Despite their myriad manifestations and different targets, nearly all attacks on computer systems have one fundamental cause: the code used to run far too many systems today is not secure. Flaws in its design, implementation, testing, and operations allow attackers all-too-easy access. Secure Coding: Principles & Practices looks at the problem of bad code in a new way. Packed with advice based on the authors' decades of experience in the computer security field, this concise and highly readable book explains why so much code today is filled with vulnerabilities, and tells readers what they must do to avoid writing code that can be exploited by attackers.

Most businesses are aware of the danger posed by malicious network intruders and other internal and external security threats. Unfortunately, in many cases the actions they have taken to secure people, information and infrastructure from outside attacks are inefficient or incomplete. Responding to security threats and incidents requires a competent mixture of risk management, security policies and procedures, security auditing, incident response, legal and law enforcement issues, and privacy. Critical Incident Management presents an expert overview of the elements that organizations need to address in order to prepare for and respond to network and information security violations. Written in a concise, practical style that emphasizes key points, this guide focuses on the establishment of policies and actions that prevent the loss of critical information or damage to infrastructure.CTOs, CFOs, Chief Legal Officers, and senior IT managers can rely on this book to develop plans that thwart critical security incidents. And if such incidents do occur, these executives will have a reference to help put the people and procedures in place to contain the damage and get back to business.

The Security+ certification was developed by CompTIA in response to corporate and government requests for a certification that validates foundation-level IT security skills. Topics covered include access control, authentication, intrusion detection, malicious code, cryptography, physical security, disaster recovery, policies and procedures, and more. Sybex is proud to server as a Cornerstone member of the Security+ advisory committee.
The Perfect Preparation and Review Resource
Security+ Fast Pass is the streamlined tool you need to bone up for the Security+ exam [SYO-101]. The enclosed CD lets you practice, practice, practice, and you'll keep the book--packed with concise, objective-focused coverage and review questions--at your side until the minute you sit down to take the test.
Coverage includes:
* Understanding general security concepts
* Assessing risk
* Securing communications
* Implementing wireless security features
* Configuring a firewall
* Detecting intrusions
* Securing your organization's infrastructure
* Understanding the basics of cryptography
* Managing security keys and certificates
* Ensuring operational and organizational security
* Recovering from disasters

Knowledge of number theory and abstract algebra are pre-requisites for any engineer designing a secure internet-based system.
However, most of the books currently available on the subject are aimed at practitioners who just want to know how the various tools available on the market work and what level of security they impart. These books traditionally deal with the science and mathematics only in so far as they are necessary to understand how the tools work.
Internet Security differs by its assertion that cryptography is the single most important technology for securing the Internet. To quote one reviewer "if every one of your communication partners were using a secure system based on encryption, viruses, worms and hackers would have a very hard time". This scenario does not reflect the reality of the Internet world as it currently stands. However, with security issues becoming more and more important internationally, engineers of the future will be required to design tougher, safer systems

Secure Windows 2000 Server, Windows XP systems, and Windows Server 2003. The book explains how to follow reference matrixes of useful services for Windows and UNIX. Plus, you’ll learn best practices for trace routing and source address location.

"Surprisingly complete. I have found this book to be quite useful and a great time-saver. There is nothing more irritating than thrashing in a search engine trying to remember some obscure tool or an obscure tool's obscure feature. A great reference for the working security consultant."
- Simple Nomad - Renowned Security Researcher and Author of The Hack FAQ

"While a little knowledge can be dangerous, no knowledge can be deadly. HackNotes: Network Security Portable Reference covers an immense amount of information readily available that is required for network and system administrators, who need the information quickly and concisely. This book is a must-have reference manual for any administrator."
- Ira Winkler - Chief Security Strategist at HP, security keynote speaker and panelist