Writing secure code

Front Cover
Microsoft Press, 2003 - Computers - 768 pages
6 Reviews
Keep black-hat hackers at bay with the tips and techniques in this entertaining, eye-opening book! Developers will learn how to padlock their applications throughout the entire development process—from designing secure applications to writing robust code that can withstand repeated attacks to testing applications for security flaws. Easily digested chapters reveal proven principles, strategies, and coding techniques. The authors—two battle-scarred veterans who have solved some of the industry’s toughest security problems—provide sample code in several languages. This edition includes updated information about threat modeling, designing a security process, international issues, file-system issues, adding privacy to applications, and performing security code reviews. It also includes enhanced coverage of buffer overruns, Microsoft® .NET security, and Microsoft ActiveX® development, plus practical checklists for developers, testers, and program managers.

From inside the book

What people are saying - Write a review

User ratings

5 stars
2
4 stars
2
3 stars
2
2 stars
0
1 star
0

Review: Writing Secure Code

User Review  - Vipul Pathak - Goodreads

Teaches you about secure coding practices. A must read for every programmer ... Read full review

Review: Writing Secure Code

User Review  - Ibrahim Magdy - Goodreads

This book is good for coding (c++) securely but mainly under windows Read full review

Contents

Contemporary Security 1 The Need for Secure Systems
3
The Proactive Security Development Process
23
Security Principles to Live By
51
Copyright

33 other sections not shown

Common terms and phrases

References to this book

All Book Search results »

About the author (2003)

Howard is Senior Security Program manager and a founding member of the Secure Windows Initiative team at Microsoft.

LeBlanc works in Microsoft's Security Strategies team helping make Microsoft profucts and operations more secure and has been part of Microsoft's internal network security gropu as a tools developer.