Hunting Security Bugs

Hunting Security Bugs

by TomGallagher (Author), Bryan Jeffries (Author), Lawrence Landauer (Author)

Synopsis

Learn how to think like an attacker-and identify potential security issues in your software. In this essential guide, security testing experts offer practical, hands-on guidance and code samples to help you find, classify, and assess security bugs before your software is released.

Discover how to:

  • Identify high-risk entry points and create test cases
  • Test clients and servers for malicious request/response bugs
  • Use black box and white box approaches to help reveal security vulnerabilities
  • Uncover spoofing issues, including identity and user interface spoofing
  • Detect bugs that can take advantage of your program's logic, such as SQL injection
  • Test for XML, SOAP, and Web services vulnerabilities
  • Recognize information disclosure and weak permissions issues
  • Identify where attackers can directly manipulate memory
  • Test with alternate data representations to uncover canonicalization issues
  • Expose COM and ActiveX repurposing attacks


PLUS-Get code samples and debugging tools on the Web

$25.94

Save:$23.59 (48%)

Quantity

1 in stock

More Information

Format: Paperback
Pages: 592
Edition: 1
Publisher: MICROSOFT PRESS
Published: 06 Sep 2006

ISBN 10: 073562187X
ISBN 13: 9780735621879

Author Bio

Bryan Jeffries is a software engineer responsible for driving security testing on Microsoft SharePoint Products and Technologies.