Web Security Testing Cookbook: Systematic Techniques to Find Problems Fast Contributor(s): Hope, Paco (Author), Walther, Ben (Author) |
|
ISBN: 0596514832 ISBN-13: 9780596514839 Publisher: O'Reilly Media OUR PRICE: $35.99 Product Type: Paperback - Other Formats Published: November 2008 Annotation: This book arms web developers with recipes for testing the security of their applications -- using free tools that work on any web platform. Unlike most security books, which are aimed at security professionals, this Cookbook is for people at the root of the problem: the web developers. It offers scores of recipes for testing web applications, from relatively simple solutions to complex ones that combine several solutions. This practical book focuses on how to test web applications -- not what web security consists of or why developers should test. |
Additional Information |
BISAC Categories: - Computers | Security - Online Safety & Privacy - Computers | Security - General - Computers | Web - Browsers |
Dewey: 005.14 |
Physical Information: 0.9" H x 7" W x 9.1" (1.10 lbs) 312 pages |
Descriptions, Reviews, Etc. |
Publisher Description: Among the tests you perform on web applications, security testing is perhaps the most important, yet it's often the most neglected. The recipes in the Web Security Testing Cookbook demonstrate how developers and testers can check for the most common web security issues, while conducting unit tests, regression tests, or exploratory tests. Unlike ad hoc security assessments, these recipes are repeatable, concise, and systematic-perfect for integrating into your regular test suite.
Don't live in dread of the midnight phone call telling you that your site has been hacked. With Web Security Testing Cookbook and the free tools used in the book's examples, you can incorporate security coverage into your test suite, and sleep in peace. |
Contributor Bio(s): Hope: - Paco Hope is a Technical Manager at Cigital, Inc. and co-author of Mastering FreeBSD and OpenBSD Security (April 2005, O'Reilly, ISBN 0596006268). Mr. Hope has also published articles on Misuse and Abuse Cases and PKI. He has been invited to conferences to speak on topics such as software security re-quirements, web application security, and embedded system security. At Cigi-tal, he has served as a subject matter expert to MasterCard International for security policies and has assisted a Fortune 500 hospitality company in writ-ing software security policy. He also trains software developers and testers in the fundamentals of software security. In the gaming and mobile communica-tions industries he has advised several companies on software security. Mr. Hope majored in Computer Science and English at The College of William and Mary and received an M.S. in Computer Science from the University of Virginia.Hope, Paco: - Paco Hope is a Technical Manager at Cigital, Inc. and co-author of Mastering FreeBSD and OpenBSD Security (April 2005, O'Reilly, ISBN 0596006268). Mr. Hope has also published articles on Misuse and Abuse Cases and PKI. He has been invited to conferences to speak on topics such as software security re-quirements, web application security, and embedded system security. At Cigi-tal, he has served as a subject matter expert to MasterCard International for security policies and has assisted a Fortune 500 hospitality company in writ-ing software security policy. He also trains software developers and testers in the fundamentals of software security. In the gaming and mobile communica-tions industries he has advised several companies on software security. Mr. Hope majored in Computer Science and English at The College of William and Mary and received an M.S. in Computer Science from the University of Virginia. Walther, Ben: - "Ben Walther is a consultant at Cigital and contributor to the Edit Cookies tool. He has a hand in both normal Quality Assurance and Software Security. Day to day, he designs and executes tests - and so he understands the need for simple recipes, in the hectic QA world. Yet he has also given talks on web ap-plication testing tools to members of the Open Web Application Security Pro-ject (OWASP). Through Cigital, he tests systems ranging from financial data processing to slot machines. Mr. Walther has a B.S. in Information Science from Cornell University. " |