Book description
Most organizations have a firewall, antivirus software, and intrusion detection systems, all of which are intended to keep attackers out. So why is computer security a bigger problem today than ever before? The answer is simple--bad software lies at the heart of all computer security problems. Traditional solutions simply treat the symptoms, not the problem, and usually do so in a reactive way. This book teaches you how to take a proactive approach to computer security.
Building Secure Software cuts to the heart of computer security to help you get security right the first time. If you are serious about computer security, you need to read this book, which includes essential lessons for both security professionals who have come to realize that software is the problem, and software developers who intend to make their code behave. Written for anyone involved in software development and use—from managers to coders—this book is your first step toward building more secure software. Building Secure Software provides expert perspectives and techniques to help you ensure the security of essential software. If you consider threats and vulnerabilities early in the devel-opment cycle you can build security into your system. With this book you will learn how to determine an acceptable level of risk, develop security tests, and plug security holes before software is even shipped.
Inside you'll find the ten guiding principles for software security, as well as detailed coverage of:
Software risk management for security
Selecting technologies to make your code more secure
Security implications of open source and proprietary software
How to audit software
The dreaded buffer overflow
Access control and password authentication
Random number generation
Applying cryptography
Trust management and input
Client-side security
Dealing with firewalls
Only by building secure software can you defend yourself against security breaches and gain the confidence that comes with knowing you won't have to play the "penetrate and patch" game anymore. Get it right the first time. Let these expert authors show you how to properly design your system; save time, money, and credibility; and preserve your customers' trust.
Table of contents
- Title Page
- Copyright Page
- Contents
- Advance Praise for Building Secure Software
- Addison-Wesley Professional Computing Series
- Foreword
- Preface
- Acknowledgments
- 1. Introduction to Software Security
- 2. Managing Software Security Risk
- 3. Selecting Technologies
- 4. On Open Source and Closed Source
- 5. Guiding Principles for Software Security
- 6. Auditing Software
- 7. Buffer Overflows
- 8. Access Control
- 9. Race Conditions
- 10. Randomness and Determinism
- 11. Applying Cryptography
- 12. Trust Management and Input Validation
- 13. Password Authentication
- 14. Database Security
- 15. Client-side Security
- 16. Through the Firewall
- Appendix A. Cryptography Basics
- References
- Index
Product information
- Title: Building Secure Software: How to Avoid Security Problems the Right Way
- Author(s):
- Release date: September 2001
- Publisher(s): Addison-Wesley Professional
- ISBN: 9780672334092
You might also like
book
Programming .NET Security
With the spread of web-enabled desktop clients and web-server based applications, developers can no longer afford …
book
Securing DevOps
Securing DevOps explores how the techniques of DevOps and security should be applied together to make …
video
Secure Coding Rules for Java: Serialization
3+ Hours of Video Instruction Secure Coding Rules for Java: Serialization LiveLessons provides developers with practical …
article
From ChatGPT to HackGPT: Meeting the Cybersecurity Threat of Generative AI
Emerging generative AI technologies such as ChatGPT are putting new tools in the hands of hackers. …