Secure Programming with Static Analysis Ebook

,
Publication: Addison Wesley Professional
 
Is my Device Supported?

You're about to purchase a Downloadable Ebook

Hi, sorry for the interruption!
We're repeating some important information here to ensure that you're making an informed purchase. Please review it.

  • Don't get caught unaware. Preview ebook and open the sample ebook on each of your intended devices before continuing.
  • You will need a Free 3rd-party application that can read the intermediate .acsm file you will receive as download. PDF/Epub format is downloaded automatically by the application thereafter. Please install the necessary software first on your intended device of use.
  • - Printing is permitted.
    - Copying 62 text selections every 30 days is allowed.
  • Refund Policy
    Refunds are not allowed after the ebook is opened so please open the ebook directly on your intended device. Refund requests should be recieved within 7 days after download is made available. Of course, if you get an incorrect ebook ( different from what is mentioned in the title) or if the ebook doesn't open on the initial device, then we'll assist with fixing the issue or get you a refund if a timely fix isn't available.
  • Customer Service
    We currently only provide ticket (online form submission) or email support. Rest assured that you're in good hands; customers like our professional service!
I have previewed the ebook and read the requirements and terms.
Cancel

Language: English
Publication Date: June 2007
File Size: 7527 Kbytes

Restrictions set by Publisher:
- Text-to-speech feature is available.
- Printing is permitted.
- Copying 62 text selections every 30 days is allowed.
- Free application Adobe Digital Editions, Aldiko reader, or Bluefire reader required .
$39.99
Change Region
 
ISBN: 9780321520357   Should I buy this Ebook?   Write a Review

Description

(E-Books do not include any DVD or CD with the purchase.)

"

The First Expert Guide to Static Analysis for Software Security!

Creating secure code requires more than just good intentions. Programmers need to know that their code will be safe in an almost infinite number of scenarios and configurations. Static source code analysis gives users the ability to review their work with a fine-toothed comb and uncover the kinds of errors that lead directly to security vulnerabilities. Now, there’s a complete guide to static analysis: how it works, how to integrate it into the software development processes, and how to make the most of it during security code review. Static analysis experts Brian Chess and Jacob West look at the most common types of security defects that occur today. They illustrate main points using Java and C code examples taken from real-world security incidents, showing how coding errors are exploited, how they could have been prevented, and how static analysis can rapidly uncover similar mistakes. This book is for everyone concerned with building more secure software: developers, security engineers, analysts, and testers.

Coverage includes:

Why conventional bug-catching often misses security problems

How static analysis can help programmers get security right

The critical attributes and algorithms that make or break a static analysis tool

36 techniques for making static analysis more effective on your code

More than 70 types of serious security vulnerabilities, with specific solutions

Example vulnerabilities from Firefox, OpenSSH, MySpace, eTrade, Apache httpd, and many more

Techniques for handling untrusted input

Eliminating buffer overflows: tactical and strategic approaches

Avoiding errors specific to Web applications, Web services, and Ajax

Security-aware logging, debugging, and error/exception handling

Creating, maintaining, and sharing secrets and confidential information

Detailed tutorials that walk you through the static analysis process

BRIAN CHESS is Founder and Chief Scientist of Fortify Software, where his research focuses on practical methods for creating secure systems. He holds a Ph.D. in Computer Engineering from University of California Santa Cruz, where he studied the application of static analysis to finding security-related code defects.

JACOB WEST manages Fortify Software’s Security Research Group, which is responsible for building security knowledge into Fortify’s products. He brings expertise in numerous programming languages, frameworks, and styles together with deep knowledge about how real-world systems fail.

CD contains a working demonstration version of Fortify Software’s Source Code Analysis (SCA) product; extensive Java and C code samples; and the tutorial chapters from the book in PDF format.

"

Recommendations:

Demystifying the IPsec Puzzle ebook cover
Save 11.12%

Should you buy this Ebook?

We've put together a collection of resources to help you make a decision regarding whether you should buy this Ebook from us.

  1. Is your device one of these? Ebook reading software will work on the following devices: Windows, Mac, Android 2.2+ Devices, IPad (iOS 3+), IPhone (iOS 3+), Kindle Fire. Several other devices are also supported by the software.
  2. Compare prices. Our price is $39.99. If you would like to research our competitors to see their prices. Here're some places to look:
  3. Why should you buy Ebooks from onlinebookplace.com?

    We've had 1000s of downloads so far and with over 300000+ Ebooks to choose from, onlinebookplace.com is becoming a favorite Ebook Store for many. Allow us to win you over with our competitive pricing, upfront policies and diligent customer service.

    We're Upfront:

    • Every Ebook page on onlinebookplace.com has information on restrictions that publishers have placed on the Ebook along with a clear indication of software required to read the Ebooks.
    • If ratings for an Ebook are available from one of several sources online, then we've attempted to get those to help you make a better purchasing decision about the Ebook. Reviews from Goodreads (a popular reviews site) are provided on the same if they're available.
    • In most cases, we've also attempted to get you links to the Ebook on our competitor's site so that you can compare prices with relative ease.
    • We use McAfee to scan for any vulnerabilities in the system to ensure that any information that you give us does not fall into the wrong hands.
    • We use Paypal, a trusted 3rd party payment provider to accept Payments -- your payment information doen't reside with us. Any information that does end up with us is safe.

After installing the appropriate app for your device, try a Sample Download (Sherlock Holmes from Project Gutenberg) before purchase. The sample is only for checking device compatibility.

Check below for device compatibility and any free 3rd-party software requirements. Choice of what ebook reading app to use is yours, we only present a few common apps that several customers of ours have preferred. You should be able to transfer your purchase to more than one (upto 6) compatible devices as long as your ebook-reading apps have been registered with the same Adobe ID before opening the file.

Computers/laptops/Mac

Windows/Mac PC or Laptop

Free app Adobe Digital Editions required. Note that this software is not the same as Adobe Reader.

Android

Android 2.1+

Free app Aldiko Reader or Bluefire Reader required.

Kindle Fire (and any Android based Kindle models)

Free Kindle Android app Bluefire Reader required.

IPhone/IPad

IPad or IPhone

Free app Bluefire Reader required. Kindly review their tutorial for the requirement (note that while they're talking about library ebooks, same applies to your purchased .acsm file) -- feel free to use the sample download for testing. Tutorial .

Other E-Reader

Several Other devices supported

Devices like Nook are supported via the free application Adobe Digital Editions . This software is not the same as Adobe Reader. Please check compatibility of your device before purchase.

Secure Programming with Static Analysis