Home | Amazing | Today | Tags | Publishers | Years | Account | Search 
Secure Programming with Static Analysis (Addison-Wesley Software Security Series)

Buy
The First Expert Guide to Static Analysis for Software Security!

 

Creating secure code requires more than just good intentions. Programmers need to know that their code will be safe in an almost infinite number of scenarios and configurations. Static source code analysis gives users the ability to review their work with a fine-toothed comb and uncover the kinds of errors that lead directly to security vulnerabilities. Now, there’s a complete guide to static analysis: how it works, how to integrate it into the software development processes, and how to make the most of it during security code review. Static analysis experts Brian Chess and Jacob West look at the most common types of security defects that occur today. They illustrate main points using Java and C code examples taken from real-world security incidents, showing how coding errors are exploited, how they could have been prevented, and how static analysis can rapidly uncover similar mistakes. This book is for everyone concerned with building more secure software: developers, security engineers, analysts, and testers.

 

About the Author


Brian Chess is a founder of Fortify Software. He currently serves as Fortify’s Chief Scientist, where his work focuses on practical methods for creating secure systems. Brian holds a Ph.D. in Computer Engineering from the University of California at Santa Cruz, where he studied the application of static analysis to the problem of finding security-relevant defects in source code. Before settling on security, Brian spent a decade in Silicon Valley working at huge companies and small startups. He has done research on a broad set of topics, ranging from integrated circuit design all the way to delivering software as a service. He lives in Mountain View, California.

 

Jacob West manages Fortify Software’s Security Research Group, which is responsible for building security knowledge into Fortify’s products. Jacob brings expertise in numerous programming languages, frameworks, and styles together with knowledge about how real-world systems can fail. Before joining Fortify, Jacob worked with Professor David Wagner at the

University of California at Berkeley to develop MOPS (MOdel Checking Programs for Security properties), a static analysis tool used to discover security vulnerabilities in C programs. When he is away from the keyboard, Jacob spends time speaking at conferences and working with customers to advance their understanding of software security. He lives in San Francisco, California.

(HTML tags aren't allowed.)

Arduino Workshop: A Hands-On Introduction with 65 Projects
Arduino Workshop: A Hands-On Introduction with 65 Projects

Learn the Basics, Build the Projects, Create Your Own
 

The Arduino is a cheap, flexible, open source microcontroller platform designed to make it easy for hobbyists to use electronics in homemade projects. With an almost unlimited range of input and output add-ons, sensors, indicators, displays,...

Definitive MPLS Network Designs
Definitive MPLS Network Designs

The only design guide covering key MPLS technologies: MPLS VPNs, Pseudowires, QoS, Traffic Engineering, network recovery, IPv6, multicast

  • The definitive design guide for key MPLS technologies

  • Benefit from the authors' vast experience in...

Mac OS X and iOS Internals: To the Apple's Core (Wrox Programmer to Programmer)
Mac OS X and iOS Internals: To the Apple's Core (Wrox Programmer to Programmer)
EVEN MORE THAN TEN YEARS AFTER ITS INCEPTION, there is a dearth of books discussing the architecture of OS X, and virtually none about iOS. While there is plentiful documentation on Objective-C, the frameworks, and Cocoa APIs of OS X, it often stops short of the system-call level and implementation specifi cs. There is some...

Black Hole Physics - Basic Concepts and New Developments (Fundamental Theories of Physics)
Black Hole Physics - Basic Concepts and New Developments (Fundamental Theories of Physics)
It is not an exaggeration to say that one of the most exciting predictions of Einstein's theory of gravitation is that there may exist "black holes": putative objects whose gravitational fields are so strong that no physical bodies or signals can break free of their pull and escape. The proof that black holes do exist, and an analysis of...
Pancreas - Pathological Practice and Research
Pancreas - Pathological Practice and Research

The pancreas is an unobtrusive organ, and the prospects and possibilities of solving the physiological and pathological nature of its behavior are numerous. When conducting a pathological study or an investigation of the pancreas, it is important to consider its anatomical and embryological basis as well as the occurrence of age-related...

Japanese Outbound Acquisitions: Explaining What Works
Japanese Outbound Acquisitions: Explaining What Works

This book reviews the past 116 Japanese outbound acquisitions in three decades and determines success and failure, with the goal of explaining what works. Dr. Matsumoto emphasizes that such acquisitions are part of a long-term strategy and should not be judged based short-term gains and losses, especially short-term changes in...

©2020 LearnIT (support@pdfchm.net) - Privacy Policy