(CHM 英文版)
by Julia H. Allen; Sean Barnum; Robert J. Ellison; Gary McGraw; Nancy R. Mead
Publisher: Addison Wesley Professional
Pub Date: May 01, 2008
ISBN-10: 0-321-50917-X
ISBN-13: 978-0-321-50917-8
Pages: 368

This book will help you understand why：


Software security is about more than just eliminating vulnerabilities and conducting penetration testsNetwork security mechanisms and IT infrastructure security services do not sufficiently protect application software from security risksSoftware security initiatives should follow a risk-management approach to identify priorities and to define what is "good enough"—understanding that software security risks will change throughout the SDLCProject managers and software engineers need to learn to think like an attacker in order to address the range of functions that software should not do, and how software can better resist, tolerate, and recover when under attack
详细介绍，目录，试读在此：http://www.informit.com/store/product.aspx?isbn=032150917X]