Secure Programming with Static Analysis (PDF 英文版)
(PDF 英文版)
By Brian Chess, Jacob West
Jun 29, 2007 (Addison-Wesley Professional)
Pages: 624
ISBN-10: 0-321-42477-8
ISBN-13: 978-0-321-42477-8
Why conventional bug-catching often misses security problems
How static analysis can help programmers get security right
The critical attributes and algorithms that make or break a static analysis tool
36 techniques for making static analysis more effective on your code
More than 70 types of serious security vulnerabilities, with specific solutions
Example vulnerabilities from Firefox, OpenSSH, MySpace, eTrade, Apache httpd, and many more
Techniques for handling untrusted input
Eliminating buffer overflows: tactical and strategic approaches
Avoiding errors specific to Web applications, Web services, and Ajax
Security-aware logging, debugging, and error/exception handling
Creating, maintaining, and sharing secrets and confidential information
Detailed tutorials that walk you through the static analysis process
详细介绍在此:http://www.informit.com/store/product.aspx?isbn=0321424778