Innocent Code: A Security Wake-up Call for Web Programmers
|
|
|
This book is much more than a wake-up call. It
is also an eye-opener. Even for those who are already awake to the
problems of Web server security, it is a serious guide for what to
do and what not to do, with many well-chosen examples. The set of
fundamental rules is highly relevant.
--
Peter
G. Neumann, Author of
Computer-Related
Risks,
and moderator of the Internet Risks Forum
(risks.org).
This book is a serious must have for all
developers who are building web sites. I know you will enjoy it
as much as I did.
--
From the foreword by Mark Curphey, founder of
OWASP.
|
|
If it doesn't scare the hell out of you then you're
either very good or very stupid. [...] Ought to be required
reading for all web developers.
-- From a
review
by
TechBookReport
In short, if you are a server side web developer
then you simply must read this book. If you are a web techie
then you will love this book - I did.
-- From a review by
Andrew Blyth
in
Infosecurity Today
|
|
|
|
Finally, an entertaining programmer's book on
security! Innocent Code will show you how common
programming errors make a web site open to attacks, even with both
firewalls and encryption in place. You, the programmer, play a
major role when it comes to the security of a web site. With lots
of real-life examples, this book will show you why.
Feel free to take a look at an excerpt from the Introduction chapter or
the Summary of rules chapter if
you want to know more about the motivation behind this book.
|
|
|
|
Sverre H. Huseby
|