Programmer's Ultimate Security DeskRef: Your Programming Security Encyclopedia

Front Cover
Elsevier, Nov 20, 2004 - Computers - 700 pages
The Programmer's Ultimate Security DeskRef is the only complete desk reference covering multiple languages and their inherent security issues. It will serve as the programming encyclopedia for almost every major language in use.

While there are many books starting to address the broad subject of security best practices within the software development lifecycle, none has yet to address the overarching technical problems of incorrect function usage. Most books fail to draw the line from covering best practices security principles to actual code implementation. This book bridges that gap and covers the most popular programming languages such as Java, Perl, C++, C#, and Visual Basic.

* Defines the programming flaws within the top 15 programming languages.

* Comprehensive approach means you only need this book to ensure an application's overall security.

* One book geared toward many languages.
 

What people are saying - Write a review

We haven't found any reviews in the usual places.

Contents

ASP
1
C
23
C++
197
C
263
ColdFusion
269
JavaScript
335
JScript
377
LISP
407
Perl
447
PHP
469
Python
499
VBA
539
VBScript
575
Related Titles
589
Copyright

Common terms and phrases

Popular passages

Page vii - With his core competencies residing in high-tech remote management, international expansion, application security, protocol analysis, and search algorithm technology, Foster has conducted numerous code reviews for commercial OS components, Win32 application assessments, and reviews on commercialgrade cryptography implementations. Foster is a seasoned speaker and has presented throughout North America at conferences, technology forums, security summits, and research symposiums with highlights at the...
Page vii - CSC, Foster was the Director of Research and Development for Foundstone Inc. (acquired by McAfee) and was responsible for all aspects of product, consulting, and corporate R&D initiatives. Prior to joining Foundstone, Foster was an Executive Advisor and Research Scientist with Guardent Inc. (acquired by Verisign) and an adjunct author at Information Security Magazine (acquired by TechTarget), subsequent to working as Security Research Specialist for the Department of Defense.
Page vii - Foster holds degrees and certifications in Business, Software Engineering, Management of Information Systems, and numerous computer-related or programming-related concentrations and has attended or conducted research at the Yale School of Business, Harvard University, Capitol College, and the University of Maryland.
Page vii - InfoSec World 2001, and the Thomson Security Conference. He also is commonly asked to comment on pertinent security issues and has been sited in USAToday, Information Security Magazine, Baseline, Computer World, Secure Computing, and the MIT Technologist, Foster holds an AS, BS, MBA and numerous technology and management certifications and has attended or conducted research at the Yale School of Business, Harvard University, the University of Maryland, and is currently a Fellow at University of Pennsylvania's...

About the author (2004)

James C. Foster, Fellow, is the Deputy Director of Global Security Solution Development for Computer Sciences Corporation where he is responsible for the vision and development of physical, personnel, and data security solutions. Preceding CSC, Foster was the Director of Research and Development for Foundstone Inc. and was responsible for all aspects of product, consulting, and corporate R&D initiatives. Prior to joining Foundstone, Foster was an Executive Advisor and Research Scientist with Guardent Inc. and an adjunct author at Information Security Magazine, subsequent to working as Security Research Specialist for the Department of Defense. Foster is also a well published author with multiple commercial and educational papers; and has authored, contributed, or edited for major publications to include Snort 2.1 Intrusion Detection (Syngress, ISBN: 1-931836-04-3), Hacking Exposed, Fourth Edition, Anti-Hacker Toolkit, Second Edition, Advanced Intrusion Detection, Hacking the Code: ASP.NET Web Application Security (Syngress, ISBN: 1-932266-65-8), Anti-Spam Toolkit, Google Hacking for Penetration Techniques (Syngress, ISBN: 1-931836-36-1), and Sockets, Shellcode, Porting and Coding (Syngress ISBN: 1-597490-05-9).

Bibliographic information