Developer's Guide to Web Application Security
3/5
()
About this ebook
This book defines Web application security, why it should be addressed earlier in the lifecycle in development and quality assurance, and how it differs from other types of Internet security. Additionally, the book examines the procedures and technologies that are essential to developing, penetration testing and releasing a secure Web application. Through a review of recent Web application breaches, the book will expose the prolific methods hackers use to execute Web attacks using common vulnerabilities such as SQL Injection, Cross-Site Scripting and Buffer Overflows in the application layer. By taking an in-depth look at the techniques hackers use to exploit Web applications, readers will be better equipped to protect confidential.
* The Yankee Group estimates the market for Web application-security products and services will grow to $1.74 billion by 2007 from $140 million in 2002 * Author Michael Cross is a highly sought after speaker who regularly delivers Web Application presentations at leading conferences including: Black Hat, TechnoSecurity, CanSec West, Shmoo Con, Information Security, RSA Conferences, and more * The Companion Web site will have downloadable code and scripts presented in the book (http://www.elsevierdirect.com/v2/companion.jsp?ISBN=9781597490610)
Michael Cross
Michael Cross is a SharePoint Administrator and Developer, and has worked in the areas of software development, Web design, hardware installation/repairs, database administration, graphic design, and network administration. Working for law enforcement, he is part of an Information Technology team that provides support to over 1,000 civilian and uniformed users. His theory is that when the users carry guns, you tend to be more motivated in solving their problems. Michael has a diverse background in technology. He was the first computer forensic analyst for a local police service, and performed digital forensic examinations on computers involved in criminal investigations. Over five years, he recovered and examined evidence involved in a wide range of crimes, inclusive to homicides, fraud, and possession of child pornography. In addition to this, he successfully tracked numerous individuals electronically, as in cases involving threatening e-mail. He has consulted and assisted in numerous cases dealing with computer-related/Internet crimes and served as an expert witness on computers for criminal trials. In 2007, he was awarded a Police Commendation for work he did in developing a system to track local high-risk offenders and sexual offenders. With extensive experience in Web design and Internet-related technologies, Michael has created and maintained numerous Web sites and implementations of Microsoft SharePoint. This has included public Web sites, private ones on corporate intranets, and solutions that integrate them. In doing so, he has incorporated and promoted social networking features, created software to publish press releases online, and developed a wide variety of solutions that make it easier to get work done. Michael has been a freelance writer and technical editor on over four dozen I.T. related books, as well as writing material for other genres. He previously taught as an instructor and has written courseware for IT training courses. He has also made presentations on Internet safety, SharePoint and other topics related to computers and the Internet. Despite his experience as a speaker, he still finds his wife won't listen to him. Over the years, Michael has acquired a number of certifications from Microsoft, Novell and Comptia, including MCSE, MCP+I, CNA, Network+. When he isn’t writing or otherwise attached to a computer, he spends as much time as possible with the joys of his life: his lovely wife, Jennifer; darling daughter Sara; adorable daughter Emily; and charming son Jason. For the latest information on him, his projects, and a variety of other topics, you can follow him on Twitter @mybinarydreams, visit his Facebook page at www.facebook.com/mybinarydreams, follow him on LinkedIn at www.linkedin.com/in/mcross1, or read his blog at http://mybinarydreams.wordpress.com.
Read more from Michael Cross
CompTIA Network+ Certification Study Guide: Exam N10-004: Exam N10-004 2E Rating: 4 out of 5 stars4/5The Basics of Cyber Safety: Computer and Mobile Device Safety Made Easy Rating: 5 out of 5 stars5/5Google Earth Forensics: Using Google Earth Geo-Location in Digital Forensic Investigations Rating: 4 out of 5 stars4/5Social Media Security: Leveraging Social Networking While Mitigating Risk Rating: 5 out of 5 stars5/5Botnets: The Killer Web Applications Rating: 5 out of 5 stars5/5Scene of the Cybercrime Rating: 4 out of 5 stars4/5Developer's Guide to Web Application Security Rating: 3 out of 5 stars3/5
Related to Developer's Guide to Web Application Security
Related ebooks
Stealing The Network: How to Own the Box Rating: 4 out of 5 stars4/5Firewall Policies and VPN Configurations Rating: 0 out of 5 stars0 ratingsHack Proofing Linux: A Guide to Open Source Security Rating: 5 out of 5 stars5/5Nessus, Snort, and Ethereal Power Tools: Customizing Open Source Security Applications Rating: 0 out of 5 stars0 ratingsBuilding DMZs For Enterprise Networks Rating: 4 out of 5 stars4/5Network Security Assessment: From Vulnerability to Patch Rating: 0 out of 5 stars0 ratingsSecurity Log Management: Identifying Patterns in the Chaos Rating: 3 out of 5 stars3/5Intrusion Prevention and Active Response: Deploying Network and Host IPS Rating: 3 out of 5 stars3/5How to Cheat at Configuring Open Source Security Tools Rating: 0 out of 5 stars0 ratingsDeveloper's Guide to Web Application Security Rating: 3 out of 5 stars3/5Wireshark & Ethereal Network Protocol Analyzer Toolkit Rating: 0 out of 5 stars0 ratingsMetasploit Toolkit for Penetration Testing, Exploit Development, and Vulnerability Research Rating: 0 out of 5 stars0 ratingsHow to Cheat at Securing a Wireless Network Rating: 2 out of 5 stars2/5Web Application Firewall Assurance Rating: 0 out of 5 stars0 ratingsHands-On Network Forensics: Investigate network attacks and find evidence using common network forensic tools Rating: 0 out of 5 stars0 ratingsMastering Modern Web Penetration Testing Rating: 0 out of 5 stars0 ratingsKali Linux – Assuring Security by Penetration Testing Rating: 3 out of 5 stars3/5Snort Intrusion Detection and Prevention Toolkit Rating: 5 out of 5 stars5/5Python Penetration Testing Essentials Rating: 5 out of 5 stars5/5Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide Rating: 5 out of 5 stars5/5Kali Linux 2: Windows Penetration Testing Rating: 5 out of 5 stars5/5Penetration Testing with BackBox Rating: 0 out of 5 stars0 ratingsBurp Suite Essentials Rating: 4 out of 5 stars4/5Securing the Cloud: Cloud Computer Security Techniques and Tactics Rating: 5 out of 5 stars5/5Mastering Kali Linux for Web Penetration Testing Rating: 4 out of 5 stars4/5Web Application Obfuscation: '-/WAFs..Evasion..Filters//alert(/Obfuscation/)-' Rating: 5 out of 5 stars5/5The Basics of Web Hacking: Tools and Techniques to Attack the Web Rating: 0 out of 5 stars0 ratingsNetcat Power Tools Rating: 3 out of 5 stars3/5Learn Kali Linux 2019: Perform powerful penetration testing using Kali Linux, Metasploit, Nessus, Nmap, and Wireshark Rating: 0 out of 5 stars0 ratings
Security For You
How to Be Invisible: Protect Your Home, Your Children, Your Assets, and Your Life Rating: 4 out of 5 stars4/5The Hacker Crackdown: Law and Disorder on the Electronic Frontier Rating: 4 out of 5 stars4/5Hacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking Rating: 5 out of 5 stars5/5Cybersecurity: The Beginner's Guide: A comprehensive guide to getting started in cybersecurity Rating: 5 out of 5 stars5/5How to Become Anonymous, Secure and Free Online Rating: 5 out of 5 stars5/5Mike Meyers CompTIA Security+ Certification Passport, Sixth Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5CompTIA Network+ Review Guide: Exam N10-008 Rating: 0 out of 5 stars0 ratingsHacking: Ultimate Beginner's Guide for Computer Hacking in 2018 and Beyond: Hacking in 2018, #1 Rating: 4 out of 5 stars4/5Cybersecurity For Dummies Rating: 4 out of 5 stars4/5The Cyber Attack Survival Manual: Tools for Surviving Everything from Identity Theft to the Digital Apocalypse Rating: 0 out of 5 stars0 ratingsPractical Lock Picking: A Physical Penetration Tester's Training Guide Rating: 5 out of 5 stars5/5Social Engineering: The Science of Human Hacking Rating: 3 out of 5 stars3/5How to Hack Like a Pornstar Rating: 5 out of 5 stars5/5CompTIA CySA+ Practice Tests: Exam CS0-002 Rating: 0 out of 5 stars0 ratingsRemote/WebCam Notarization : Basic Understanding Rating: 3 out of 5 stars3/5CompTIA Security+ Study Guide: Exam SY0-601 Rating: 5 out of 5 stars5/5Wireless Hacking 101 Rating: 4 out of 5 stars4/5Make Your Smartphone 007 Smart Rating: 4 out of 5 stars4/5Network+ Study Guide & Practice Exams Rating: 4 out of 5 stars4/5The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers Rating: 4 out of 5 stars4/5Ultimate Guide for Being Anonymous: Hacking the Planet, #4 Rating: 5 out of 5 stars5/5Mike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5Dark Territory: The Secret History of Cyber War Rating: 4 out of 5 stars4/5CompTIA CySA+ Cybersecurity Analyst Certification Passport (Exam CS0-002) Rating: 5 out of 5 stars5/5Tor and the Dark Art of Anonymity Rating: 5 out of 5 stars5/5Codes and Ciphers Rating: 5 out of 5 stars5/5
Reviews for Developer's Guide to Web Application Security
1 rating0 reviews