and CD audio production
PC Audio Editing with Adobe Audition 2.0: Broadcast, desktop and CD audio production

At first glance . . . Adobe’s Audition seems to be a fairly simple and straightforward audio editing program. That’s because it is! But don’t let that intuitive GUI (graphic user interface) fool you – it’s an extremely powerful editor that has worked its way into the mainstay of the audio production industry, one...

Categorical Data Analysis Using SAS, Third Edition
Categorical Data Analysis Using SAS, Third Edition

Statisticians and researchers will find Categorical Data Analysis Using SAS, Third Edition, by Maura Stokes, Charles Davis, and Gary Koch, to be a useful discussion of categorical data analysis techniques as well as an invaluable aid in applying these methods with SAS. Practical examples from a broad range of applications illustrate...

©2019 LearnIT (support@pdfchm.net) - Privacy Policy