Building Secure Software: How to Avoid Security Problems the Right Way (Paperback)
暫譯: 建立安全軟體:正確避免安全問題的方法 (平裝本)

John Viega, Gary McGraw

Building Secure Software: How to Avoid Security Problems the Right Way (Paperback)

買這商品的人也買了...

商品描述

Most organizations have a firewall, antivirus software, and intrusion detection systems, all of which are intended to keep attackers out. So why is computer security a bigger problem today than ever before? The answer is simple--bad software lies at the heart of all computer security problems. Traditional solutions simply treat the symptoms, not the problem, and usually do so in a reactive way. This book teaches you how to take a proactive approach to computer security.

Building Secure Software cuts to the heart of computer security to help you get security right the first time. If you are serious about computer security, you need to read this book, which includes essential lessons for both security professionals who have come to realize that software is the problem, and software developers who intend to make their code behave. Written for anyone involved in software development and use—from managers to coders—this book is your first step toward building more secure software. Building Secure Software provides expert perspectives and techniques to help you ensure the security of essential software. If you consider threats and vulnerabilities early in the devel-opment cycle you can build security into your system. With this book you will learn how to determine an acceptable level of risk, develop security tests, and plug security holes before software is even shipped.

Inside you'll find the ten guiding principles for software security, as well as detailed coverage of:

  • Software risk management for security
  • Selecting technologies to make your code more secure
  • Security implications of open source and proprietary software
  • How to audit software
  • The dreaded buffer overflow
  • Access control and password authentication
  • Random number generation
  • Applying cryptography
  • Trust management and input
  • Client-side security
  • Dealing with firewalls

Only by building secure software can you defend yourself against security breaches and gain the confidence that comes with knowing you won't have to play the "penetrate and patch" game anymore. Get it right the first time. Let these expert authors show you how to properly design your system; save time, money, and credibility; and preserve your customers' trust.

商品描述(中文翻譯)

大多數組織都有防火牆、防病毒軟體和入侵偵測系統,這些都是為了防止攻擊者入侵。然而,為什麼電腦安全問題今天比以往任何時候都更嚴重呢?答案很簡單——糟糕的軟體是所有電腦安全問題的根本原因。傳統的解決方案僅僅是治標不治本,通常是以反應的方式來處理問題。本書教你如何採取主動的電腦安全方法。

《建立安全軟體》深入探討電腦安全,幫助你第一次就能正確處理安全問題。如果你對電腦安全認真,那麼你需要閱讀這本書,這本書包含了對於已經意識到軟體是問題的安全專業人士和希望讓他們的程式碼正常運作的軟體開發者的基本課程。這本書是針對所有參與軟體開發和使用的人士而寫的——從經理到程式設計師——是你邁向建立更安全軟體的第一步。《建立安全軟體》提供專家的觀點和技術,幫助你確保關鍵軟體的安全。如果你在開發週期的早期考慮威脅和漏洞,你就可以將安全性內建於系統中。透過這本書,你將學會如何確定可接受的風險水平、開發安全測試,並在軟體發佈之前修補安全漏洞。

在書中,你將找到十個軟體安全的指導原則,以及詳細的內容涵蓋:
- 安全的軟體風險管理
- 選擇技術以提高程式碼的安全性
- 開源和專有軟體的安全影響
- 如何審計軟體
- 可怕的緩衝區溢位
- 存取控制和密碼驗證
- 隨機數生成
- 應用密碼學
- 信任管理和輸入
- 客戶端安全
- 處理防火牆

只有建立安全的軟體,你才能防範安全漏洞,並獲得不再需要玩「滲透與修補」遊戲的信心。第一次就做到正確。讓這些專家作者告訴你如何正確設計你的系統;節省時間、金錢和信譽;並維護客戶的信任。

類似商品

最後瀏覽商品 (18)