* Covers security basics and guides reader through the process of testing a Web site.
* Explains how to analyze results and design specialized follow-up tests that focus on potential security gaps.
* Teaches the process of discovery, scanning, analyzing, verifying results of specialized tests, and fixing vulnerabilities.

Table of Contents

Acknowledgments.

Foreword.

Preface.

Part One An Introduction to the Book.

Chapter 1 Introduction.  

Chapter 2 Test Planning.

Chapter 3 Network Security.

Chapter 4 System Software Security.

Chapter 5 Client-Side Application Security.  

Chapter 6 Server-Side Application Security.

Chapter 7 Sneak Attacks: Guarding against the Less-Thought-of Security Threats.

Chapter 8 Intruder Confusion, Detection, and Response.

Chapter 9 Assessment and Penetration Options.

Chapter 10 Risk Analysis.

Appendix A An Overview of Network Protocols, Addresses, and Devices.

Appendix B SANS Institute Top 20 Critical Internet Security Vulnerabilities.

Appendix C Test-Deliverable Templates.