Sign in  |  Register
Advanced search
Publication Cover

CITATION

Sullivan, Bryan and Liu, Vincent. Web Application Security, A Beginner's Guide. US: McGraw-Hill Osborne Media, 2011.

Web Application Security, A Beginner's Guide

Authors: Bryan Sullivan and Vincent Liu

Published:  November 2011

eISBN: 9780071776127 0071776125 | ISBN: 9780071776165
Open eBook

Book description:

Security Smarts for the Self-Guided IT Professional

“Get to know the hackers—or plan on getting hacked. Sullivan and Liu have created a savvy, essentials-based approach to web app security packed with immediately applicable tools for any information security practitioner sharpening his or her tools or just starting out.” —Ryan McGeehan, Security Manager, Facebook, Inc.

Secure web applications from today's most devious hackers. Web Application Security: A Beginner's Guide helps you stock your security toolkit, prevent common hacks, and defend quickly against malicious attacks.

This practical resource includes chapters on authentication, authorization, and session management, along with browser, database, and file security--all supported by true stories from industry. You'll also get best practices for vulnerability detection and secure development, as well as a chapter that covers essential security fundamentals. This book's templates, checklists, and examples are designed to help you get started right away.

Web Application Security: A Beginner's Guide features:

  • Lingo--Common security terms defined so that you're in the know on the job

  • IMHO--Frank and relevant opinions based on the authors' years of industry experience

  • Budget Note--Tips for getting security technologies and processes into your organization's budget

  • In Actual Practice--Exceptions to the rules of security explained in real-world contexts

  • Your Plan--Customizable checklists you can use on the job now

  • Into Action--Tips on how, why, and when to apply new skills and techniques at work

Bryan Sullivan is a senior security researcher at Adobe Systems, where he focuses on web and cloud security issues. He was previously a security program manager on the Microsoft Security Development Lifecycle team and a development manager at HP, where he helped to design HP's vulnerability scanning tools, Webinspect and Devinspect.

Vincent Liu, CISSP, is a managing partner at Stach & Liu. He previously led the Attack & Penetration and Reverse Engineering teams for Honeywell's Global Security group and was an analyst at the National Security Agency. Vincent is a coauthor of Hacking Exposed: Web Applications, Third Edition and Hacking Exposed Wireless, Second Edition.

Keywords: WEB APPLICATION SECURITY, A BEGINNER'S GUIDE, VINCENT LIU, BRYAN SULLIVAN, IT, PROFESSIONALS, SECURE BEGINNER'S GUIDE, BOOK, HOW TO, SECURING, WEB, APPS, HACKERS, SECURITY, APPLICATION, SOFTWARE, TECHNOLOGIES, SERVERS, BROWSERS, VULNERABILITIES, SECURE, CODE, EXPLOIT, MALICIOUS, COMPUTER, NETWORK, BLACK HAT, RSA, BLACK HAT EUROPE, CLOUD, COMPUTING, SKILLS, KNOWLEDGE, STACH & LIUS LLC, HONEYWELL GLOBAL SECURITY, ATTACK AND PENETRATION AND REVERSE ENGINEERING, ERNST AND YOUNG ADVANCED SECURITY CENTERS, NATIONAL SECURITY AGENCY, NSA, TOORCON, MICROSOFT BLUEHAT, ADOBE SYSTEMS, SPI DYNAMICS, CLICK COMMERCE, PRIMUS KNOWLEDGE SOLUTIONS, 2ORDER.COM, ADVANCED TECHNOLOGY SERVICES, LANIER WORLDWIDE, AJAX SECURITY, SECURITY METRICS A BEGINNER'S GUIDE, WIRELESS NETWORK SECURITY A BEGINNER'S GUIDE, COMPUTER FORENSICS A BEGINNER'S GUIDE, HACKING EXPOSED, HACKING EXPOSED WEB 2.0, HACKING EXPOSED VOIP, HACKING EXPOSED WINDOWS, HACKING EXPOSED WEB APPLICATIONS, HACKING EXPOSED CISCO NETWORKS, GRAY HAT HACKING, HACKING EXPOSED WIRELESS, HACKING EXPOSED COMPUTER FORENSICS, 19 DEADLY SINS OF SOFTWARE SECURITY, 24 DEADLY SINS OF SOFTWARE SECURITY, CCNA CISCO CERTIFIED NETWORK ASSOCIATE STUDY GUIDE, CCENT CISCO CERTIFIED ENTRY NETWORKING TECHNICIAN STUDY GUIDE, CCNA CISCO CERTIFIED NETWORK ASSOCIATE WIRELESS STUDY GUIDE, CISSP ALL-IN-ONE EXAM GUIDE, MOBILE APPLICATION SECURITY, HACKING EXPOSED MALWARE AND ROOTKITS, HACKING EXPOSED COMPUTER FORENSICS, HACKING EXPOSED VIRTUALIZATION & CLOUD COMPUTING, IT SECURITY METRICS, SECURITY INFORMATION AND EVENT MANAGEMENT (SIEM) IMPLEMENTATION, IT AUDITING, CISSP BOXED SET, CISA CERTIFIED INFORMATION SYSTEMS AUDITOR ALL-IN-ONE EXAM GUIDE, MIKE MEYERS' COMPTIA SECURITY+ CERTIFICATION PASSPORT, SECURITY+ ALL-IN-ONE EXAM GUIDE, COMPTIA A+ CERTIFICATION ALL-IN-ONE EXAM GUIDE, CCNA CISCO CERTIFIED NETWORK ASSOCIATE SECURITY STUDY GUIDE, CWSP CERTIFIED WIRELESS SECURITY PROFESSIONAL OFFICIAL STUDY GUIDE, CWNA CERTIFIED WIRELESS NETWORK ADMINISTRATOR & CWSP CERTIFIED WIRELESS SECURITY PROFESSIONAL ALL-IN-ONE EXAM GUIDE, CTS CERTIFIED TECHNOLOGY SPECIALIST EXAM GUIDE, PRINCIPLES OF COMPUTER SECURITY COMPTIA SECURITY+ AND BEYOND LAB MANUAL, PRINCIPLES OF COMPUTER SECURITY, COMPTIA SECURITY+ AND BEYOND, COMPTIA A+ CERTIFICATION BOXED SET, COMPTIA SECURITY+ CERTIFICATION STUDY GUIDE, COMPTIA SECURITY+ CERTIFICATION PRACTICE EXAMS, COMPTIA SECURITY+ ALL-IN-ONE EXAM GUIDE, COMPTIA SECURITY+ CERTIFICATION BOXED SET, WEB APPLICATION HACKER'S HANDBOOK, EXPLOITING SECURITY, WEB SECURITY TESTING COOKBOOK, SYSTEMATIC TECHNIQUES, HACKING THE NEXT GENERATION, GOOGLE APP DEVELOPMENT FOR DUMMIES, BUILDING FACEBOOK APPS FOR DUMMIES