Internet & World Wide Web - General & Miscellaneous, Security - Computer Networks, Computer Security, Programming - General & Miscellaneous, General Software Engineering

Building Secure Software: How to Avoid Security Problems the Right Way (paperback)

Name: Building Secure Software: How to Avoid Security Problems the Right Way (paperback)
Author: John Viega
ISBN: 9780321774958

by John Viega, Gary McGraw

Available on Bookshop Write a review

Books.org participates in affiliate programs including Bookshop.org and the Amazon Services LLC Associates Program. We may earn a commission from qualifying purchases made through links on this page, at no additional cost to you.

Overview

Most organizations have a firewall, anti-virus software, and intrusion detection systems, all intended to keep attackers out. So why is it that computer security is a bigger problem than ever before? The answer is simple--bad software lies at the heart of all computer security problems. Point solutions based on watching the network simply treat symptoms of the problem, and usually in a reactive way. If you are serious about computer security, you need to read this book.

This book includes many essential lessons intended for both security professionals, who have come to realize that software is the problem, and software developers, who intend to make their code behave.

Welcome to Building Secure Software, the book that cuts to the heart of computer security to help you get security right the first time. Make your software behave the way you want it to, and do security the right way.

Building Secure Software provides the expertise and techniques to help you ensure the security of essential software. By considering threats and vulnerabilities early in the development cycle, security that actually works can be built into your system. You'll learn how to determine an acceptable level of risk, develop security tests, and plug security holes before software is even shipped. Written for anyone involved in software development and use, from managers to coders, this book is your first step to building more secure software.

Inside you'll find the ten guiding principles for software security, as well as detailed coverage of:

Software risk management for security
Selecting technologies to make your code more secure
Security implications of open source and proprietary software
How to audit software
The dreaded buffer overflow
Access control and password authentication
Random number generation
Applying cryptography
Trust management and input
Client-Side security
Dealing with firewalls

Only by building secure software can you defend yourself against security breaches and gain the confidence that comes with knowing you won't have to play the "penetrate and patch" game anymore. Wouldn't you rather design things properly and thoroughly test your system than have your problems announced to the world on the front page? Let these expert authors help save you time, money, credibility, and your customer's trust.

About the Author, John Viega

John Viega, a leading security expert at Cigital/Reliable Software Technologies, has created many security tools, and is an active member of the Software Security Group. Gary McGraw, Vice President, Corporate Technology at Cigital, is a noted authority on mobile code and Java security. He chairs the National Infosec Research Council's Malicious Code Group, and is a consultant for VISA and the U.S. Federal Reserve.