Special Offers

Writing Secure Code
Author Michael Howard and David LeBlanc
Pages 512
Disk 1 Companion CD(s)
Level Intermediate
Published 11/13/2001
ISBN 9780735615885
ISBN-10 0-7356-1588-8
Price(USD) $39.99
To see this book's discounted price, select a reseller below.

More Information

About the Book
Table of Contents
Sample Chapter
Related Series
Related Books
About the Author

Support: Book & CD

Rate this book
Barnes Noble Amazon Quantum Books

About the Book

Practical strategies and proven techniques for building secure applications in a networked world

WRITING SECURE CODE reveals the battle-tested secrets of two veritable code warriors–directly from the trenches of large-scale commercial software development. It's all here–from design pointers to specific code snippets, DCOM to .NET, the Win32® API to Web programming security, and more. Don't even consider going live with a Win32 application on the Internet without reading this book." JOEL SCAMBRAY, coauthor of HACKING EXPOSED and HACKING EXPOSED WINDOWS 2000 "Secure software has long been considered an oxymoron, since most developers try to sprinkle security on top of their software products rather than baking it in. This clue-full cookbook is filled with from-the-trenches recipes featuring proven security concepts as key ingredients to make software products safer, more secure, and more reliable." JOHN PESCATORE, Vice President, Gartner, Inc. Hackers cost businesses countless dollars and cause developers endless worry every year as they attack networked applications, steal credit-card numbers, deface Web sites, hide back doors and worms, and slow network traffic to a crawl. Keep the bad guys at bay with the tips and techniques in this entertaining, eye-opening book. You'll learn how to padlock your applications throughout the entire development process–from designing secured applications, to writing robust code that can withstand repeated attacks, to testing applications for security flaws. Short, easily digested chapters reveal proven security principles, strategies, and coding techniques to give you the peace of mind that comes from knowing you've done everything you can to make your code not only fast, but hacker-proof. The authors–two battle-scarred veterans who have solved some of the toughest security problems in the industry–also give you sample code in numerous languages to demonstrate the specifics of developing security. If you build networked applications and you care about the security of your product, you need this book. • CONTEMPORARY SECURITY: Security issues that you should address in every development project • CODING TECHNIQUES FOR SECURITY: Public enemy #1–the buffer overrun, determining good access control, running with least privilege, cryptographic foibles, storing secrets, and canonical representation issues • NETWORK-BASED APPLICATION CONSIDERATIONS: Socket security; DCOM security, Microsoft® ActiveX® and RPC applications; protecting against denial of service attacks; and helping to protect the security of Web-based services • SPECIAL CONSIDERATIONS: Writing managed code for the Microsoft .NET Framework without compromising security, security testing, installing software without compromising security, and general good practices • APPENDIXES: Dangerous APIs, the Ten Immutable Laws of Security, the Ten Immutable Laws of Security Administration, and lame excuses!An eBook, sample code, and tools

Related Books

Enterprise Scrum
Getting Results from Software Development Teams
Software Estimation: Demystifying the Black Art

Customer Rating
Number of Ratings: 50

Average Rating: 4.4 stars

Rate this book

Top of Page

Last Updated: Friday, December 01, 2006