作者：Tom Gallagher, Lawrence Landauer, Bryan Jeffries
出版日期：June 9, 2006
出版社：Microsoft Press
页数：592
ISBN：ISBN-10: 073562187X ISBN-13: 978-0735621879
文件格式：CHM

Finding security flaws is now a fundamental development task, yetthere has not been adequate documentation of the process used to findsecurity bugs—until now. Before the Internet, computers were deployedin trusted environments and software development and testing practicesemphasized functionality over security. As networking technologiesemerged, though, times changed and people began to connect theircomputers together, instead of deploying in silos. However, developmentand testing practices did not account for attacks that could be mountedover networks. The material currently available does not provide muchpractical guidance and the instructions given often fail to cultivatethe right mindset and approach to enable people to successfullyidentify security issues before the software is published. Thisin-depth, technical reference highlights up-to-date tools,technologies, and techniques for helping find and eliminatevulnerabilities in software. Written for testers by testers, itdelivers practical, hands-on guidance on how to find, classify, andassess bugs. In addition, this book covers the thought process behindsecurity testing, use of source code to help in testing, and ways tospot security design flaws.
From the Publisher
Key Book Benefits: – Delivers practical, hands-oguidance on securitybugs, how to find them, and how to help prevent them Provides specific,actionable technical details about security testing – Covers thesesubjects, among others: – The thought process behind security testing –Research and experience on how to find security bugs – How to classifythe bugs you’ve found – What to do when you’ve found a bug – How totell if a bug is serious and whether it is a security bug – Use ofsource code to help in security testing – Ways to spot security designflaws




第9部分已上传！