Home | Amazing | Today | Tags | Publishers | Years | Account | Search 
Secure Programming with Static Analysis (Addison-Wesley Software Security Series)

Buy
The First Expert Guide to Static Analysis for Software Security!

 

Creating secure code requires more than just good intentions. Programmers need to know that their code will be safe in an almost infinite number of scenarios and configurations. Static source code analysis gives users the ability to review their work with a fine-toothed comb and uncover the kinds of errors that lead directly to security vulnerabilities. Now, there’s a complete guide to static analysis: how it works, how to integrate it into the software development processes, and how to make the most of it during security code review. Static analysis experts Brian Chess and Jacob West look at the most common types of security defects that occur today. They illustrate main points using Java and C code examples taken from real-world security incidents, showing how coding errors are exploited, how they could have been prevented, and how static analysis can rapidly uncover similar mistakes. This book is for everyone concerned with building more secure software: developers, security engineers, analysts, and testers.

 

About the Author


Brian Chess is a founder of Fortify Software. He currently serves as Fortify’s Chief Scientist, where his work focuses on practical methods for creating secure systems. Brian holds a Ph.D. in Computer Engineering from the University of California at Santa Cruz, where he studied the application of static analysis to the problem of finding security-relevant defects in source code. Before settling on security, Brian spent a decade in Silicon Valley working at huge companies and small startups. He has done research on a broad set of topics, ranging from integrated circuit design all the way to delivering software as a service. He lives in Mountain View, California.

 

Jacob West manages Fortify Software’s Security Research Group, which is responsible for building security knowledge into Fortify’s products. Jacob brings expertise in numerous programming languages, frameworks, and styles together with knowledge about how real-world systems can fail. Before joining Fortify, Jacob worked with Professor David Wagner at the

University of California at Berkeley to develop MOPS (MOdel Checking Programs for Security properties), a static analysis tool used to discover security vulnerabilities in C programs. When he is away from the keyboard, Jacob spends time speaking at conferences and working with customers to advance their understanding of software security. He lives in San Francisco, California.

(HTML tags aren't allowed.)

Immune Response and the Eye (Chemical Immunology and Allergy)
Immune Response and the Eye (Chemical Immunology and Allergy)

In memory of J. Wayne Streilein, the pioneer in ocular immunology The second edition of Immune >Response and the Eye' highlights recent insights into the >dangerous compromise' between the immune system and the eye, which protects the eye against pathogens while limiting inflammation and immune-mediated injury to ocular tissues...

Mechanical and Spatial Aptitude
Mechanical and Spatial Aptitude

The ability to understand and use mechanical devices is critical for a job in many fields.Whether you decide to enter the military, apply for a government job, or take a job in private industry, you’ll have to take an entrance test that determines your skills and abilities. The military requires that all candidates take the ASVAB (Armed...

MongoDB: The Definitive Guide
MongoDB: The Definitive Guide

Manage the huMONGOus amount of data collected through your web application with MongoDB. This authoritative introduction—written by a core contributor to the project—shows you the many advantages of using document-oriented databases, and demonstrates how this reliable, high-performance system allows for almost infinite...


Advanced Statistical Steganalysis (Information Security and Cryptography)
Advanced Statistical Steganalysis (Information Security and Cryptography)

Steganography and steganalysis, the hiding and detection of a covert payload within an innocent cover object, started to receive attention from the computer science, engineering, and mathematics communities in the 1990s. At first the problems were not clearly defined, but proper statistical foundations were proposed and mathematical...

Categorical Data Analysis With Sas and Spss Applications
Categorical Data Analysis With Sas and Spss Applications

This book is primarily designed for a senior undergraduate class in Categorical Data Analysis and for majors in biomedical, biostatistics and statistics programs, but can also be used as reference text for researchers working in the area, and /or for an introductory text in a graduate course on the subject. A prerequisite of a one year...

Markovian Demand Inventory Models (International Series in Operations Research & Management Science)
Markovian Demand Inventory Models (International Series in Operations Research & Management Science)

Inventory management is concerned with matching supply with demand and a central problem in Operations Management. The problem is to find the amount to be produced or purchased in order to maximize the total expected profit or minimize the total expected cost. Over the past two decades, several variations of the formula appeared, mostly in trade...

©2021 LearnIT (support@pdfchm.net) - Privacy Policy