Rating:
(3 reviews)
Author: Gary McGraw
ISBN : 0321418700
New from $64.99
Format: PDF, EPUB
Download electronic versions of selected books Free Software Security Library Boxed Set, First Edition from with Mediafire Link Download Link
What is it about software that makes security such a problem? If you want to build secure software, how do you do it? These questions and the perseverance of three of the world's leading security experts, Gary McGraw, John Viega, and Greg Hoglund, led to the three books contained in this package.
Building Secure Software: How to Avoid Security Problems the Right Way, the white hat book, seems to have touched off a revolution. Security people who once relied solely on firewalls, intrusion detection, and anti-virus mechanisms came to understand and embrace the necessity of better software. This book provides a coherent and sensible philosophical foundation for the blossoming field of software security.
Exploiting Software: How to Break Code, the black hat book, provides a much needed balance, teaching how to break software and how malicious hackers write exploits. This book is meant as a reality check for software security, ensuring that the good guys address real attacks and invent and peddle solutions that actually work. Exploiting Software and Building Secure Software are in some senses mirror images.
Software Security: Building Security In unifies the two sides of software security--attack and defense, exploiting and designing, breaking and building--into a coherent whole. Like the yin and the yang, software security requires a careful balance.
Books with free ebook downloads available Free Software Security Library Boxed Set, First Edition [Paperback]
- Paperback: 1392 pages
- Publisher: Addison-Wesley Professional (February 20, 2006)
- Language: English
- ISBN-10: 0321418700
- ISBN-13: 978-0321418708
- Product Dimensions: 3.5 x 6.9 x 9.3 inches
- Shipping Weight: 6.3 pounds (View shipping rates and policies)
Free Software Security Library Boxed Set, First Edition
There is some redundancy in the content of these three books, but I prefer to think of it as reinforcement. Each of the book focuses on a different aspect of the software security issue. From the full software development lifecycle to code creation to test, this set covers it all. I particularly enjoyed the "Exploiting Software" book as it provided an interesting insight into the other side of the development process - that of breaking the systems that have been developed. The box set is a great deal on Amazon since the price is about 30% less than buying the books individually so you basically buy 2 and get 1 free. And since all three are useful this is actually a good deal. I'm currently using the information from "Software Security: Building Security In" to drive a process improvement initiative within my company to improve secure development practices. The only reason this collection of books didn't get five stars is that there are times when the information is a bit vague with no indication of how to implement the "what" that is so well covered.
If you're just getting into software security, I highly recommend buying the box set. You'll learn more about software security just by reading the forewords of these three books than most people have ever learned. And it just gets better from there.
The "Software Security: Build Security In" book has a strong emphasis on the overall software development process, but manages to provide an approach to introducing software security that is process agnostic. This book is moderately useful to an individual programmer, but a wealth of information for someone initiating (or trying to initiate) changes into existing processes or working to develop a software development process.