Secure Programming with Static Analysis (PDF 英文版)


(PDF 英文版)
By Brian Chess, Jacob West
Jun 29, 2007 (Addison-Wesley Professional)
Pages: 624
ISBN-10: 0-321-42477-8
ISBN-13: 978-0-321-42477-8



Why conventional bug-catching often misses security problems

How static analysis can help programmers get security right

The critical attributes and algorithms that make or break a static analysis tool

36 techniques for making static analysis more effective on your code

More than 70 types of serious security vulnerabilities, with specific solutions

Example vulnerabilities from Firefox, OpenSSH, MySpace, eTrade, Apache httpd, and many more

Techniques for handling untrusted input

Eliminating buffer overflows: tactical and strategic approaches

Avoiding errors specific to Web applications, Web services, and Ajax

Security-aware logging, debugging, and error/exception handling

Creating, maintaining, and sharing secrets and confidential information

Detailed tutorials that walk you through the static analysis process


详细介绍在此：http://www.informit.com/store/product.aspx?isbn=0321424778