"What makes this book so important is that it reflects the
experiences of two of the industry's most experienced hands at
getting real-world engineers to understand just what they're being
asked for when they're asked to write secure code. The book
reflects Michael Howard's and David LeBlanc's experience in the
trenches working with developers years after code was long since
shipped, informing them of problems." --From the Foreword by Dan
Kaminsky, Director of Penetration Testing, IOActive
Eradicate the Most Notorious Insecure Designs and Coding
Vulnerabilities
Fully updated to cover the latest security issues, 24 Deadly
Sins of Software Security reveals the most common design and coding
errors and explains how to fix each one-or better yet, avoid them
from the start. Michael Howard and David LeBlanc, who teach
Microsoft employees and the world how to secure code, have
partnered again with John Viega, who uncovered the original 19
deadly programming sins. They have completely revised the book to
address the most recent vulnerabilities and have added five
brand-new sins. This practical guide covers all platforms,
languages, and types of applications. Eliminate these security
flaws from your code: SQL injection Web server- and client-related
vulnerabilitiesUse of magic URLs, predictable cookies, and hidden
form fieldsBuffer overrunsFormat string problemsInteger
overflowsC++ catastrophesInsecure exception handlingCommand
injectionFailure to handle errorsInformation leakageRace
conditionsPoor usabilityNot updating easilyExecuting code with too
much privilegeFailure to protect stored dataInsecure mobile codeUse
of weak password-based systemsWeak random numbersUsing cryptography
incorrectlyFailing to protect network trafficImproper use of
PKITrusting network name resolution
General
Is the information for this product incomplete, wrong or inappropriate?
Let us know about it.
Does this product have an incorrect or missing image?
Send us a new image.
Is this product missing categories?
Add more categories.
Review This Product
No reviews yet - be the first to create one!