Programmer's Ultimate Security Deskref

Your Programming Security Encyclopedia

James C. Foster, Steven C. Foster - Collection 4 Free Booklets Your Solutions Membership

587 pages, parution le 03/12/2004

Ajouter à une liste

Indisponible

Résumé

Your Programming Security Encyclopedia

With the help of the Programmer's Ultimate Security DeskRef, you can be sure that the code you write is secure. It covers the most popular programming languages, including ASP, C, C++, C#, ColdFusion, Javascript, Jscript, Lisp, Perl, PHP, Python, VBA, and Vscript. Each function or method documented in this book is followed by a series of elements created to help you program responsibly by calling awareness to each function's purpose, risk, origin, resources, and more. Each function is organized in the following way:

Prototype This is where you will find the function's prototype or the method's proper implementation usage.
Summary Describes the function or method and its intended use.
Description Contains a detailed explanation of how the function should be used and when it should not be used. It also has explanations for any parameters the function or method may accept as input, in addition to providing detail on returned values.
Risk Informs the readers of the particular security threat posed when implementing the function or method. It recommends more secure alternatives, secure usage, bolt-on alternatives, and other types of clear developer-focused solutions.
Note Any additional comments that pertain to the function.
Additional Resources These resources are included for additional information on the programmatic particulars of the language, function, or method. All resources consist of web links to educational websites, Microsoft, or other commercial powerhouses.
Impact The impact will be High, Medium or Low, signifying a potential high-level result that a poorly implemented function or method may have on the application.
Cross Reference Cross references are similar functions and methods that are available for use in the language. For example, the C language printf may have cross references of sprintf and snprintf.

Your Solutions Membership Gives You Access to:

Comprehensive FAQ page that consolidates all of the key points of this hook into an easy to search web page
"From the Author" Forum where the authors post timely updates and links to related sites
The complete code listings from the book
These Downloadable e-booklets:

Stealing the Network: How to Own a Continent: Product of fate: The Evolution of a Hacker

Hacking the Code: ASPMT Web Application Security: Managing Sessions

IJ Ethics Handbook: Right and Wrong for IT Professionals: Ethics for Programmers and Analysts

Richard Thieme's Islands in the Clikstream: Reflections on Life in a Virtual World: Hacking and the Passion for Knowledge

L'auteur - James C. Foster

James C. Foster, Fellow is the Deputy Director of Global Security Solution Development for Computer Sciences Corporation where he is responsible for the vision and development of physical, personnel, and data security solutions. Prior to CSC, Foster was the Director of Research and Development for Foundstone Inc. (acquired by McAfee) and was responsible for all aspects of product, consulting, and corporate R&D initiatives. Prior to joining Foundstone, Foster was an Executive Advisor and Research Scientist with Guardent Inc. (acquired by Verisign) and an adjunct author at Information Security Magazine (acquired byTechTarget), subsequent to working as Security Research Specialist for the Department of Defense. With his core competencies residing in high-tech remote management, international expansion, application security, protocol analysis, and search algorithm technology, Foster has conducted numerous code reviews for commercial OS components, Win32 application assessments, and reviews on commercial-grade cryptography implementations.

Foster is a seasoned speaker and has presented throughout North America at conferences, technology forums, security summits, and research symposiums with highlights at the Microsoft Security Summit, Black Hat USA, Black Hat Windows, MIT Wireless Research Forum, SANS, MilCon, TechGov, InfoSec World 2001, and the Thomson Security Conference. He also is commonly asked to comment on pertinent security issues and has been sited in USAToday, Information Security Magazine, Baseline, Computer World, Secure Computing, and the MIT Technologist. Foster holds an A.S., B.S., MBA and numerous technology and management certifications and has attended or conducted research at the Yale School of Business, Harvard University, the University of Maryland, and is currently a Fellow at University of Pennsylvania's Wharton School of Business.

Foster is also a well published author with multiple commercial and educational papers; and has authored, contributed, or edited for major publications to include Snort 2.1 Intrusion Detection (Syngress Publishing, ISBN: 1-931836-04-3), Hacking Exposed, Fourth Edition, Anti-Hacker Toolkit, Second Edition, Advanced Intrusion Detection, Hacking the Code: ASP NET Web Application Security (Syngress, ISBN: 1-932266-65-8), Anti-Spam Toolkit, and the forthcoming Google Hacking for Penetration Techniques (Syngress, ISBN: 1-931836-36-1) .

L'auteur - Steven C. Foster

Steven C. Foster is a graduate student pursuing his Ph.D. in mathematics at the University of North Carolina, Chapel Hill. There, he is studying applied mathematics, most notably computational and geophysical fluid dynamics. He is currently being supported under a grant from the Office of Naval Research, administered by Dr. Christopher K. R. T. Jones in addition to a fellowship from the Statistical and Mathematical Sciences Institute. Steven earned his bachelor of science degree at the University of Maryland, Baltimore County under Dr. Matthias K. Gobbert. He has worked as a computer security consultant at Computer Sciences Corporation, including the development of the Hydra Expert Assessment Technology (HEAT), and as a research mathematician at Northrop Grumman, specializing in the optimization of radar design and signal processing. Steven has also provided his mathematical expertise to Foundstone on their Foundstone Enterprise product and has significant programming experience in C/C++, Perl, Python, HTML, Fortran, and Matlab. Upon finishing his degree at UNC, Steven will pursue a career in computational mathematics and a professional degree in finance.

Sommaire

Foreword
Programmer's Ultimate Security DeskRef: ASP
Programmer's Ultimate Security DeskRef: C
Programmer's Ultimate Security DeskRef: C++
Programmer's Ultimate Security DeskRef: C#
Programmer's Ultimate s||||rity DeskRef: ColdFusion
Programmer's Ultimate Security DeskRef: JavaScript
Programmer's Ultimate Security DeskRef: JScript
Programmer's Ultimate S|curity DeskRef: LISP
Programmer's Ultimate Security DeskRef: Perl
Programmer's Ultimate Spurity DeskRef; PHP
Programmer's Ultimate Security DeskRef; Python
Programmer's Ultimate Sicunty DeskRef: VBA
Programmer's Ultimate Security DeskRef: VBScript

Voir tout

Replier

Caractéristiques techniques

	PAPIER
Éditeur(s)	Syngress
Auteur(s)	James C. Foster, Steven C. Foster
Collection	4 Free Booklets Your Solutions Membership
Parution	03/12/2004
Nb. de pages	587
Format	20 x 23,5
Couverture	Broché
Poids	1108g
Intérieur	Noir et Blanc
EAN13	9781932266726
ISBN13	978-1-932266-72-6