Free The CERT C Secure Coding Standard

Rating:
Author: Robert C. Seacord
ISBN : B004Y4UTB8
New from $27.49
Format: PDF

Download books file now Free The CERT C Secure Coding Standard [Kindle Edition] for everyone book 4shared, mediafire, hotfile, and mirror link “I’m an enthusiastic supporter of the CERT Secure Coding Initiative. Programmers have lots of sources of advice on correctness, clarity, maintainability, performance, and even safety. Advice on how specific language features affect security has been missing. The CERT® C Secure
Coding Standard fills this need.”
—Randy Meyers, Chairman of ANSI C


“For years we have relied upon the CERT/CC to publish advisories documenting an endless stream of security problems. Now CERT has embodied the advice of leading technical experts to give programmers and managers the practical guidance needed to avoid those problems in new  applications and to help secure legacy systems. Well done!”
—Dr. Thomas Plum, founder of Plum Hall, Inc.

“Connectivity has sharply increased the need for secure, hacker-safe applications. By combining this CERT standard with other safety guidelines, customers gain all-round protection and approach the goal of zero-defect software.”
—Chris Tapp, Field Applications Engineer, LDRA Ltd.

“I’ve found this standard to be an indispensable collection of expert information on exactly how modern software systems fail in practice. It is the perfect place to start for establishing internal secure coding guidelines. You won’t find this information elsewhere, and, when it comes to software security, what you don’t know is often exactly what hurts you.”
—John McDonald, coauthor of The Art of Software Security Assessment


Software security has major implications for the operations and assets of organizations, as well as for the welfare of individuals. To create secure software, developers must know where the dangers lie. Secure programming in C can be more difficult than even many experienced  programmers believe.

This book is an essential desktop reference documenting the first official release of  The CERT® C Secure Coding Standard. The standard itemizes those coding errors that are the root causes of software vulnerabilities in C and prioritizes them by severity, likelihood of exploitation, and remediation costs. Each guideline provides examples of insecure code as well as secure, alternative implementations. If uniformly applied, these guidelines will eliminate the critical coding errors that lead to buffer overflows, format string vulnerabilities, integer  overflow, and other common software vulnerabilities.

Direct download links available for Free The CERT C Secure Coding Standard

• Product Details
• Table of Contents
• Reviews

• File Size: 5462 KB
• Print Length: 720 pages
• Simultaneous Device Usage: Up to 5 simultaneous devices, per publisher limits
• Publisher: Addison-Wesley Professional; 1 edition (October 14, 2008)
• Sold by: Amazon Digital Services, Inc.
  
• Language: English
• ASIN: B004Y4UTB8
• Text-to-Speech: Enabled
• X-Ray:
  Not Enabled
• Lending: Not Enabled
• Amazon Best Sellers Rank: #642,691 Paid in Kindle Store (See Top 100 Paid in Kindle Store)

Free The CERT C Secure Coding Standard

This book does a great job in taking on the herculean task of trying to produce proscriptive rules for secure C development. It's very thorough, covering the core language and usage of standard libraries, clearly showing what can go wrong.

Development teams can easily use this book to set secure programming guidelines. The book makes it easy for organizations to prioritize rules for their environment. I think development organizations should go to security analysis vendors and say, "Here are the rules we want, show me which ones you can enforce."

Because this book is a about the C language and standard library, it does not cover the use of other library APIs, such as those dealing with cryptography or the OpenSSL library. In these and other cases, this coding standard must be supplemented with API specific guidance.

By John Viega

This book focuses on development of reliable software with use of the C language. In spite the fact that many developers think that the C is an ?easy? language, creation of high quality industrial software requires extremely deep knowledges of the C standard. Moreover, understanding the language behavior in case when non-trivial code constructions were used, is not an easy task and developer should use special rules and recommendations aimed to secure coding in the C.

Goal of the book consists in the practical guidelines, which explain complex situations and undefined behaviors. I highly recommend the book to developers which create quality and robust software.

By Pavel

Download Link 1 - Download Link 2