Web Application Security, A Beginner's Guide (Paperback)

Bryan Sullivan, Vincent Liu

  • 出版商: McGraw-Hill Education
  • 出版日期: 2011-11-24
  • 售價: $1,550
  • 貴賓價: 9.5$1,473
  • 語言: 英文
  • 頁數: 352
  • 裝訂: Paperback
  • ISBN: 0071776168
  • ISBN-13: 9780071776165
  • 相關分類: 資訊安全
  • 海外代購書籍(需單獨結帳)



Security Smarts for the Self-Guided IT Professional

Secure web application from today's most devious hackers. Web Application Security: A Beginner's Guide helps you stock your security toolkit, prevent common hacks, and defend quickly against malicious attacks.

This practical resource includes chapters on authentication, authorization, and session management, along with browser, database, and file security--all supported by true stories from industry. You'll also get best practices for vulnerability detection and secure development, as well as a chapter that covers essential security fundamentals. This book's templates, checklists, and examples are designed to help you get started right away.

Web Application Security: A Beginner's Guide features:

  • Lingo--Common security terms defined so that you're in the know on the job
  • IMHO--Frank and relevant opinions based on the authors' years of industry experience
  • Budget Note--Tips for getting security technologies and processes into your organization's budget
  • In Actual Practice--Exceptions to the rules of security explained in real-world contexts
  • Your Plan--Customizable checklists you can use on the job now
  • Into Action--Tips on how, why, and when to apply new skills and techniques at work

Bryan Sullivan is a senior security researcher at Adobe Systems, where he focuses on web and cloud security issues. He was previously a security program manager on the Microsoft Security Development Lifecycle team and a development manager at HP, where he helped to design HP's vulnerability scanning tools, Webinspect and Devinspect.

Vincent Liu, CISSP, is a managing partner at Stach & Liu. He previously led the Attack & Penetration and Reverse Engineering teams for Honeywell's Global Security group and was an analyst at the National Security Agency. Vincent is a coauthor of Hacking Exposed: Web Applications, Third Edition and Hacking Exposed Wireless, Second Edition.


「自學 IT 專業人士的安全智慧」


- Lingo:解釋常見的安全術語,讓您在工作中了解情況
- IMHO:基於作者多年的業界經驗,提供坦率而相關的意見
- Budget Note:獲取安全技術和流程進入組織預算的提示
- In Actual Practice:在真實情境中解釋安全規則的例外情況
- Your Plan:可自訂的檢查表,可立即應用於工作中
- Into Action:在工作中應用新技能和技術的方法、原因和時機的提示

- Bryan Sullivan:Adobe Systems 的高級安全研究員,專注於網路和雲端安全問題。他曾是 Microsoft Security Development Lifecycle 團隊的安全計畫經理,也是 HP 的開發經理,協助設計了 HP 的漏洞掃描工具 Webinspect 和 Devinspect。
- Vincent Liu:CISSP 認證,是 Stach & Liu 的合夥人。他曾領導 Honeywell 全球安全團隊的攻擊與滲透以及逆向工程團隊,並在國家安全局擔任分析師。Vincent 是《Hacking Exposed: Web Applications, Third Edition》和《Hacking Exposed Wireless, Second Edition》的合著者。