Privacy Books - Page 12

Software Security: Building Security In (Addison-Wesley Software Security Series)

Gary McGraw

Amazon Price: $34.64 List Price: $54.99 Usually ships in 24 hours By: Addison-Wesley Professional Amazon Marketplace: 54 new & used starting at $19.79

Buy at Amazon.com

Browse similar items by category:
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General AAS
Subjects -> Computers & Internet -> Home Computing -> Internet -> General AAS

Customer Reviews:
Total reviews: 19 Average rating: 5.0 of 5

Editorial Review:

This is the Mobipocket version of the print book. "When it comes to software security, the devil is in the details. This book tackles the details." --Bruce Schneier, CTO and founder, Counterpane, and author of Beyond Fear and Secrets and Lies "McGraw's book shows you how to make the 'culture of security' part of your development lifecycle." --Howard A. Schmidt, Former White House Cyber Security Advisor "McGraw is leading the charge in software security. His advice is as straightforward as it is actionable. If your business relies on software (and whose doesn't), buy this book and post it up on the lunchroom wall." --Avi Rubin, Director of the NSF ACCURATE Center; Professor, Johns Hopkins University; and coauthor of Firewalls and Internet Security Beginning where the best-selling book Building Secure Software left off, Software Security teaches you how to put software security into practice.The software security best practices, or touchpoints, described in this book have their basis in good software engineering and involve explicitly pondering security throughout the software development lifecycle.This means knowing and understanding common risks (including implementation bugsand architectural flaws), designing for security, and subjecting all software artifacts to thorough, objective risk analyses and testing. Software Security is about putting the touchpoints to work for you. Because you can apply these touchpoints to the software artifacts you already produce as you develop software, you can adopt this book's methods without radically changing the way you work. Inside you'll find detailed explanations of *Risk management frameworks and processes *Code review using static analysis tools *Architectural risk analysis *Penetration testing *Security testing *Abuse case development In addition to the touchpoints, Software Security covers knowledge management, training and awareness, and enterprise-level software security programs. Now that the world agrees that software security is central to computer security, it is time to put philosophy into practice. Create your own secure development lifecycle by enhancing your existing software development lifecycle with the touchpoints described in this book.Let this expert author show you how to build more secure software by building security in.

Real World Web Services

Will Iverson

Amazon Price: $19.77 List Price: $29.95 Usually ships in 24 hours By: O'Reilly Media, Inc. Amazon Marketplace: 35 new & used starting at $2.99

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Home Computing -> Internet -> General AAS
Subjects -> Computers & Internet -> Business & Culture -> eBay
Subjects -> Computers & Internet -> Business & Culture -> Privacy

Customer Reviews:
Total reviews: 10 Average rating: 3.5 of 5

Editorial Review:

The core idea behind Real World Web Services is simple: after years of hype, what are the major players really doing with web services? Standard bodies may wrangle and platform vendors may preach, but at the end of the day what are the technologies that are actually in use, and how can developers incorporate them into their own applications? Those are the answers Real World Web Services delivers. It's a field guide to the wild and wooly world of non-trivial deployed web services. The heart of the book is a series of projects, demonstrating the use and integration of Google, Amazon, eBay, PayPal, FedEx, and many more web services. Some of these vendors have been extremely successful with their web service deployments: for example, eBay processes over a billion web service requests a month! The author focuses on building 8 fully worked out example web applications that incorporate the best web services available today. The book thoroughly documents how to add functionality like automating listings for auctions, dynamically calculating shipping fees, automatically sending faxes to your suppliers, using an aggregator to pull data from multiple news and web service feeds into a single format or monitoring the latest weblog discussions and Google searches to keep web site visitors on top of topics of interest-by integrating APIs from popular websites most people are already familiar with. For each example application, the author provides a thorough overview, architecture, and full working code examples. This book doesn't engage in an intellectual debate as to the correctness of web services on a theological level. Instead, it focuses on the practical, real world usage of web services as the latest evolution in distributed computing, allowing for structured communication via Internet protocols. As you ll see, this includes everything from sending HTTP GET commands to retrieving an XML document through the use of SOAP and various vendor SDKs.

SOA Security

Ramarao Kanneganti, Prasad Chodavarapu

Amazon Price: $41.99 List Price: $59.99 Usually ships in 24 hours By: Manning Publications Amazon Marketplace: 53 new & used starting at $34.39

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Home Computing -> Internet -> General AAS
Subjects -> Computers & Internet -> Business & Culture -> Privacy
Subjects -> Computers & Internet -> Certification Central -> Exams -> Security+

Customer Reviews:
Total reviews: 8 Average rating: 4.0 of 5

Editorial Review:

SOA is one of the latest technologies enterprises are using to tame their software costs - in development, deployment, and management. SOA makes integration easy, helping enterprises not only better utilize their existing investments in applications and infrastructure, but also open up new business opportunities. However, one of the big stumbling blocks in executing SOA is security. This book addresses Security in SOA with detailed examples illustrating the theory, industry standards and best practices.

It is true that security is important in any system. SOA brings in additional security concerns as well rising out of the very openness that makes it attractive. If we apply security principles blindly, we shut ourselves of the benefits of SOA. Therefore, we need to understand which security models and techniques are right for SOA. This book provides such an understanding.

Usually, security is seen as an esoteric topic that is better left to experts. While it is true that security requires expert attention, everybody, including software developers, designers, architects, IT administrators and managers need to do tasks that require very good understanding of security topics. Fortunately, traditional security techniques have been around long enough for people to understand and apply them in practice. This, however, is not the case with SOA Security.

Anyone seeking to implement SOA Security is today forced to dig through a maze of inter-dependent specifications and API docs that assume a lot of prior experience on the part of readers. Getting started on a project is hence proving to be a huge challenge to practitioners. This book seeks to change that. It provides bottom-up understanding of security techniques appropriate for use in SOA without assuming any prior familiarity with security topics on the part of the reader.

Unlike most other books about SOA that merely describe the standards, this book helps you get started immediately by walking you through sample code that illustrates how real life problems can be solved using the techniques and best practices described in standards. Whereas standards discuss all possible variations of each security technique, this book focusses on the 20% of variations that are used 80% of the time. This keeps the material covered in the book simple as well as self-sufficient for all readers except the most advanced.

Exploiting Software: How to Break Code (Addison-Wesley Software Security Series)

Greg Hoglund, Gary McGraw

Amazon Price: $34.64 List Price: $54.99 Usually ships in 24 hours By: Addison-Wesley Professional Amazon Marketplace: 59 new & used starting at $16.00

Buy at Amazon.com

Browse similar items by category:
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General AAS
Subjects -> Computers & Internet -> Business & Culture -> Hacking

Customer Reviews:
Total reviews: 29 Average rating: 4.5 of 5

Editorial Review:

Computing hardware would have no value without software; software tells hardware what to do. Software therefore must have special authority within computing systems. All computer security problems stem from that fact, and Exploiting Software: How to Break Code shows you how to design your software so it's as resistant as possible to attack. Sure, everything's phrased in offensive terms (as instructions for the attacker, that is), but this book has at least as much value in showing designers what sorts of attacks their software will face (the book could serve as a checklist for part of a pre-release testing regimen). Plus, the clever reverse-engineering strategies that Greg Hoglund and Gary McGraw teach will be useful in many legitimate software projects. Consider this a recipe book for mayhem, or a compendium of lessons learned by others. It depends on your situation.

PHP programmers will take issue with the authors' blanket assessment of their language ("PHP is a study in bad security"), much of which seems based on older versions of the language that had some risky default behaviors--but those programmers will also double-check their servers' register_globals settings. Users of insufficiently patched Microsoft and Oracle products will worry about the detailed attack instructions this book contains. Responsible programmers and administrators will appreciate what amounts to documentation of attackers' rootkits for various operating systems, and will raise their eyebrows at the techniques for writing malicious code to unused EEPROM chips in target systems. --David Wall

Topics covered: How to make software fail, either by doing something it wasn't designed to do, or by denying its use to its rightful users. Techniques--including reverse engineering, buffer overflow, and particularly provision of unexpected input--are covered along with the tools needed to carry them out. A section on hardware viruses is detailed and frightening.

Pro PHP Security

Chris Snyder, Michael Southwell

Amazon Price: $36.98 List Price: $44.99 Usually ships in 24 hours By: Apress Amazon Marketplace: 48 new & used starting at $18.41

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Business & Culture -> Privacy
Subjects -> Computers & Internet -> Certification Central -> Exams -> Security+
Subjects -> Computers & Internet -> Networking -> Network Security

Customer Reviews:
Total reviews: 7 Average rating: 4.0 of 5

Very little about PHP security at all 1 out of 5 stars.
21 of 27 people found this review helpful.

The book is entitled PHP security. But the actual content covers very little PHP at
all: less than 20 percent. It tries to cover everything from UNIX permission,SSH
and all other security issues, but really doesn't have much to do with PHP. So I
think the title is highly misleading. For someone interested in the general
security issues, it might be a fine book. But not for programmers want to know
the security about PHP.

Editorial Review:

Pro PHP Security is one of the first books devoted solely to PHP security. It will serve as your complete guide for taking defensive and proactive security measures within your PHP applications. (And the methods discussed are compatible with PHP versions 3, 4, and 5.)

The knowledge you'll gain from this comprehensive guide will help you prevent attackers from potentially disrupting site operation or destroying data. And you'll learn about various security measures, for example, creating and deploying "captchas," validating e-mail, fending off SQL injection attacks, and preventing cross-site scripting attempts.

Foundations of Mac OS X Leopard Security (Books for Professionals by Professionals)

Charles Edge, William Barker, Zack Smith

Amazon Price: $26.39 List Price: $39.99 Usually ships in 24 hours By: Apress Amazon Marketplace: 46 new & used starting at $17.97

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Home Computing -> Internet -> General AAS
Subjects -> Computers & Internet -> Business & Culture -> Privacy
Subjects -> Computers & Internet -> Certification Central -> Exams -> Security+

Customer Reviews:
Total reviews: 3 Average rating: 4.0 of 5

Editorial Review:

Foundations of Mac OS X Leopard Security is written in part as a companion to the SANS Institute course for Mac OS X. It contains detailed Mac OS X security information, but also walkthroughs on securing systems. By using the SANS Institute course as a sister to the book, the focus includes both the beginning home user and the seasoned security professional not accustomed to the Mac, and allows this title to establish the “best practices” for Mac OS X for a wide audience. Additionally, the authors of the book are seasoned Mac and security professionals, having built many of the largest network infrastructures for Apple and spoken at both DefCon and Black Hat on OS X security.

What you’ll learn

• Security overview
• Walkthroughs to secure systems
• Walkthroughs and suggestions for third–party applications on systems
• Mac forensics
• Mac hacking
• Apple wireless security
• Mac OS X security

Who is this book for?

A wide audience of users, power users, and administrators who wish to make sure their Mac platform is secure.

Stealing the Network: How to Own the Box

Ryan Russell, Ido Dubrawsky, FX, Joe Grand, Tim Mullen

Amazon Price: $32.97 List Price: $49.95 Usually ships in 24 hours By: Syngress Amazon Marketplace: 38 new & used starting at $18.98

Buy at Amazon.com

Browse similar items by category:
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General AAS
Subjects -> Computers & Internet -> Business & Culture -> Hacking

Customer Reviews:
Total reviews: 33 Average rating: 4.5 of 5

Editorial Review:

Stealing the Network is a book of science fiction. It's a series of short stories about characters who gain unauthorized access to equipment and information, or deny use of those resources to the people who are meant to have access to them. The characters, though sometimes well described, are not the stars of these stories. That honor belongs to the tools that the black-hat hackers use in their attacks, and also to the defensive measures arrayed against them by the hapless sysadmins who, in this volume, always lose. Consider this book, with its plentiful detail, the answer to every pretty but functionally half-baked user interface ever shown in a feature film.

One can read this book for entertainment, though its writing falls well short of cyberpunk classics like Burning Chrome and Snow Crash. Its value is in its explicit references to current technologies--Cisco routers, OpenSSH, Windows 2000--and specific techniques for hacking them (the heroes and heroines of this book are always generous with command-history dumps). The specific detail may open your eyes to weaknesses in your own systems (or give you some ideas for, ahem, looking around on the network). Alternately, you can just enjoy the extra realism that the detail adds to these stories of packetized adventure. --David Wall

Load Balancing Servers, Firewalls, and Caches

Chandra Kopparapu

Amazon Price: $39.99 List Price: $49.99 Usually ships in 24 hours By: Wiley Amazon Marketplace: 22 new & used starting at $20.74

Buy at Amazon.com

Browse similar items by category:
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General AAS
Subjects -> Computers & Internet -> Business & Culture -> Privacy

Customer Reviews:
Total reviews: 9 Average rating: 5.0 of 5

Editorial Review:

From an industry insider--a close look at high-performance, end-to-end switching solutions
Load balancers are fast becoming an indispensable solution for handling the huge traffic demands of the Web. Their ability to solve a multitude of network and server bottlenecks in the Internet age ranges from dramatic improvements in server farm scalability to removing the firewall as a network bottleneck. This book provides a detailed, up-to-date, technical discussion of this fast-growing, multibillion dollar market, covering the full spectrum of topics--from server and firewall load balancing to transparent cache switching to global server load balancing. In the process, the author delivers insight into the way new technologies are deployed in network infrastructure and how they work. Written by an industry expert who hails from a leading Web switch vendor, this book will help network and server administrators improve the scalability, availability, manageability, and security of their servers, firewalls, caches, and Web sites.

Integrating ISA Server 2006 with Microsoft Exchange 2007

Fergus Strachan

Amazon Price: $32.97 List Price: $49.95 Usually ships in 24 hours By: Syngress Amazon Marketplace: 45 new & used starting at $25.95

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Business & Culture -> Privacy
Subjects -> Computers & Internet -> Computer Science -> General
Subjects -> Computers & Internet -> Computer Science -> General AAS

Editorial Review:

This book is a convenient, targeted, single-source guide to integrating Microsoft's ISA Server with Exchange 2007 SP1. Unlike longwinded "comprehensive resources" it doesn't waste time re-hashing general information on the architectures and purposes of ISA and Exchange for raw beginners. Instead, its pragmatic purpose is to smooth the path of the busy administrator who is under pressure to get the integration done quickly, and done right, the first time. It features "break-out sessions" for issues that require in-depth discussion, "tips and tricks" sections that hone in on and demystify trouble spots, and "FAQs" alphabetized by topic that act as a quick-reference for readers who just want a quick answer to a specific question.

Readers will learn how to:
*Create the protocol definitions and firewall policy to allow only authorized users to connect to your Exchange Server
*Configure SMTP Filtering and SMTP Message Screener
*Troubleshoot the SSL connection to your Exchange Server
*Take advantage of ISA 2006's integrated Exchange 2007 support
*Enable forms-based authentication for Outlook Web Access
*Leverage unified SSL, VPN, application-layer filtering and endpoint security
to optimize access for mobile devices
*Configure user-based settings to provide pre-authenticated access to specific Web applications
...and much more!

*Practical and focused, this guide explains explains everything you need to know in order to successfully integrate ISA 2006 and Exchange 2007, without wasting time on minutiae
*Tips and tricks from the expert author help you avoid pitfalls before you stumble into them, troubleshoot problems with ease, and optimize performance
*In-depth coverage of Exchange SP1 highlights the many security enhancements that optimize integration with ISA