- Tapa blanda: 352 páginas
- Editor: McGraw-Hill Education (1 de enero de 2012)
- Colección: Beginner's Guide
- Idioma: Inglés
- ISBN-10: 0071776168
- ISBN-13: 978-0071776165
- Valoración media de los clientes: Sé el primero en opinar sobre este producto
Clasificación en los más vendidos de Amazon:
nº483.735 en Libros en idiomas extranjeros (Ver el Top 100 en Libros en idiomas extranjeros)
- n.° 1384 en Libros en idiomas extranjeros > Informática, internet y medios digitales > Seguridad informática
- n.° 2941 en Libros en idiomas extranjeros > Informática, internet y medios digitales > Redes y administración de sistemas
- n.° 4059 en Libros en idiomas extranjeros > Informática, internet y medios digitales > Internet y web
- Ver el Índice completo
Compara Precios en Amazon
+ Envío GRATIS
Web Application Security, A Beginner's Guide (Inglés) Tapa blanda – 1 ene 2012
|Nuevo desde||Usado desde|
Descripción del producto
Reseña del editor
Security Smarts for the Self-Guided IT Professional
“Get to know the hackers―or plan on getting hacked. Sullivan and Liu have created a savvy, essentials-based approach to web app security packed with immediately applicable tools for any information security practitioner sharpening his or her tools or just starting out.” ―Ryan McGeehan, Security Manager, Facebook, Inc.
Secure web applications from today's most devious hackers. Web Application Security: A Beginner's Guide helps you stock your security toolkit, prevent common hacks, and defend quickly against malicious attacks.
This practical resource includes chapters on authentication, authorization, and session management, along with browser, database, and file security--all supported by true stories from industry. You'll also get best practices for vulnerability detection and secure development, as well as a chapter that covers essential security fundamentals. This book's templates, checklists, and examples are designed to help you get started right away.
Web Application Security: A Beginner's Guide features:
- Lingo--Common security terms defined so that you're in the know on the job
- IMHO--Frank and relevant opinions based on the authors' years of industry experience
- Budget Note--Tips for getting security technologies and processes into your organization's budget
- In Actual Practice--Exceptions to the rules of security explained in real-world contexts
- Your Plan--Customizable checklists you can use on the job now
- Into Action--Tips on how, why, and when to apply new skills and techniques at work
Biografía del autor
Bryan Sullivan is a senior security researcher at Adobe Systems, where he focuses on web and cloud security issues. He was previously a security program manager on the Microsoft Security Development Lifecycle team and a development manager at HP, where he helped to design HP's vulnerability scanning tools, Webinspect and Devinspect.
Vincent Liu, CISSP, is a managing partner at Stach & Liu. He previously led the Attack & Penetration and Reverse Engineering teams for Honeywell's Global Security group and was an analyst at the National Security Agency. Vincent is a coauthor of Hacking Exposed: Web Applications, Third Edition and Hacking Exposed Wireless, Second Edition.
No es necesario ningún dispositivo Kindle. Descárgate una de las apps de Kindle gratuitas para comenzar a leer libros Kindle en tu smartphone, tablet u ordenador.
Obtén la app gratuita:
Detalles del producto
Si eres el vendedor de este producto, ¿te gustaría sugerir ciertos cambios a través del servicio de atención al vendedor?
Opiniones de clientes
|5 estrellas (0%)|
|4 estrellas (0%)|
|3 estrellas (0%)|
|2 estrellas (0%)|
|1 estrella (0%)|
Opiniones de clientes más útiles en Amazon.com
I teach a basic security class for web application developers, and this is the book I used for the most recent iteration of the class. It was perfect for the class. Technology agnostic, a reasonable length, and easily accessible by people with web app development experience but not necessarily security experience. Unlike most security books, which are often a catalog of "bad things that can happen", Sullivan and Liu's book covers the topic from the direction of teaching fundamental security principles first, and applying those principles to topics such as authentication, authorization, browser security, and database security. It does very little to cover specific technologies. The developer will probably need to use other technology specific references, but reading this book first will give developers the background they need to apply security principles to their own technology.
The writing is excellent. The material is basic enough for the beginner in security, but in-depth enough that I learned quite a bit, even after several years of experience in app security. The authorization chapter, in particular, should be required reading. After reading that chapter, I finally understood concepts that I'd always struggled with.
I would give this book 4.5 stars, which rounded to 5. The missing 0.5 star is because this book, with all broad material, is sometimes not deep and not thorough enough, IMHO. When reading this book, I frequently had to look into Wikipedia to get clear understanding of the concepts. Some of the advice are good rules of thumb, but the author fails to explain why they are so good. I understand that one cannot cover everything in one book for beginners, but I would prefer if the author were more academical.
It is a good purchase for people without Web Application Security notions, but can be underwhelming for those with some security background, especially since it focuses mostly on the OWASP Top Ten (2013 if I recall correctly).