Hunting Security Bugs

Description
Learn how to think like an attacker-and identify potential security issues in your software. In this essential guide, security testing experts offer practical, hands-on guidance and code samples to help you find, classify, and assess security bugs before your software is released.

Program

Your essential reference to software security testing-from the experts.


Learn how to think like an attacker-and identify potential security issues in your software. In this essential guide, security testing experts offer practical, hands-on guidance and code samples to help you find, classify, and assess security bugs before your software is released.

Discover how to:

• Identify high-risk entry points and create test cases.
• Test clients and servers for malicious request/response bugs.
• Use black box and white box approaches to help reveal security vulnerabilities.
• Uncover spoofing issues, including identity and user interface spoofing.
• Detect bugs that can take advantage of your program's logic, such as SQL injection.
• Test for XML, SOAP, and Web services vulnerabilities.
• Recognize information disclosure and weak permissions issues.
• Identify where attackers can directly manipulate memory.
• Test with alternate data representations to uncover canonicalization issues.
• Expose COM and ActiveX repurposing attacks.

PLUS -Get code samples and debugging tools on the Web.

Authors: Tom Gallagher; Bryan Jeffries; Lawrence Landauer
Publisher: Microsoft Press
ISBN 10: 073562187X
ISBN 13: 9780735621879
Pages: 592
Format: Soft Cover
Published Date: 30/08/2006
Availability: Ex Stock