Michael Howard, David LeBlanc, John Viega
24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them
56,99 €
inkl. MwSt.
Versandkostenfrei*
Versandfertig in über 4 Wochen
Melden Sie sich
hier
hier
für den Produktalarm an, um über die Verfügbarkeit des Produkts informiert zu werden.
Michael Howard, David LeBlanc, John Viega
24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them
- Broschiertes Buch
A fully revised and updated security bestseller--complete with five new sins
Andere Kunden interessierten sich auch für
- Cameron H. MalinDeception in the Digital Age58,99 €
- Chris PattenBlack Hat Go27,99 €
- Ari TakanenFuzzing for Software Security93,99 €
- Jason AndressFoundations of Information Security24,99 €
- Joseph SteinbergCybersecurity For Dummies26,99 €
- Andrew JenkinsonRansomware and Cybercrime95,99 €
- Brian AllenBuilding a Cyber Risk Management Program50,99 €
-
-
-
Produktdetails
- Produktdetails
- Verlag: McGraw-Hill Osborne / McGraw-Hill Professional
- Seitenzahl: 432
- Erscheinungstermin: 24. September 2009
- Englisch
- Abmessung: 233mm x 187mm x 29mm
- Gewicht: 858g
- ISBN-13: 9780071626750
- ISBN-10: 0071626751
- Artikelnr.: 26564162
- Verlag: McGraw-Hill Osborne / McGraw-Hill Professional
- Seitenzahl: 432
- Erscheinungstermin: 24. September 2009
- Englisch
- Abmessung: 233mm x 187mm x 29mm
- Gewicht: 858g
- ISBN-13: 9780071626750
- ISBN-10: 0071626751
- Artikelnr.: 26564162
MICHAEL HOWARD PRINCIPAL CYBERSECURITY ARCHITECT MICROSOFT PUBLIC SECTOR SERVICESMichael Howard is a principal cybersecurity architect in the Public Sector Services group. Prior to that, he was a principal security program manager on the Trustworthy Computing (TwC) Group's Security Engineering team at Microsoft, where he was responsible for managing secure design, programming, and testing techniques across the company.Howard is an architect of the Security Development Lifecycle (SDL), a process for improving the security of Microsoft's software. Howard began his career with Microsoft in 1992 at the company's New Zealand office, working for the first two years with Windows and compilers on the Product Support Services team, and then with Microsoft Consulting Services, where he provided security infrastructure support to customers and assisted in the design of custom solutions and development of software. In 1997, Howard moved to the United States to work for the Windows division on Internet Information Services, Microsoft's next-generation web server, before moving to his current role in 2000. Howard is an editor of IEEE Security & Privacy, a frequent speaker at security-related conferences and he regularly publishes articles on secure coding and design, Howard is the co-author of six security books, including the award-winning Writing Secure Code, 19 Deadly Sins of Software Security, The Security Development Lifecycle, Writing Secure Code for Windows Vista and his most recent release 24 Deadly Sins of Software Security.
Part I: Web Application Sins ; Chapter 1: SQL Injection; Chapter 2: Server Side Cross-Site Scripting; Chapter 3: Web-Client Related Vulnerabilities; Part II: Implementation Sins ; Chapter 4: Use of Magic URLs
Chapter 5: Buffer Overruns; Chapter 6: Format String Problems; Chapter 7: Integer Overflows; Chapter 8: C++ Catastrophes; Chapter 9: Catching All Exceptions; Chapter 10: Command Injection; Chapter 11: Failure to Handle Errors; Chapter 12: Information Leakage; Chapter 13: Race Conditions; Chapter 14: Poor Usability; Chapter 15: Not Updating Easily; Part III: Cryptographic Sins ; Chapter 16: Not Using Least Priveleges; Chapter 17: Weak Password Systems; Chapter 18: Unauthenticated Key Exchange; Chapter 19: Random Numbers; Part IV: Networking Sins ;Chapter 20: Wrong Algorithm; Chapter 21: Failure to Protect Network Traffic; Chapter 22: Trusting Name Resolution; Part V: Stored Data Sins ; Chapter 23: Improper Use of SSL/TLS; Chapter 24: Failure to Protect Stored Data
Chapter 5: Buffer Overruns; Chapter 6: Format String Problems; Chapter 7: Integer Overflows; Chapter 8: C++ Catastrophes; Chapter 9: Catching All Exceptions; Chapter 10: Command Injection; Chapter 11: Failure to Handle Errors; Chapter 12: Information Leakage; Chapter 13: Race Conditions; Chapter 14: Poor Usability; Chapter 15: Not Updating Easily; Part III: Cryptographic Sins ; Chapter 16: Not Using Least Priveleges; Chapter 17: Weak Password Systems; Chapter 18: Unauthenticated Key Exchange; Chapter 19: Random Numbers; Part IV: Networking Sins ;Chapter 20: Wrong Algorithm; Chapter 21: Failure to Protect Network Traffic; Chapter 22: Trusting Name Resolution; Part V: Stored Data Sins ; Chapter 23: Improper Use of SSL/TLS; Chapter 24: Failure to Protect Stored Data
Part I: Web Application Sins ; Chapter 1: SQL Injection; Chapter 2: Server Side Cross-Site Scripting; Chapter 3: Web-Client Related Vulnerabilities; Part II: Implementation Sins ; Chapter 4: Use of Magic URLs
Chapter 5: Buffer Overruns; Chapter 6: Format String Problems; Chapter 7: Integer Overflows; Chapter 8: C++ Catastrophes; Chapter 9: Catching All Exceptions; Chapter 10: Command Injection; Chapter 11: Failure to Handle Errors; Chapter 12: Information Leakage; Chapter 13: Race Conditions; Chapter 14: Poor Usability; Chapter 15: Not Updating Easily; Part III: Cryptographic Sins ; Chapter 16: Not Using Least Priveleges; Chapter 17: Weak Password Systems; Chapter 18: Unauthenticated Key Exchange; Chapter 19: Random Numbers; Part IV: Networking Sins ;Chapter 20: Wrong Algorithm; Chapter 21: Failure to Protect Network Traffic; Chapter 22: Trusting Name Resolution; Part V: Stored Data Sins ; Chapter 23: Improper Use of SSL/TLS; Chapter 24: Failure to Protect Stored Data
Chapter 5: Buffer Overruns; Chapter 6: Format String Problems; Chapter 7: Integer Overflows; Chapter 8: C++ Catastrophes; Chapter 9: Catching All Exceptions; Chapter 10: Command Injection; Chapter 11: Failure to Handle Errors; Chapter 12: Information Leakage; Chapter 13: Race Conditions; Chapter 14: Poor Usability; Chapter 15: Not Updating Easily; Part III: Cryptographic Sins ; Chapter 16: Not Using Least Priveleges; Chapter 17: Weak Password Systems; Chapter 18: Unauthenticated Key Exchange; Chapter 19: Random Numbers; Part IV: Networking Sins ;Chapter 20: Wrong Algorithm; Chapter 21: Failure to Protect Network Traffic; Chapter 22: Trusting Name Resolution; Part V: Stored Data Sins ; Chapter 23: Improper Use of SSL/TLS; Chapter 24: Failure to Protect Stored Data