19 Deadly Sins of Software Security

19 Deadly Sins of Software Security
by Michael Howard (Author), David LeBlanc (Author), John Viega (Author)

• Paperback: 304 pages
• Publisher: McGraw-Hill Osborne Media; 1 edition (July 26, 2005)
• Language: English
• ISBN-10: 0072260858
• ISBN-13: 978-0072260854

Product Description

This essential book for all software developers–regardless of platform, language, or type of application–outlines the “19 deadly sins” of software security and shows how to fix each one. Best-selling authors Michael Howard and David LeBlanc, who teach Microsoft employees how to secure code, have partnered with John Viega, the man who uncovered the 19 deadly programming sins to write this much-needed book. Coverage includes:

• Windows, UNIX, Linux, and Mac OS X
• C, C++, C#, Java, PHP, Perl, and Visual Basic
• Web, small client, and smart-client applications

From the Back Cover

“Ninety-five percent of software bugs are caused by the same 19 programming flaws.” —Amit Yoran, Former Director of The Department of Homeland Security’s National Cyber Security Division

Secure your software by eliminating code vulnerabilities from the start. This essential book for all software developers–regardless of platform, language, and type of application–outlines the 19 sins of software security and shows how to fix each one. Best-selling authors Michael Howard and David LeBlanc, who teach Microsoft employees how to write secure code, have partnered with John Viega, the man who uncovered the 19 deadly programming sins to write this hands-on guide. Detailed code examples throughout show the code defects as well as the fixes and defenses. If you write code, you need this book. Eliminate these security flaws from your code:

• Buffer overruns
• Format string problems
• Integer overflows
• SQL injection
• Command injection
• Failure to handle errors
• Cross-site scripting
• Failure to protect network traffic
• Use of magic URLs and hidden forms
• Improper use of SSL
• Use of weak password-based systems
• Failure to store and protect data securely
• Information leakage
• Trusting network address resolution
• Improper file access
• Race conditions
• Unauthenticated key exchange
• Failure to use cryptographically strong random numbers
• Poor usability

Michael Howard, CISSP, is an architect of the security process changes at Microsoft and a co-author of Processes to Produce Secure Software published by the Department of Homeland Security’s National Cyber Security Division. He is a Senior Security Program Manager in the Security Engineering Group at Microsoft Corporation and co-author of Writing Secure Code (Microsoft Press). David LeBlanc, Ph.D., is Chief Software Architect for Webroot Software, and was formerly Security Architect in the Office group at Microsoft. He is co-author of Writing Secure Code. John Viega is the CTO of Secure Software. He first

Popularity: 29% [?]

Note: We do not host these ebook files. If you have any complaint of copyright, please comment or contact us. We'll remove the download link immediatly!

• McGraw-Hill Construction Regional Publications
• Pharmaceutical Executive
• Diesel Progress International Edition

We are pleased to offer you this exciting, new, and entirely free professional resource. Visit our Free Industry resource center today to browse our selection of 600+ complimentary Industry magazines, white papers, webinars, podcasts, and more.
Download Links:
Link1 , Link2
Depositfiles
Tools to Download Faster
TweetBucks, Linkbee

Related eBooks - Up | Down