Amazon cover image
Image from Amazon.com
Image from Google Jackets

The art of software security testing : identifying software security flaws / Chris Wysopal ... [et al.].

Contributor(s): Material type: TextTextPublication details: Upper Saddle River, NJ : Addison-Wesley, c2007.Description: xxxii, 266 p. : ill. ; 24 cmISBN:
  • 9780321304865 (pbk. : alk. paper)
Subject(s): DDC classification:
  • 005.8   22
Contents:
Case Your Own Joint: A Paradigm Shift from Traditional Software Testing -- How Vulnerabilities Get Into All Software -- The Secure Software Development Lifecycle -- Risk-Based Security Testing: Prioritizing Security Testing with Threat Modeling -- Shades of Analysis: White, Gray, and Black Box Testing -- Generic Network Fault Injection -- Web Applications: Session Attacks -- Web Applications: Common Issues -- Web Proxies: Using WebScarab -- Implementing a Custom Fuzz Utility -- Local Fault Injection.
Summary: Risk-based security testing, the important subject of this book, is one of seven software security touchpoints introduced in my book, Software Security: Building Security In. This book takes the basic idea several steps forward. Written by masters of software exploit, this book describes in very basic terms how security testing differs from standard software testing as practiced by QA groups everywhere. It unifies in one place ideas from Michael Howard, David Litchfield, Greg Hoglund, and me into a concise introductory package. Improve your security testing by reading this book today.”
Tags from this library: No tags from this library for this title. Log in to add tags.
Star ratings
    Average rating: 0.0 (0 votes)
Holdings
Item type Current library Call number Copy number Status Date due Barcode
Books Books Main library General Stacks 005.8 / WY.A 2007 (Browse shelf(Opens below)) 1 Available 006551

Includes bibliographical references and index.

Case Your Own Joint: A Paradigm Shift from Traditional Software Testing -- How Vulnerabilities Get Into All Software -- The Secure Software Development Lifecycle -- Risk-Based Security Testing: Prioritizing Security Testing with Threat Modeling -- Shades of Analysis: White, Gray, and Black Box Testing -- Generic Network Fault Injection -- Web Applications: Session Attacks -- Web Applications: Common Issues -- Web Proxies: Using WebScarab -- Implementing a Custom Fuzz Utility -- Local Fault Injection.

Risk-based security testing, the important subject of this book, is one of seven software security touchpoints introduced in my book, Software Security: Building Security In. This book takes the basic idea several steps forward. Written by masters of software exploit, this book describes in very basic terms how security testing differs from standard software testing as practiced by QA groups everywhere. It unifies in one place ideas from Michael Howard, David Litchfield, Greg Hoglund, and me into a concise introductory package. Improve your security testing by reading this book today.”

1

There are no comments on this title.

to post a comment.