• Title: Web Application Security Guide
• Author(s) Jan Schejbal
• Publisher: WikiBook (December 12, 2011)
• License(s): CC BY-SA 3.0
• Hardcover/Paperback: N/A
• eBook: HTML
• Language: English
• ISBN-10: N/A
• ISBN-13: N/A
• Share This:  

Book Description

Over 75% of network attacks are targeted at the web application layer. This book provides explicit hacks, tutorials, penetration tests, and step-by-step demonstrations for security professionals and Web application developers to defend their most vulnerable applications.

This book defines Web application security, why it should be addressed earlier in the lifecycle in development and quality assurance, and how it differs from other types of Internet security. Additionally, the book examines the procedures and technologies that are essential to developing, penetration testing and releasing a secure Web application.

Through a review of recent Web application breaches, the book will expose the prolific methods hackers use to execute Web attacks using common vulnerabilities such as SQL Injection, Cross-Site Scripting and Buffer Overflows in the application layer. By taking an in-depth look at the techniques hackers use to exploit Web applications, readers will be better equipped to protect confidential.

• N/A

• Amazon

• Web Programming
• Computer and Information Security

• Web Application Security Guide (Jan Schejbal)
• The Mirror Site (1) - PDF
• The Mirror Site (2) - PDF

• Security of Ubiquitous Computing Systems (Gildas Avoine, et al)

  It is to improve and adapt existent cryptanalysis methodologies and tools to the ubiquitous computing framework that lies along four axes: cryptographic models, cryptanalysis of building blocks, security engineering, and security assessment.

• Security Concepts (Subspacefield)

  This is a book about computer, network, technical, physical, information and cryptographic security, illustrated with interesting and entertaining examples. It is not intended to be an introductory text, although a beginner could gain something from it.

• Rational Cybersecurity for Business (Daniel Blum)

  This open access book presents six priority areas to focus on to maximize the effectiveness of your cybersecurity program: risk management, control baseline, security culture, IT rationalization, access control, and cyber-resilience.

• Security Engineering: Building Dependable Distributed Systems

  It makes it clear just how difficult it is to protect information systems from corruption, eavesdropping, unauthorized use, and general malice, offers a lot of thoughts on how information can be made more secure by both technologies and strategies.

• Web Application Security: Exploitation and Countermeasures

  This practical guide provides both offensive and defensive security concepts that software engineers can easily learn and apply. It introduces three pillars of web application security: recon, offense, and defense.

• Web Application Security for Dummies (Mike Shema)

  This book is a quick guide to understanding how to make your website secure. It surveys the best steps for establishing a regular program to quickly find vulnerabilities in your site with a web application scanner.

• Web Servers Succinctly (Marc Clifton)

  This book provides great insights on the benefits of building your own web server, and covers different options available for threading, work processes, session management, routing, and security.

• Demystifying Internet of Things Security (Sunil Cheruvu, et al)

  This open access book reviews the threat pyramid, secure boot, chain of trust, and the SW stack leading up to defense-in-depth. It provides clarity to industry professionals and provides and overview of different security solutions.