The art of software security testing :
The art of software security testing : identifying software security flaws /
Chris Wysopal ... [et al.].
- Upper Saddle River, NJ : Addison-Wesley, c2007.
- xxxii, 266 p. : ill. ; 24 cm.
Includes bibliographical references and index.
Case Your Own Joint: A Paradigm Shift from Traditional Software Testing -- How Vulnerabilities Get Into All Software -- The Secure Software Development Lifecycle -- Risk-Based Security Testing: Prioritizing Security Testing with Threat Modeling -- Shades of Analysis: White, Gray, and Black Box Testing -- Generic Network Fault Injection -- Web Applications: Session Attacks -- Web Applications: Common Issues -- Web Proxies: Using WebScarab -- Implementing a Custom Fuzz Utility -- Local Fault Injection.
Risk-based security testing, the important subject of this book, is one of seven software security touchpoints introduced in my book, Software Security: Building Security In. This book takes the basic idea several steps forward. Written by masters of software exploit, this book describes in very basic terms how security testing differs from standard software testing as practiced by QA groups everywhere. It unifies in one place ideas from Michael Howard, David Litchfield, Greg Hoglund, and me into a concise introductory package. Improve your security testing by reading this book today.”
9780321304865 (pbk. : alk. paper)
2006027502
Computer security.
Computer networks -- Security measures.
Computer software -- Testing.
Computer software -- Reliability.
Web Application Software Testing
005.8
Includes bibliographical references and index.
Case Your Own Joint: A Paradigm Shift from Traditional Software Testing -- How Vulnerabilities Get Into All Software -- The Secure Software Development Lifecycle -- Risk-Based Security Testing: Prioritizing Security Testing with Threat Modeling -- Shades of Analysis: White, Gray, and Black Box Testing -- Generic Network Fault Injection -- Web Applications: Session Attacks -- Web Applications: Common Issues -- Web Proxies: Using WebScarab -- Implementing a Custom Fuzz Utility -- Local Fault Injection.
Risk-based security testing, the important subject of this book, is one of seven software security touchpoints introduced in my book, Software Security: Building Security In. This book takes the basic idea several steps forward. Written by masters of software exploit, this book describes in very basic terms how security testing differs from standard software testing as practiced by QA groups everywhere. It unifies in one place ideas from Michael Howard, David Litchfield, Greg Hoglund, and me into a concise introductory package. Improve your security testing by reading this book today.”
9780321304865 (pbk. : alk. paper)
2006027502
Computer security.
Computer networks -- Security measures.
Computer software -- Testing.
Computer software -- Reliability.
Web Application Software Testing
005.8