Programming Flaws and How to Fix Them
This essential book for all software developers--regardless of platform, language, or type of application--outlines the “19 deadly sins” of software security and shows how to fix each one. Best-selling authors Michael Howard and David LeBlanc, who teach Microsoft employees how to secure code, have partnered with John Viega, the man who uncovered the 19 deadly programming sins to write this much-needed book.
Coverage includes:
- Windows, UNIX, Linux, and Mac OS X
- C, C++, C#, Java, PHP, Perl, and Visual Basic
- Web, small client, and smart-client applications
User Review
I highly recommend this book to software developers and application support.
What you read in these pages go into more detail about each of those issues, but in a very concise, practical, no-nonsense fashion.
The book gives a great overview of software security issues yet at the same time provides granular examples and solutions that can be readily implemented.
About the Authors
Michael Howard is a senior security program manager in the security engineering group at Microsoft Corporation, and a co-author of the award-winning Writing Secure Code. He is a co-author of Basic Training in IEEE Security and Privacy Magazine and a co-author of the National Cyber Security Task Force “Processes to produce Secure Software” document for the Department of Homeland Security. As an author of the Security Development Life cycle, Michael spends most of his time is spent defining and enforcing security best practice and software development process improvements to deliver more secure software to normal humans.
David LeBlanc, Ph.D., is currently Chief Software Architect for Webroot Software. Prior to joining Webroot, he served as security architect for Microsoft's Office division, was a founding member of the Trustworthy Computing Initiative, and worked as a white-hat hacker in Microsoft's network security group. David is also co-author of Writing Secure Code and Assessing Network Security, as well as numerous articles. On good days, he'll be found riding the trails on his horse with his wife, Jennifer.
John Viega discovered the 19 deadly programming flaws that received such press and media attention, and this book is based on his discovery. He is the Founder and Chief Scientist of Secure Software (www.securesoftware.com), is a well-known security expert, and co-author of Building Secure Software (Addison-Wesley), Network Security with Open SSL (O'Reilly) an Adjunct Professor of Computer Science at Virginia Tech (Blacksburg, VA) and Senior Policy Researcher at the Cyberspace Policy Institute, and he serves on the Technical Advisory Board for the Open Web Applications Security Project. He also founded a Washington, D.C. area security interest group that conducts monthly lectures presented by leading experts in the field. John is responsible for numerous software security tools, and is the original author of Mailman, the GNU mailing list manager. He holds a B.A. and M.S. in Computer Science from the University of Virginia. He is the author or co-author of nearly 80 technical publications, including numerous referred research papers and trade articles. He is co-author of Building Secure Software, Network Security and Cryptography with Open SSL and The Secure Programming Cookbook for C and C++.
0 comments:
Post a Comment