Testing Code Security (Hardcover)

Maura A. van der Linden

  • 出版商: CRC
  • 出版日期: 2007-06-07
  • 售價: $3,300
  • 貴賓價: 9.5$3,135
  • 語言: 英文
  • 頁數: 328
  • 裝訂: Hardcover
  • ISBN: 0849392519
  • ISBN-13: 9780849392511
  • 相關分類: 資訊安全
  • 其他版本: Testing Code Security
  • 立即出貨 (庫存=1)

買這商品的人也買了...

商品描述

The huge proliferation of security vulnerability exploits, worms, and viruses place an incredible drain on both cost and confidence for manufacturers and consumers. The release of trustworthy code requires a specific set of skills and techniques, but this information is often dispersed and decentralized, encrypted in its own jargon and terminology, and can take a colossal amount of time and data mining to find.

Written in simple, common terms, Testing Code Security is a consolidated resource designed to teach beginning and intermediate testers the software security concepts needed to conduct relevant and effective tests. Answering the questions pertinent to all testing procedures, the book considers the differences in process between security testing and functional testing, the creation of a security test plan, the benefits and pitfalls of threat-modeling, and the identification of root vulnerability problems and how to test for them. The book begins with coverage of foundation concepts, the process of security test planning, and the test pass. Offering real life examples, it presents various vulnerabilities and attacks and explains the testing techniques appropriate for each. It concludes with a collection of background overviews on related topics to fill common knowledge gaps. Filled with cases illustrating the most common classes of security vulnerabilities, the book is written for all testers working in any environment, and it gives extra insight to threats particular to Microsoft Windows® platforms.

Providing a practical guide on how to carry out the task of security software testing, Testing Code Security gives the reader the knowledge needed to begin testing software security for any project and become an integral part in the drive to produce better software security and safety.

商品描述(中文翻譯)

大量的安全漏洞利用、蠕蟲和病毒的激增,給製造商和消費者帶來了巨大的成本和信心損失。發布可信代碼需要一套特定的技能和技術,但這些信息通常分散且分散,以其自己的術語和術語進行加密,需要大量的時間和數據挖掘才能找到。

《測試代碼安全性》以簡單、通俗的語言撰寫,是一個整合的資源,旨在教授初級和中級測試人員進行相關和有效的軟件安全性測試所需的概念。回答了所有測試程序相關的問題,本書考慮了安全測試和功能測試之間的過程差異,安全測試計劃的制定,威脅建模的利弊,以及根本漏洞問題的識別和測試方法。本書首先介紹了基礎概念、安全測試計劃的過程和測試通過。通過提供真實案例,介紹了各種漏洞和攻擊,並解釋了適用於每種漏洞的測試技術。最後,本書提供了一系列相關主題的背景概述,以填補常見的知識空白。本書充滿了展示最常見的安全漏洞類別的案例,適用於任何環境中的所有測試人員,並提供了對微軟Windows®平台特定威脅的額外洞察。

《測試代碼安全性》提供了一個實用指南,教授如何進行安全軟件測試的任務,讓讀者獲得開始為任何項目測試軟件安全性所需的知識,並成為生產更好的軟件安全性和安全性的重要組成部分。