Practically every day, we read about a new type of attack on computer systems and networks. Viruses, worms, denials of service, and password sniffers are attacking all types of systems -- from banks to major e-commerce sites to seemingly impregnable government and military computers --at an alarming rate.Despite their myriad manifestations and different targets, nearly all attacks have one fundamental cause: the code used to run far too many systems today is not secure. Flaws in its design, implementation, testing, and operations allow attackers all-too-easy access.Secure Coding, by Mark G. Graff and Ken vanWyk, looks at the problem of bad code in a new way. Packed with advice based on the authors' decades of experience in the computer security field, this concise and highly readable book explains why so much code today is filled with vulnerabilities, and tells readers what they must do to avoid writing code that can be exploited by attackers. Writing secure code isn't easy, and there are no quick fixes to bad code. To build code that repels attack, readers need to be vigilant through each stage of the entire code lifecycle:
Le informazioni nella sezione "Riassunto" possono far riferimento a edizioni diverse di questo titolo.
Dedication; Preface; Objectives of This Book; Structure of This Book; What This Book Does Not Cover; Conventions Used in This Book; About the Examples; Comments and Questions; Acknowledgments; Chapter 1: No Straight Thing; 1.1 The Vulnerability Cycle; 1.2 What Is an Attack?; 1.3 Why Good People Write Bad Code; 1.4 A Call to Arms; 1.5 Summary; Chapter 2: Architecture; 2.1 What Is Security Architecture?; 2.2 Principles of Security Architecture; 2.3 Case Study: The Java Sandbox; 2.4 Summary; Chapter 3: Design; 3.1 Why Does Good Design Matter?; 3.2 Secure Design Steps; 3.3 Special Design Issues; 3.4 Bad Practices; 3.5 Case Studies; 3.6 Summary; Chapter 4: Implementation; 4.1 Good Practices; 4.2 Bad Practices; 4.3 Case Studies; 4.4 Summary; Chapter 5: Operations; 5.1 Security Is Everybody's Problem; 5.2 Good Practices; 5.3 Bad Practices; 5.4 Case Studies; 5.5 Summary; Chapter 6: Automation and Testing; 6.1 Why Test?; 6.2 Good General Practices; 6.3 Good Practices Through the Lifecycle; 6.4 Risk Assessment Methodologies; 6.5 Case Studies; 6.6 Summary; Appendix A: Resources; A.1 Books; A.2 Papers and Articles; A.3 Web Sites and Online Resources; A.4 A Final Note on Resources; Colophon;
Le informazioni nella sezione "Su questo libro" possono far riferimento a edizioni diverse di questo titolo.
Descrizione libro O'Reilly Media, 2003. Paperback. Condizione libro: New. Codice libro della libreria P110596002424
Descrizione libro O'Reilly Media, 2003. Paperback. Condizione libro: New. 1. Codice libro della libreria DADAX0596002424