- Customers who viewed this item also viewed
- Building Secure Software: How to Avoid Security Problems the Right Way
- Building Secure Software: How to Avoid Security Problems the Right Way - Help Net Security
You have successfully signed out and will be required to sign back in should you need to download more resources. John Viega Gary R. If You're an Educator Preview this title online Additional order info.
Customers who viewed this item also viewed
Overview Contents Order Authors Overview. Description Building Secure Software cuts to the heart of computer security to help students get security right the first time. Series This product is part of the following series.
Addison-Wesley Professional Computing Series. Table of Contents Foreword. About the Author s. Sign In We're sorry! A Dose of Reality.
- Caterpillar Safari.
- Revolution From the Inside Out.
- Viega & McGraw, Building Secure Software: How to Avoid Security Problems the Right Way | Pearson.
- If You're a Student.
Getting People to Think about Security. Software Risk Management in Practice. When Development Goes Astray. When Security Analysis Goes Astray. Choosing a Distributed Object Platform. Choosing an Operating System.
Defense in Depth and Authentication. On Open Source and Closed Source. Security for Shrink-Wrapped Software. Security by Obscurity Is No Panacea.
- Building Secure Software.
- Frequently bought together.
Why Vulnerability Detection Is Hard. On Publishing Cryptographic Algorithms. Two More Open-Source Fallacies. Another Security Lesson from Buffer Overflows. Guiding Principles for Software Security. Secure the Weakest Link. Practice Defense in Depth. Follow the Principle of Least Privilege. Be Reluctant to Trust.
Use Your Community Resources. Source-level Security Auditing Tools. The Effectiveness of Security Scanning of Software. What Is a Buffer Overflow? Defending against Buffer Overflow. Tools That Can Help. Smashing Heaps and Stacks.
To Infinity and Beyond! Access Control in Windows NT. What Is a Race Condition? How to Cheat in On-line Gambling. Entropy Gathering and Estimation. Practical Sources of Randomness. Random Numbers for Windows. Random Numbers for Linux. Random Numbers in Java. Developers Are Not Cryptographers.
More Uses for Cryptographic Hashes. Trust Management and Input Validation. A Few Words on Trust. Examples of Misplaced Trust. Protection from Hostile Callers. Invoking Other Programs Safely. Problems from the Web.
Building Secure Software: How to Avoid Security Problems the Right Way
Automatically Detecting Input Problems. Adding Users to a Password Database. Using Views for Access Control. Security against Statistical Attacks. Thwarting the Casual Pirate. Other Copy Protection Schemes. The Ultimate Goals of Cryptography. Types of Symmetric Algorithms. Security of Symmetric Algorithms. Other Attacks on Cryptographic Hashes.
What's a Good Hash Algorithm to Use? Preface "A book is a machine to think with. Organization This book is divided into two parts. Code Examples Although we cover material that is largely language independent, most of our examples are written in C, mainly because it is so widely used, but also because it is harder to get things right in C than in other languages.
All of the code in this book is available at http: Contacting Us We welcome electronic mail from anyone with comments, bug fixes, or other suggestions. Please contact us through http: Updates Errata Click below for Errata related to this title.
Building Secure Software: How to Avoid Security Problems the Right Way - Help Net Security
If you consider threats and vulnerabilities early in the devel-opment cycle you can build security into your system. With this book you will learn how to determine an acceptable level of risk, develop security tests, and plug security holes before software is even shipped. Inside you'll find the ten guiding principles for software security, as well as detailed coverage of:. Only by building secure software can you defend yourself against security breaches and gain the confidence that comes with knowing you won't have to play the "penetrate and patch" game anymore.
Get it right the first time. Let these expert authors show you how to properly design your system; save time, money, and credibility; and preserve your customers' trust. He is also the original author of Mailman, the GNU mailing list manager.