Testing Code Security: 1st Edition (e-Book) book cover

Testing Code Security

1st Edition

By Maura A. van der Linden

Auerbach Publications

328 pages

Purchasing Options:$ = USD
Paperback: 9780367389017
pub: 2019-10-23
SAVE ~$14.99
Hardback: 9780849392511
pub: 2007-06-07
SAVE ~$24.00
eBook (VitalSource) : 9780429186035
pub: 2007-06-07
from $37.48

FREE Standard Shipping!


The huge proliferation of security vulnerability exploits, worms, and viruses place an incredible drain on both cost and confidence for manufacturers and consumers. The release of trustworthy code requires a specific set of skills and techniques, but this information is often dispersed and decentralized, encrypted in its own jargon and terminology,

Table of Contents

Introduction, Security Vocabulary, Software Testing and Changes in the Security Landscape, All Trust Is Misplaced, Security Testing Considerations, Threat Modeling and Risk Assessment Processes, Personas and Testing, Security Test Planning, Sample Security Considerations, Vulnerability Case Study - Brute Force Browsing, Vulnerability Case Study - Buffer Overruns, Vulnerability Case Study - Cookie Tampering, Vulnerability Case Study: Cross-Site Scripting (XSS), Vulnerability Case Study: Denial of Service/Distributed Denial of Service, Vulnerability Case Study: Format String Vulnerabilities, Vulnerability Case Study: Integer Overflows and Underflows, Vulnerability Case Study: Man-in-the-Middle Attacks, Vulnerability Case Study - Password Cracking, Vulnerability Case Study - Session Hijacking, Vulnerability Case Study - Spoofing Attacks, Vulnerability Case Study - SQL Injection, Fuzz Testing, Background - Cryptography, Background - Firewalls, Background - OSI Network Model, Background - Proxy Servers, Background - TCP/IP and Other Networking Protocols, Background - Test Case Outlining (TCO), Additional Sources of Information, Index

Subject Categories

BISAC Subject Codes/Headings:
COMPUTERS / Information Technology
COMPUTERS / Programming Languages / General
COMPUTERS / Software Development & Engineering / General
COMPUTERS / Security / General