買這商品的人也買了...
-
Lessons Learned in Software Testing (Paperback)$1,500$1,425 -
Head First Design Patterns (Paperback)$2,370$2,252 -
Fuzzing: Brute Force Vulnerability Discovery (Paperback)$2,220$2,109 -
資訊架構學網站應用 (Information Architecture for the World Wide Web, 3/e)$720$569 -
The Shellcoder's Handbook: Discovering and Exploiting Security Holes, 2/e (Paperback)$1,900$1,805 -
The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws$1,300$1,274 -
Gray Hat Python: Python Programming for Hackers and Reverse Engineers (Paperback)$1,400$1,330 -
重構─改善既有程式的設計, 2/e (Refactoring: Improving The Design of Existing Code)$800$632 -
Linear Algebra: Ideas and Applications, 3/e (Hardcover)$1,250$1,225 -
全球最強 VMware vSphere 4 企業環境建構$860$731 -
$780Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance (Paperback) -
程式設計師的自我修養-連結、載入、程式庫$580$493 -
$660iPhone and iPad in Action (Paperback) -
猛虎出閘制霸版─最新 Java 專業認證 OCP Java SE 6 Programmer (原 SCJP 認證)$780$616 -
Java 加密與解密的藝術$480$408 -
商業智慧$480$470 -
Android 案例開發完全講義$580$458 -
Gray Hat Hacking The Ethical Hackers Handbook, 3/e (Paperback)$2,090$1,986 -
Linux Command Line and Shell Scripting Bible, 2/e (Paperback)$1,800$1,710 -
The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws, 2/e (Paperback)$1,980$1,881 -
$1,540The CERT Oracle Secure Coding Standard for Java (Paperback) -
Arduino UNO R3 開發板(副廠相容版)附傳輸線$400$380 -
養成 iOS 8 App 程式設計實力的 25 堂課-最新 Swift 開發教學(A Practical Guide to Building Your First App from Scratch: Beginning iOS 8 Programming with Swift)$580$452 -
Node.js 模組參考手冊$580$458 -
Make: 感測器|運用 Arduino 和 Raspberry Pi 感測的專題與實驗(Make: Sensors: A Hands-On Primer for Monitoring the Real World with Arduino and Raspberry Pi)$580$458
商品描述
Most security books on Java focus on cryptography and access control, but exclude key aspects such as coding practices, logging, and web application risk assessment. Encapsulating security requirements for web development with the Java programming platform, Secure Java: For Web Application Development covers secure programming, risk assessment, and threat modeling—explaining how to integrate these practices into a secure software development life cycle.
From the risk assessment phase to the proof of concept phase, the book details a secure web application development process. The authors provide in-depth implementation guidance and best practices for access control, cryptography, logging, secure coding, and authentication and authorization in web application development. Discussing the latest application exploits and vulnerabilities, they examine various options and protection mechanisms for securing web applications against these multifarious threats. The book is organized into four sections:
- Provides a clear view of the growing footprint of web applications
- Explores the foundations of secure web application development and the risk management process
- Delves into tactical web application security development with Java EE
- Deals extensively with security testing of web applications
This complete reference includes a case study of an e-commerce company facing web application security challenges, as well as specific techniques for testing the security of web applications. Highlighting state-of-the-art tools for web application security testing, it supplies valuable insight on how to meet important security compliance requirements, including PCI-DSS, PA-DSS, HIPAA, and GLBA. The book also includes an appendix that covers the application security guidelines for the payment card industry standards.
商品描述(中文翻譯)
大多數關於 Java 的安全書籍專注於加密和存取控制,但忽略了編碼實踐、日誌記錄和網路應用程式風險評估等關鍵方面。《Secure Java: For Web Application Development》將網路開發的安全需求進行封裝,涵蓋安全編程、風險評估和威脅建模,並解釋如何將這些實踐整合到安全的軟體開發生命週期中。
從風險評估階段到概念驗證階段,本書詳細說明了一個安全的網路應用程式開發過程。作者提供了有關存取控制、加密、日誌記錄、安全編碼以及網路應用程式開發中的身份驗證和授權的深入實施指導和最佳實踐。討論最新的應用程式漏洞和安全隱患,他們檢視了各種選項和保護機制,以保護網路應用程式免受這些多樣化威脅的影響。本書分為四個部分:
- 提供對網路應用程式日益增長的影響範圍的清晰視角
- 探索安全網路應用程式開發的基礎和風險管理過程
- 深入探討使用 Java EE 的戰術性網路應用程式安全開發
- 廣泛處理網路應用程式的安全測試
這本完整的參考書包括一個面臨網路應用程式安全挑戰的電子商務公司的案例研究,以及測試網路應用程式安全性的具體技術。強調最先進的網路應用程式安全測試工具,提供了如何滿足重要安全合規要求的寶貴見解,包括 PCI-DSS、PA-DSS、HIPAA 和 GLBA。本書還包括一個附錄,涵蓋支付卡行業標準的應用安全指導方針。
