Hot Best Seller

The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities

Availability: Ready to download

The definitive insider's guide to auditing software security is penned by leading security consultants who have personally uncovered vulnerabilities in applications ranging from "sendmail" to Microsoft Exchange, Check Point VPN to Internet Explorer. Drawing on their extraordinary experience, they introduce a start-to-finish methodology for "ripping apart" applications to r The definitive insider's guide to auditing software security is penned by leading security consultants who have personally uncovered vulnerabilities in applications ranging from "sendmail" to Microsoft Exchange, Check Point VPN to Internet Explorer. Drawing on their extraordinary experience, they introduce a start-to-finish methodology for "ripping apart" applications to reveal even the most subtle and well-hidden security flaws.


Compare

The definitive insider's guide to auditing software security is penned by leading security consultants who have personally uncovered vulnerabilities in applications ranging from "sendmail" to Microsoft Exchange, Check Point VPN to Internet Explorer. Drawing on their extraordinary experience, they introduce a start-to-finish methodology for "ripping apart" applications to r The definitive insider's guide to auditing software security is penned by leading security consultants who have personally uncovered vulnerabilities in applications ranging from "sendmail" to Microsoft Exchange, Check Point VPN to Internet Explorer. Drawing on their extraordinary experience, they introduce a start-to-finish methodology for "ripping apart" applications to reveal even the most subtle and well-hidden security flaws.

30 review for The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities

  1. 4 out of 5

    Vasil Kolev

    It's somewhat like a horror story, except that instead of looking for monsters under the bed, every 20-30 pages you leave the book and go look for something in your code. The book is a comprehensive reference for most of the issues and techniques needed to do security audits of source code. It's probably the best (and I think only) introductory and complete text you can find, is well written and systematical. The last chapter seems rushed, and I think there's more to be said about some of the web It's somewhat like a horror story, except that instead of looking for monsters under the bed, every 20-30 pages you leave the book and go look for something in your code. The book is a comprehensive reference for most of the issues and techniques needed to do security audits of source code. It's probably the best (and I think only) introductory and complete text you can find, is well written and systematical. The last chapter seems rushed, and I think there's more to be said about some of the web problems (notably it seems to be missing cross-site request forging), but the rest of the book was very good, especially the chapter on C.

  2. 4 out of 5

    Justy

    Great higher-level overview of application security and while it cannot get into all of the nitty-gritty, it gives enough that the reader would be able to identify and know how to seek out more detailed information on specific vulnerabilities. This book is more focused on application security rather than network. You should definitely have a programming background but it's not a difficult read, moves at a nice pace and ramps well. I read the entire book in a couple of months and while it is 10 y Great higher-level overview of application security and while it cannot get into all of the nitty-gritty, it gives enough that the reader would be able to identify and know how to seek out more detailed information on specific vulnerabilities. This book is more focused on application security rather than network. You should definitely have a programming background but it's not a difficult read, moves at a nice pace and ramps well. I read the entire book in a couple of months and while it is 10 years old, it is general enough that I keep it as a reference.

  3. 4 out of 5

    Freddie Barr-Smith

    Recommended by one of my heroes, Natalie Silvanovich - https://googleprojectzero.blogspot.co..., this book is a real goldmine. Recommended by one of my heroes, Natalie Silvanovich - https://googleprojectzero.blogspot.co..., this book is a real goldmine.

  4. 5 out of 5

    Long Nguyen

    there are many different techniques & strategies to write good codes, to test codes, or to review other people code. the book explains concepts & definitions very clear & easy to understand. it's definitely help me a lot. there are many different techniques & strategies to write good codes, to test codes, or to review other people code. the book explains concepts & definitions very clear & easy to understand. it's definitely help me a lot.

  5. 4 out of 5

    Jason Copenhaver

    A comprehensive discussion of Software Security Assessment. While there are new things it doesn't cover the fundamentals are all there. The suggested tracks are a big help as well if you don't want to try and tackle the whole book at once. A comprehensive discussion of Software Security Assessment. While there are new things it doesn't cover the fundamentals are all there. The suggested tracks are a big help as well if you don't want to try and tackle the whole book at once.

  6. 4 out of 5

    Tyler

    Seems to be great! Moving over to reference material.

  7. 4 out of 5

    Tom

    One of the best security books out there.

  8. 4 out of 5

    H M

    A must-read for anyone involved in software security.

  9. 4 out of 5

    Jay

    This book is amazing. Between the abstract concepts and the comprehensive code examples, whether you're a developer or security professional, you must read this book. This book is amazing. Between the abstract concepts and the comprehensive code examples, whether you're a developer or security professional, you must read this book.

  10. 5 out of 5

    Nguyên Illuminate

    This review has been hidden because it contains spoilers. To view it, click here. i think this book is good

  11. 5 out of 5

    Asem Nofal

  12. 5 out of 5

    James

  13. 5 out of 5

    Merili

  14. 5 out of 5

    Joshua Bowser

  15. 5 out of 5

    Suka Juka

  16. 5 out of 5

    Bikash Kumar

  17. 5 out of 5

    Gvfdsdfa

  18. 5 out of 5

    Dinusha

  19. 5 out of 5

    Chris Clark

  20. 5 out of 5

    Dan Anderson

  21. 4 out of 5

    Christian

  22. 4 out of 5

    Xing Tang

  23. 4 out of 5

    Yo Sa

  24. 5 out of 5

    Daniel Miessler

  25. 5 out of 5

    Apostolos Zacharopoulos

  26. 4 out of 5

    Lisa

  27. 5 out of 5

    Vlad

  28. 5 out of 5

    Jackson

  29. 5 out of 5

    Faiz Hibatuloh

  30. 5 out of 5

    Steven Maestas

Add a review

Your email address will not be published. Required fields are marked *

Loading...
We use cookies to give you the best online experience. By using our website you agree to our use of cookies in accordance with our cookie policy.