19 Deadly Sins of Software Security
Writers: Michael Howard, David LeBlanc, John Viega
Published: 26 July 2005"Ninety-five percent of software bugs are caused by the same 19 programming flaws." Amit Yoran, Former Director of The Department of Homeland Security's National Cyber Security Division.
Secure your software by eliminating code vulnerabilities from the start. This essential book for all software developers--regardless of platform, language, and type of application--outlines the 19 sins of software security and shows how to fix each one. Best-selling authors Michael Howard and David LeBlanc, who teach Microsoft employees how to write secure code, have partnered with John Viega, the man who uncovered the 19 deadly programming sins to write this hands-on guide. Detailed code examples throughout show the code defects as well as the fixes and defenses. If you write code, you need this book. Eliminate these security flaws from your code:
- Buffer overruns
- Format string problems
- Integer overflows
- SQL injection
- Command injection
- Failure to handle errors
- Cross-site scripting
- Failure to protect network traffic
- Use of magic URLs and hidden forms
- Improper use of SSL
- Use of weak password-based systems
- Failure to store and protect data securely
- Information leakage
- Trusting network address resolution
- Improper file access
- Race conditions
- Unauthenticated key exchange
- Failure to use cryptographically strong random numbers
- Poor usability
Pages: 304
ISBN: 0072260858
ISBN-13: 978-0072260854
Buy at bookdepository.com free delivery worldwide.