Nicht aus der Schweiz? Besuchen Sie lehmanns.de
19 Deadly Sins of Software Security - Michael Howard, David Leblanc, John Viega

19 Deadly Sins of Software Security

Buch | Softcover
304 Seiten
2005
McGraw-Hill Professional (Verlag)
978-0-07-226085-4 (ISBN)
CHF 39,95 inkl. MwSt
zur Neuauflage
  • Titel erscheint in neuer Auflage
  • Artikel merken
Zu diesem Artikel existiert eine Nachauflage
Suitable for software developers regardless of platform, language, or type of application, this work outlines the "19 deadly sins" of software security and shows how to fix each one. It covers topics such as: Windows, UNIX, Linux, and Mac OS X C, C++, C#, Java, PHP, Perl, and Visual Basic Web, small client, and smart-client applications.
This essential book for all software developers--regardless of platform, language, or type of application--outlines the “19 deadly sins” of software security and shows how to fix each one. Best-selling authors Michael Howard and David LeBlanc, who teach Microsoft employees how to secure code, have partnered with John Viega, the man who uncovered the 19 deadly programming sins to write this much-needed book. Coverage includes:



Windows, UNIX, Linux, and Mac OS X C, C++, C#, Java, PHP, Perl, and Visual Basic Web, small client, and smart-client applications

MICHAEL HOWARD PRINCIPAL CYBERSECURITY ARCHITECT MICROSOFT PUBLIC SECTOR SERVICESMichael Howard is a principal cybersecurity architect in the Public Sector Services group. Prior to that, he was a principal security program manager on the Trustworthy Computing (TwC) Groups Security Engineering team at Microsoft, where he was responsible for managing secure design, programming, and testing techniques across the company.Howard is an architect of the Security Development Lifecycle (SDL), a process for improving the security of Microsofts software. Howard began his career with Microsoft in 1992 at the companys New Zealand office, working for the first two years with Windows and compilers on the Product Support Services team, and then with Microsoft Consulting Services, where he provided security infrastructure support to customers and assisted in the design of custom solutions and development of software. In 1997, Howard moved to the United States to work for the Windows division on Internet Information Services, Microsofts next-generation web server, before moving to his current role in 2000. Howard is an editor of IEEE Security & Privacy, a frequent speaker at security-related conferences and he regularly publishes articles on secure coding and design, Howard is the co-author of six security books, including the award-winning Writing Secure Code, 19 Deadly Sins of Software Security, The Security Development Lifecycle, Writing Secure Code for Windows Vista and his most recent release 24 Deadly Sins of Software Security. David LeBlanc, Ph.D., is currently Chief Software Architect for Webroot Software. Prior to joining Webroot, he served as security architect for Microsoft's Office division, was a founding member of the Trustworthy Computing Initiative, and worked as a white-hat hacker in Microsoft's network security group. David is also co-author of Writing Secure Code and Assessing Network Security, as well as numerous articles. On good days, he'll be found riding the trails on his horse with his wife, Jennifer. John Viega discovered the 19 deadly programming flaws that received such press and media attention, and this book is based on his discovery. He is the Founder and Chief Scientist of Secure Software (www.securesoftware.com), is a well-known security expert, and coauthor of Building Secure Software (Addison-Wesley), Network Security with OpenSSL (O'Reilly) an Adjunct Professor of Computer Science at Virginia Tech (Blacksburg, VA) and Senior Policy Researcher at the Cyberspace Policy Institute, and he serves on the Technical Advisory Board for the Open Web Applications Security Project. He also founded a Washington, D.C. area security interest group that conducts monthly lectures presented by leading experts in the field. John is responsible for numerous software security tools, and is the original author of Mailman, the GNU mailing list manager. He holds a B.A. and M.S. in Computer Science from the University of Virginia. He is the author or coauthor of nearly 80 technical publications, including numerous refereed research papers and trade articles. He is coauthor of Building Secure Software, Network Security and Cryptography with OpenSSL and The Secure Programming Cookbook for C and C++.

Chapter 1: Buffer OverflowsChapter 2: Format String ProblemsChapter 3: SQL InjectionChapter 4: Command InjectionChapter 5: Failure to Handle ErrorsChapter 6: Cross-Site ScriptingChapter 7: Failing to Protect Network TrafficChapter 8: Use of “Magic” URLs and Hidden FormsChapter 9: Improper Use of SSLChapter 10: Use of Weak Password-Based SystemsChapter 11: Failing to Store Data SecurelyChapter 12: Hard Coding SecretsChapter 13: Improper File AccessChapter 14: Integer Range ErrorsChapter 15: Trusting Network Address InformationChapter 16: Signal Race ConditionsChapter 17: Unauthenticated Key ExchangeChapter 18: Failing to Use Cryptographically Strong Random NumbersChapter 19: Poor Usability

Erscheint lt. Verlag 16.9.2005
Zusatzinfo 50 Illustrations, unspecified
Sprache englisch
Maße 188 x 236 mm
Gewicht 520 g
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Informatik Theorie / Studium Kryptologie
ISBN-10 0-07-226085-8 / 0072260858
ISBN-13 978-0-07-226085-4 / 9780072260854
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich
Das Lehrbuch für Konzepte, Prinzipien, Mechanismen, Architekturen und …

von Norbert Pohlmann

Buch | Softcover (2022)
Springer Vieweg (Verlag)
CHF 48,95
Management der Informationssicherheit und Vorbereitung auf die …

von Michael Brenner; Nils gentschen Felde; Wolfgang Hommel

Buch (2024)
Carl Hanser (Verlag)
CHF 97,95

von Chaos Computer Club

Buch | Softcover (2024)
KATAPULT Verlag
CHF 39,20