Security for Software Engineers is designed to introduce security concepts to undergraduate software engineering students. The book is divided into four units, each targeting activities that a software engineer will likely be involved in within industry.

The book explores the key areas of attack vectors, code hardening, privacy, and social engineering. Each topic is explored from a theoretical and a practical-application standpoint.

Features:

Targets software engineering students - one of the only security texts to target this audience.

Focuses on the white-hat side of the security equation rather than the black-hat side.

Includes many practical and real-world examples that easily translate into the workplace.

Covers a one-semester undergraduate course.

Describes all aspects of computer security as it pertains to the job of a software engineer and presents problems similar to that which an engineer will encounter in the industry.

This text will equip students to make knowledgeable security decisions, be productive members of a security review team, and write code that protects a user’s information assets.

Table of Contents

Introduction to Security 0: Security for Software Engineers 1: Roles Unit 1: Attack Vectors 2: Classification of Attacks 3: Software Weapons 4: Social Engineering Unit 2: Code Hardening 5: Command Injection 6: Script Injection 7: Memory Injection 8: Threat Modeling 9: Mitigation Unit 3: Privacy 10: Authentication 11: Access Control 12: Encryption Appendices A: Arrays B: Function Pointers C: V-Tables D: Integers E: The Callstack F: The Heap G: Further Reading H: Works Cited I: Glossary J: Index

Security for Software Engineers is designed to introduce security concepts to undergraduate software engineering students. The book is divided into four units, each targeting activities that a software engineer will likely be involved in within industry. The book explores the key areas of attack vectors, code hardening, privacy, and social engineering. Each topic is explored from a theoretical and a practical-application standpoint. Features: Targets software engineering students - one of the only security texts to target this audience. Focuses on the white-hat side of the security equation rather than the black-hat side. Includes many practical and real-world examples that easily translate into the workplace. Covers a one-semester undergraduate course. Describes all aspects of computer security as it pertains to the job of a software engineer and presents problems similar to that which an engineer will encounter in the industry. This text will equip students to make knowledgeable security decisions, be productive members of a security review team, and write code that protects a user's information assets.