定價
:NT$ 1360 元優惠價
:90 折 1224 元
絕版無法訂購
相關商品
商品簡介
作者簡介
商品簡介
Security Smarts for the Self-Guided IT Professional
Secure web application from today's most devious hackers. Web Application Security: A Beginner's Guide helps you stock your security toolkit, prevent common hacks, and defend quickly against malicious attacks.
This practical resource includes chapters on authentication, authorization, and session management, along with browser, database, and file security--all supported by true stories from industry. You'll also get best practices for vulnerability detection and secure development, as well as a chapter that covers essential security fundamentals. This book's templates, checklists, and examples are designed to help you get started right away.
Web Application Security: A Beginner's Guide features:
Lingo--Common security terms defined so that you're in the know on the job
IMHO--Frank and relevant opinions based on the authors' years of industry experience
Budget Note--Tips for getting security technologies and processes into your organization's budget
In Actual Practice--Exceptions to the rules of security explained in real-world contexts
Your Plan--Customizable checklists you can use on the job now
Into Action--Tips on how, why, and when to apply new skills and techniques at work
Bryan Sullivan is a senior security researcher at Adobe Systems, where he focuses on web and cloud security issues. He was previously a security program manager on the Microsoft Security Development Lifecycle team and a development manager at HP, where he helped to design HP's vulnerability scanning tools, Webinspect and Devinspect.
Vincent Liu, CISSP, is a managing partner at Stach & Liu. He previously led the Attack & Penetration and Reverse Engineering teams for Honeywell's Global Security group and was an analyst at the National Security Agency. Vincent is a coauthor of Hacking Exposed: Web Applications, Third Edition and Hacking Exposed Wireless, Second Edition.
About the author
Vincent Liu, CISSP, is a managing partner at Stach & Liu. He previously led the Attack & Penetration and Reverse Engineering teams for Honeywell's Global Security group and was an analyst at the National Security Agency. Vincent speaks at industry conferences, including Black Hat, ToorCon, and Microsoft's BlueHat. He is a co-author of Hacking Exposed Web Applications, Third Edition and Hacking Exposed Wireless, Second Edition.
Bryan Sullivan, Senior Security Researcher at Adobe Systems, was previously Security Program Manager at Microsoft and a development manager at HP, where he helped to design HP's vulnerability scanning tools WebInspect and DevInspect. Bryan speaks at industry conferences such as Black Hat, RSA, BlueHat and TechEd.
Table of contents
Part I: Primer
Chapter 1. Welcome to the Wide World of Web Application Security
Chapter 2. Security Fundamentals
Part II: Web Application Security Principles
Chapter 3. Authentication
Chapter 4. Authorization
Chapter 5. Browser Security Principles: The Same-Origin Policy
Chapter 6. Browser Security Principles: Cross-Site Scripting and Cross-Site Request Forgery
Chapter 7. Database Security Principles
Chapter 8. File Security Principles
Part III: Secure Development and Deployment
Chapter 9. Secure Development Methodologies
Epilogue: The Wizard, the Giant, and the Magic Fruit Trees: A Happy Ending
Index
Secure web application from today's most devious hackers. Web Application Security: A Beginner's Guide helps you stock your security toolkit, prevent common hacks, and defend quickly against malicious attacks.
This practical resource includes chapters on authentication, authorization, and session management, along with browser, database, and file security--all supported by true stories from industry. You'll also get best practices for vulnerability detection and secure development, as well as a chapter that covers essential security fundamentals. This book's templates, checklists, and examples are designed to help you get started right away.
Web Application Security: A Beginner's Guide features:
Lingo--Common security terms defined so that you're in the know on the job
IMHO--Frank and relevant opinions based on the authors' years of industry experience
Budget Note--Tips for getting security technologies and processes into your organization's budget
In Actual Practice--Exceptions to the rules of security explained in real-world contexts
Your Plan--Customizable checklists you can use on the job now
Into Action--Tips on how, why, and when to apply new skills and techniques at work
Bryan Sullivan is a senior security researcher at Adobe Systems, where he focuses on web and cloud security issues. He was previously a security program manager on the Microsoft Security Development Lifecycle team and a development manager at HP, where he helped to design HP's vulnerability scanning tools, Webinspect and Devinspect.
Vincent Liu, CISSP, is a managing partner at Stach & Liu. He previously led the Attack & Penetration and Reverse Engineering teams for Honeywell's Global Security group and was an analyst at the National Security Agency. Vincent is a coauthor of Hacking Exposed: Web Applications, Third Edition and Hacking Exposed Wireless, Second Edition.
About the author
Vincent Liu, CISSP, is a managing partner at Stach & Liu. He previously led the Attack & Penetration and Reverse Engineering teams for Honeywell's Global Security group and was an analyst at the National Security Agency. Vincent speaks at industry conferences, including Black Hat, ToorCon, and Microsoft's BlueHat. He is a co-author of Hacking Exposed Web Applications, Third Edition and Hacking Exposed Wireless, Second Edition.
Bryan Sullivan, Senior Security Researcher at Adobe Systems, was previously Security Program Manager at Microsoft and a development manager at HP, where he helped to design HP's vulnerability scanning tools WebInspect and DevInspect. Bryan speaks at industry conferences such as Black Hat, RSA, BlueHat and TechEd.
Table of contents
Part I: Primer
Chapter 1. Welcome to the Wide World of Web Application Security
Chapter 2. Security Fundamentals
Part II: Web Application Security Principles
Chapter 3. Authentication
Chapter 4. Authorization
Chapter 5. Browser Security Principles: The Same-Origin Policy
Chapter 6. Browser Security Principles: Cross-Site Scripting and Cross-Site Request Forgery
Chapter 7. Database Security Principles
Chapter 8. File Security Principles
Part III: Secure Development and Deployment
Chapter 9. Secure Development Methodologies
Epilogue: The Wizard, the Giant, and the Magic Fruit Trees: A Happy Ending
Index
作者簡介
Vincent Liu, CISSP, is a managing partner at Stach & Liu. He previously led the Attack & Penetration and Reverse Engineering teams for Honeywell''s Global Security group and was an analyst at the National Security Agency. Vincent speaks at industry conferences, including Black Hat, ToorCon, and Microsoft''s BlueHat. He is a co-author of Hacking Exposed Web Applications, Third Edition and Hacking Exposed Wireless, Second Edition. Bryan Sullivan, Senior Security Researcher at Adobe Systems, was previously Security Program Manager at Microsoft and a development manager at HP, where he helped to design HP''s vulnerability scanning tools WebInspect and DevInspect. Bryan speaks at industry conferences such as Black Hat, RSA, BlueHat and TechEd.
您曾經瀏覽過的商品
購物須知
外文書商品之書封,為出版社提供之樣本。實際出貨商品,以出版社所提供之現有版本為主。部份書籍,因出版社供應狀況特殊,匯率將依實際狀況做調整。
無庫存之商品,在您完成訂單程序之後,將以空運的方式為你下單調貨。為了縮短等待的時間,建議您將外文書與其他商品分開下單,以獲得最快的取貨速度,平均調貨時間為1~2個月。
為了保護您的權益,「三民網路書店」提供會員七日商品鑑賞期(收到商品為起始日)。
若要辦理退貨,請在商品鑑賞期內寄回,且商品必須是全新狀態與完整包裝(商品、附件、發票、隨貨贈品等)否則恕不接受退貨。