Building Secure Software: How to Avoid Security Problems the Right Way

Description
In Building Secure Software, two of the field's leading experts present a start-to-finish methodology for developing secure systems.

Program

In the age of e-Business, information security is no longer a minor detail: it's at the heart of every business process and relationship. And software - not firewalls, intrusion detection systems, or anything else - is at the heart of most security problems.


In Building Secure Software, two of the field's leading experts present a start-to-finish methodology for developing secure systems . They cover the entire software lifecycle, showing how to identify and respond to vulnerabilities as early in the process as possible, when security enhancements cost less - and are more effective.


In Part I, the authors focus on the security issues developers should face before writing any code, demonstrating how to integrate security into your entire software engineering practice. Part II focuses on implementation, showing developers how to avoid a wide range of common security problems.


The authors show how to determine acceptable levels of risk, develop effective security testing processes, and understand in advance how applications would behave in response to an attack. The book contains extensive C-based source code examples.
Inside you'll find the ten guiding principles for software security, as well as detailed coverage of:

• Software risk management for security
• Selecting technologies to make your code more secure
• Security implications of open source and proprietary software
• How to audit software
• The dreaded buffer overflow
• Access control and password authentication
• Random number generation
• Applying cryptography
• Trust management and input
• Client-side security
• Dealing with firewalls

Only by building secure software can you defend yourself against security breaches and gain the confidence that comes with knowing you won't have to play the "penetrate and patch" game anymore. Get it right the first time. Let the expert authors of this book show you how to properly design system; save time, money, and credibility; and preserve your customers' trust.

Reviews of the Book:
'This book is useful, practical, understandable, and comprehensive. The fact that you have this book in your hands is a step in the right direction. Read it, learn from it. And then put its lessons into practice.'
- Bruce Schneier, CTO, Counterpane, and author of Secrets and Lies


'A must-read for anyone writing software for the Internet.'
-Jeremy Epstein, Director, Product Security and Performance, webMethods


'This book tackles complex application security problems like buffer overflows, race conditions, and applied cryptography in a manner that is straightforward and easy to understand. This is a must for any application developer or security professional.'
-Paul Raines, Global Head of Information Risk Management, Barclays Capital

Authors: John Viega, Gary McGraw
Publisher: Addison Wesley Professional
ISBN 10: 020172152X
ISBN 13: 9780201721522
Pages: 528
Format: Hard Cover
Published Date: Oct 2001
Availability: Ex Stock

Order this essential, straightforward and easy to understand guide to software/application security today!