Rating:
Author: Bryan Sullivan
ISBN : B006DVPWX0
New from $28.00
Format: PDF, EPUB
Direct download links available Free Web Application Security, A Beginner's Guide [Kindle Edition] from mediafire, rapishare, and mirror link Security Smarts for the Self-Guided IT Professional
Secure web application from today's most devious hackers. Web Application Security: A Beginner's Guide helps you stock your security toolkit, prevent common hacks, and defend quickly against malicious attacks.
This practical resource includes chapters on authentication, authorization, and session management, along with browser, database, and file security--all supported by true stories from industry. You'll also get best practices for vulnerability detection and secure development, as well as a chapter that covers essential security fundamentals. This book's templates, checklists, and examples are designed to help you get started right away.
Web Application Security: A Beginner's Guide features:
- Lingo--Common security terms defined so that you're in the know on the job
- IMHO--Frank and relevant opinions based on the authors' years of industry experience
- Budget Note--Tips for getting security technologies and processes into your organization's budget
- In Actual Practice--Exceptions to the rules of security explained in real-world contexts
- Your Plan--Customizable checklists you can use on the job now
- Into Action--Tips on how, why, and when to apply new skills and techniques at work
Bryan Sullivan is a senior security researcher at Adobe Systems, where he focuses on web and cloud security issues. He was previously a security program manager on the Microsoft Security Development Lifecycle team and a development manager at HP, where he helped to design HP's vulnerability scanning tools, Webinspect and Devinspect.
Vincent Liu, CISSP, is a managing partner at Stach & Liu. He previously led the Attack & Penetration and Reverse Engineering teams for Honeywell's Global Security group and was an analyst at the National Security Agency. Vincent is a coauthor of Hacking Exposed: Web Applications, Third Edition and Hacking Exposed Wireless, Second Edition.
Direct download links available for Free Web Application Security, A Beginner's Guide [Kindle Edition]
- File Size: 4913 KB
- Print Length: 352 pages
- Simultaneous Device Usage: Up to 4 simultaneous devices, per publisher limits
- Publisher: McGraw-Hill; 1 edition (November 3, 2011)
- Sold by: Amazon Digital Services, Inc.
- Language: English
- ASIN: B006DVPWX0
- Text-to-Speech: Enabled
X-Ray:
- Lending: Not Enabled
- Amazon Best Sellers Rank: #357,383 Paid in Kindle Store (See Top 100 Paid in Kindle Store)
Free Web Application Security, A Beginner's Guide
It's rather strange for me reviewing Web Application Security - A Beginner's Guide given that I've written a book on the same topic, but as I know one of the authors, Bryan Sullivan and McGraw Hill offered me a copy for review it seems rather churlish not to.
Bryan and Vincent Liu have produced a book which is technology agnostic, covering web security via principles rather than sample code. It is a complete beginner's book, suitable for a developer who has never thought about security before or for a manager to try to figure out just what the heck their developers are talking about and why they want to spend some extra development time locking something down.
As the book is principle based it's easy to read through, each chapter does contain a lot of information about the topic under discussion - for example the authorization chapter covers not just where to authorize but types of permissions, controls, client side attacks, exploits, session management and SSL. The book doesn't stay just on the server application, it reaches out to browser security, database security, file server security and how to build security into your processes and development cycle.
This isn't a book a developer can use to solve their problems, rather it's a book that should send them off to learn more about their specific languages or frameworks. The advice contained inside is practical though and provides checklists for readers to use to ensure they're thinking in the right way. You'll end up knowing what the problems are and how to solve them in theory, but to learn how to solve them in practice for your system is left as an exercise for the reader.