当前位置: 首页 > 资源下载 > 网络通信安全 > 查看资源

资源分类
Web开发
Java
.NET
编程语言
数据库
软件工程
图形动画
系统管理
网络通信安全
计算机理论
考试认证
人文百科
文档手册
硬件技术
办公软件

19 Deadly Sins of Software Security: Programming Flaws and How to Fix Them

19 Deadly Sins of Software Security: Programming Flaws and How to Fix Them

书名:19 Deadly Sins of Software Security: Programming Flaws and How to Fix Them

上传:石头

时间:2009-12-20

文件大小:1.36 MB

资源出处:查看资源出处 >>

收藏到网摘: n/a



作者:Michael Howard, David LeBlanc, John Viega
出版日期:July 26, 2005
出版社:McGraw-Hill
页数:304
ISBN:ISBN-10: 0072260858 ISBN-13: 978-0072260854
文件格式:CHM

This essential book for all software developers–regardless ofplatform, language, or type of application–outlines the “19 deadlysins” of software security and shows how to fix each one. Best-sellingauthors Michael Howard and David LeBlanc, who teach Microsoft employeeshow to secure code, have partnered with John Viega, the man whouncovered the 19 deadly programming sins to write this much-neededbook. Coverage includes:
Windows, UNIX, Linux, and Mac OS XC, C++, C#, Java, PHP, Perl, and Visual BasicWeb, small client, and smart-client applicationsFrom the Back Cover
“Ninety-five percent of software bugs are caused by the same 19programming flaws.” —Amit Yoran, Former Director of The Department ofHomeland Security’s National Cyber Security Division
Secure your software by eliminating code vulnerabilities from thestart. This essential book for all software developers–regardless ofplatform, language, and type of application–outlines the 19 sins ofsoftware security and shows how to fix each one. Best-selling authorsMichael Howard and David LeBlanc, who teach Microsoft employees how towrite secure code, have partnered with John Viega, the man whouncovered the 19 deadly programming sins to write this hands-on guide.Detailed code examples throughout show the code defects as well as thefixes and defenses. If you write code, you need this book. Eliminatethese security flaws from your code:
Buffer overrunsFormat string problemsInteger overflowsSQL injectionCommand injectionFailure to handle errorsCross-site scriptingFailure to protect network trafficUse of magic URLs and hidden formsImproper use of SSLUse of weak password-based systemsFailure to store and protect data securelyInformation leakageTrusting network address resolutionImproper file accessRace conditionsUnauthenticated key exchangeFailure to use cryptographically strong random numbersPoor usabilityMichael Howard, CISSP, is an architect of the security processchanges at Microsoft and a co-author of Processes to Produce SecureSoftware published by the Department of Homeland Security’s NationalCyber Security Division. He is a Senior Security Program Manager in theSecurity Engineering Group at Microsoft Corporation and co-author ofWriting Secure Code (Microsoft Press). David LeBlanc, Ph.D., is ChiefSoftware Architect for Webroot Software, and was formerly SecurityArchitect in the Office group at Microsoft. He is co-author of WritingSecure Code. John Viega is the CTO of Secure Software. He first definedthe 19 deadly sins of software security for the Department of HomelandSecurity. He is co-author of many security books including BuildingSecure Software (Addison-Wesley).
Tags:DeadlyProgrammingSecuritySinsSoftware


相关书籍

  • GTK Programming Zone(free)
  • Beautiful Architecture: Leading Thinkers Reveal the Hidden Beauty in Software De
  • The Myths of Security: What the Computer Security Industry Doesn’t Want You to K
  • Firewalls and Internet Security
  • Cisco Access Control Security: AAA Administrative Services

评论 (0) All

登陆 | 还没注册?