Fai clic su di un'immagine per andare a Google Ricerca Libri.
Sto caricando le informazioni... Web Security for Developers: Real Threats, Practical Defensedi Malcolm McDonald
Nessuno Sto caricando le informazioni...
Iscriviti per consentire a LibraryThing di scoprire se ti piacerà questo libro. Attualmente non vi sono conversazioni su questo libro. This is a good beginner's level book for someone interested in learning more about IT security. ( ) Much has been and continues to be written on the topic of computer security, but a lot of that content is directed towards computer security professionals. Few resources exist that are written for software developers, by developers. In this work, McDonald seeks to answer the need for a comprehensive exposition on this topic. In this attempt, he succeeds in providing a clear and thorough introduction of what developers need to know about security. The biggest advantage of this book is that it collects all a developer needs to know in one space. McDonald’s treatment does not go in too much detail for the audience, as in many security books. Instead, as the book’s subtitle suggests, it pragmatically focuses on how security principles apply to the art and science of programming. This work is written for a general audience of programmers and not focused on one specific language. The author appears to be a Ruby developer as many of the examples are written in that language. However, knowledge of Ruby is not required to appreciate and learn from this book. Indeed, the vast majority of this book is pertinent to any language on any platform. Despite these strengths, McDonald’s book exhibits some weakness as it contains very little cutting-edge material. It would have been nice to include towards the end a chapter or two on emerging concepts. Because of this, people who stay engaged with the state-of-the-art might find the book redundant and not worth their time. Web Security for Developers is geared mainly for web developers who are in early-to-mid career. Despite the introduction’s claim that experienced programmers will fill in a few knowledge gaps, in truth, experienced programmers will find little new here. Nonetheless, this work fills a needed gap in the literature for all that programmers need to know about computer security concepts. This solid work should be relevant for years to come. nessuna recensione | aggiungi una recensione
The world has changed. Today, every time you make a site live, you’re opening it up to attack. A first-time developer can easily be discouraged by the difficulties involved with properly securing a website. But have hope: an army of security researchers is out there discovering, documenting, and fixing security flaws. Thankfully, the tools you’ll need to secure your site are freely available and generally easy to use. Web Security for Developers will teach you how your websites are vulnerable to attack and how to protect them. Each chapter breaks down a major security vulnerability and explores a real-world attack, coupled with plenty of code to show you both the vulnerability and the fix. You’ll learn how to: •Protect against SQL injection attacks, malicious JavaScript, and cross-site request forgery •Add authentication and shape access control to protect accounts •Lock down user accounts to prevent attacks that rely on guessing passwords, stealing sessions, or escalating privileges •Implement encryption •Manage vulnerabilities in legacy code •Prevent information leaks that disclose vulnerabilities •Mitigate advanced attacks like malvertising and denial-of-service As you get stronger at identifying and fixing vulnerabilities, you’ll learn to deploy disciplined, secure code and become a better programmer along the way. Non sono state trovate descrizioni di biblioteche |
Discussioni correntiNessuno
Google Books — Sto caricando le informazioni... GeneriSistema Decimale Melvil (DDC)005.8Information Computer Science; Knowledge and Systems Computer programming, programs, data, security Computer SecurityClassificazione LCVotoMedia:
Sei tu?Diventa un autore di LibraryThing. |