Beginning where the best-selling book Building Secure Software left off, Software Security teaches you how to put software security into practice.The software security best practices, or touchpoints, described in this book have their basis in good software engineering and involve explicitly pondering security throughout the software development lifecycle. This means knowing and understanding common risks (including implementation bugsand architectural flaws), designing for security, and subjecting all software artifacts to thorough, objective risk analyses and testing.
Software Security is about putting the touchpoints to work for you. Because you can apply these touchpoints to the software artifacts you already produce as you develop software, you can adopt this book's methods without radically changing the way you work.
In addition to the touchpoints, Software Security covers knowledge management, training and awareness, and enterprise-level software security programs.
Now that the world agrees that software security is central to computer security, it is time to put philosophy into practice. Create your own secure development lifecycle by enhancing your existing software development lifecycle with the touchpoints described in this book. Let this expert author show you how to build more secure software by building security in.
Stealing the Network: How to Own the Box is a unique book in the fiction department. It combines stories that are fictional with technology that is real.While none of these specific events have happened, there is no reason why they could not.You could argue it provides a roadmap for criminal hackers, but I say it does something else: It provides a glimpse into the creative minds of some of today’s best hackers, and even the best hackers will tell you that the game is a mental one.The phrase “Root is a state of mind,” coined by K0resh and printed on shirts from DEF CON, sums this up nicely.While you may have the skills, if you lack the mental fortitude, you will never reach the top.This is what separates the truly elite hackers from the wannabe hackers.
The Ethical Hack: A Framework for Business Value Penetration Testing
lays out the underlying methodologies and concepts required for
performing successful and valuable penetration testing. The author
discusses the process of penetration testing from a consultative point
of view to ensure that the true value of the test is realized. He
supplies a technical perspective of the common tools and exploits used
by attackers along with the rational for why they are used and the
information they provide the attacker. Finally, the text brings it all
together in the form of attack scenarios to show the complete cycle of
the attack from the hacker's perspective to the client's.
In Hacking a Terror Network, Russ Rogers uses a fictional scenario to demonstrate how terrorists may use the Internet to coordinate and launch a new series of terrorist attacks.While the scenario may be fictitious, the techniques and technologies that Russ uses are drawn straight from the computer security world, making this not only an interesting literary read but also a technical manual on how covert channels work and how law enforcement and intelligence organizations can go about discovering and defeating them.This book is packed with real-life examples of how tools work, including screenshots and narrative tutorials. Both amateurs and seasoned security professionals will benefit