Developer's Guide to Web Application Security
Over 75% of network attacks are targeted at the web application layer. This book provides explicit hacks, tutorials, penetration tests, and step-by-step demonstrations for security professionals and Web application developers to defend their most vulnerable applications.

This book defines Web application security, why it should be addressed earlier in the lifecycle in development and quality assurance, and how it differs from other types of Internet security. Additionally, the book examines the procedures and technologies that are essential to developing, penetration testing and releasing a secure Web application. Through a review of recent Web application breaches, the book will expose the prolific methods hackers use to execute Web attacks using common vulnerabilities such as SQL Injection, Cross-Site Scripting and Buffer Overflows in the application layer. By taking an in-depth look at the techniques hackers use to exploit Web applications, readers will be better equipped to protect confidential.
1100665568
Developer's Guide to Web Application Security
Over 75% of network attacks are targeted at the web application layer. This book provides explicit hacks, tutorials, penetration tests, and step-by-step demonstrations for security professionals and Web application developers to defend their most vulnerable applications.

This book defines Web application security, why it should be addressed earlier in the lifecycle in development and quality assurance, and how it differs from other types of Internet security. Additionally, the book examines the procedures and technologies that are essential to developing, penetration testing and releasing a secure Web application. Through a review of recent Web application breaches, the book will expose the prolific methods hackers use to execute Web attacks using common vulnerabilities such as SQL Injection, Cross-Site Scripting and Buffer Overflows in the application layer. By taking an in-depth look at the techniques hackers use to exploit Web applications, readers will be better equipped to protect confidential.
54.95 In Stock
Developer's Guide to Web Application Security

Developer's Guide to Web Application Security

by Michael Cross MD
Developer's Guide to Web Application Security

Developer's Guide to Web Application Security

by Michael Cross MD

Overview

Over 75% of network attacks are targeted at the web application layer. This book provides explicit hacks, tutorials, penetration tests, and step-by-step demonstrations for security professionals and Web application developers to defend their most vulnerable applications.

This book defines Web application security, why it should be addressed earlier in the lifecycle in development and quality assurance, and how it differs from other types of Internet security. Additionally, the book examines the procedures and technologies that are essential to developing, penetration testing and releasing a secure Web application. Through a review of recent Web application breaches, the book will expose the prolific methods hackers use to execute Web attacks using common vulnerabilities such as SQL Injection, Cross-Site Scripting and Buffer Overflows in the application layer. By taking an in-depth look at the techniques hackers use to exploit Web applications, readers will be better equipped to protect confidential.

Product Details

ISBN-13: 9781597490610
Publisher: Elsevier Science
Publication date: 02/01/2007
Pages: 500
Product dimensions: 7.00(w) x 9.00(h) x (d)

About the Author

Michael Cross is a SharePoint Administrator and Developer, and has worked in the areas of software development, Web design, hardware installation/repairs, database administration, graphic design, and network administration. Working for law enforcement, he is part of an Information Technology team that provides support to over 1,000 civilian and uniformed users. His theory is that when the users carry guns, you tend to be more motivated in solving their problems.

Michael has a diverse background in technology. He was the first computer forensic analyst for a local police service, and performed digital forensic examinations on computers involved in criminal investigations. Over five years, he recovered and examined evidence involved in a wide range of crimes, inclusive to homicides, fraud, and possession of child pornography. In addition to this, he successfully tracked numerous individuals electronically, as in cases involving threatening e-mail. He has consulted and assisted in numerous cases dealing with computer-related/Internet crimes and served as an expert witness on computers for criminal trials. In 2007, he was awarded a Police Commendation for work he did in developing a system to track local high-risk offenders and sexual offenders.

With extensive experience in Web design and Internet-related technologies, Michael has created and maintained numerous Web sites and implementations of Microsoft SharePoint. This has included public Web sites, private ones on corporate intranets, and solutions that integrate them. In doing so, he has incorporated and promoted social networking features, created software to publish press releases online, and developed a wide variety of solutions that make it easier to get work done.

Michael has been a freelance writer and technical editor on over four dozen I.T. related books, as well as writing material for other genres. He previously taught as an instructor and has written courseware for IT training courses. He has also made presentations on Internet safety, SharePoint and other topics related to computers and the Internet. Despite his experience as a speaker, he still finds his wife won't listen to him.

Over the years, Michael has acquired a number of certifications from Microsoft, Novell and Comptia, including MCSE, MCP+I, CNA, Network+. When he isn’t writing or otherwise attached to a computer, he spends as much time as possible with the joys of his life: his lovely wife, Jennifer; darling daughter Sara; adorable daughter Emily; and charming son Jason.

For the latest information on him, his projects, and a variety of other topics, you can follow him on Twitter @mybinarydreams, visit his Facebook page at www.facebook.com/mybinarydreams, follow him on LinkedIn at www.linkedin.com/in/mcross1, or read his blog at http://mybinarydreams.wordpress.com.

Table of Contents

1: Hacking Methodology
2: How to Avoid Becoming a Code Grinder
3: Understanding the Risk Associated with Mobile Code
4: Vulnerable CGI Scripts
5: Hacking Techniques and Tools
6: Code Auditing and Reverse Engineering
7: Securing Your Java Code
8: Securing XML
9: Building Safe ActiveX Internet Controls
10: Securing ColdFusion
11: Developing Security-Enabled Applications
12: Cradle to Grave: Working with a Security Plan
From the B&N Reads Blog
Page 1 of

Related Subjects

Computers
Computer Programming
Networking & Telecommunications
Internet & World Wide Web
Software Engineering
Web Programming/Development
Network Programming
Security - Computer Networks
Web Servers
General Software Engineering
Web Application Development
Web applications->Development
Computers
Computer Programming
Networking & Telecommunications
Internet & World Wide Web
Software Engineering
Web Programming/Development
Network Programming
Security - Computer Networks
Web Servers
General Software Engineering
Web Application Development
Web applications->Development

Customer Reviews