Home | Amazing | Today | Tags | Publishers | Years | Account | Search 
The Manager's Guide to Web Application Security: A Concise Guide to the Weaker Side of the Web

Buy

The Manager's Guide to Web Application Security is a concise, information-packed guide to application security risks every organization faces, written in plain language, with guidance on how to deal with those issues quickly and effectively. Often, security vulnerabilities are difficult to understand and quantify because they are the result of intricate programming deficiencies and highly technical issues. Author and noted industry expert Ron Lepofsky breaks down the technical barrier and identifies many real-world examples of security vulnerabilities commonly found by IT security auditors, translates them into business risks with identifiable consequences, and provides practical guidance about mitigating them.

The Manager's Guide to Web Application Security describes how to fix and prevent these vulnerabilities in easy-to-understand discussions of vulnerability classes and their remediation. For easy reference, the information is also presented schematically in Excel spreadsheets available to readers for free download from the publisher’s digital annex. The book is current, concise, and to the point—which is to help managers cut through the technical jargon and make the business decisions required to find, fix, and prevent serious vulnerabilities.

What you’ll learn

  • Executives: Quickly comprehend what the application security team is saying in terms of risk and remediation
  • Security experts: Understand how to express threats in terms of business risk to executives
  • Details about currently relevant vulnerabilities, by vulnerability class and risk level
  • Decision criteria for what type of security audit is required for your environment
  • Downloadable information tables, examples, and reusable forms
  • Information about standards compliance, including appendices that detail relevant standards, such as COBIT5 IT Security, Experian EI3PA Security Audit Standard, and PCI DSS

Who this book is for

The Manager's Guide to Web Application Security is written for senior executives who have to make business decisions about managing the risk of web applications.

Table of Contents

1. Understanding IT Security Risks

2. Types of Web Application Security Testing

3. Web Application Vulnerabilities and the Damage They Can Cause

4. Web Application Vulnerabilities and Countermeasures

5. How to Build Preventative Countermeasures for Web Application Vulnerabilities

6. How to Manage Security on Applications Written by Third Parties

7. Integrating Compliance with Web Application Security

8. How to Create a Business Case Cost for Web Application Security

9. Parting Thoughts

A. COBIT 5 for Information Security

B. Experian EI3PA Security Audit

C. ISO/IEC 17799:2005 and the ISO/IEC 27000:2014 Series

D. North American Energy Council Security Standard for Critical Infrastructure Protection (NERC CIP)

E. NIST 800 Guidelines

F. Payment Card Industry (PCI) Data Security Standard

G. Sarbanes-Oxley Security Compliance Requirements

H. Sources of Information

(HTML tags aren't allowed.)

Head First iPhone and iPad Development: A Learner's Guide to Creating Objective-C Applications for the iPhone and iPad
Head First iPhone and iPad Development: A Learner's Guide to Creating Objective-C Applications for the iPhone and iPad

Let's say you have a killer app idea for iPhone and iPad. Where do you begin? Head First iPhone and iPad Development will help you get your first application up and running in no time. You'll not only learn how to design for Apple's devices, you'll also master the iPhone SDK tools -- including Interface...

Flash Professional CS5 for Windows and Macintosh: Visual QuickStart Guide
Flash Professional CS5 for Windows and Macintosh: Visual QuickStart Guide

Adobe Flash Professional CS5 is the latest version of the enormously popular web design tool. In its original incarnation, Flash gave web designers an efficient way to send artwork and animation over limitedbandwidth connections. Flash’s claim to fame was its ability to deliver vector images over the web, making download times shorter....

The Handbook of Geoscience
The Handbook of Geoscience

Written in an engaging and highly readable style, The Handbook of Geoscience is ideal for students, administrators, legal professionals, non-scientific professionals, and general readers with little or no science background. This handbook is a user-friendly overview of our...


Circuit Analysis II With Matlab Applications
Circuit Analysis II With Matlab Applications

This text is written for use in a second course in circuit analysis. The reader of this book should have the traditional undergraduate knowledge of an introductory circuit analysis material such as Circuit Analysis I with MATLAB® Applications by this author. Another prerequisite would be knowledge of differential equations, and in most...

Front-End Reactive Architectures: Explore the Future of the Front-End using Reactive JavaScript Frameworks and Libraries
Front-End Reactive Architectures: Explore the Future of the Front-End using Reactive JavaScript Frameworks and Libraries

Learn how to use reactive architectures on the front-end. There are many technologies using a reactive approach on the back end, but this book teaches you how the reactive manifesto can be used to benefit your front-end programming as well.

You will discover what reactive programming is, what the current front-end...

Network Innovation through OpenFlow and SDN: Principles and Design
Network Innovation through OpenFlow and SDN: Principles and Design

Software-defined networking (SDN) technologies powered by the OpenFlow protocol provide viable options to address the bandwidth needs of next-generation computer networks. And, since many large corporations already produce network devices that support the OpenFlow standard, there are opportunities for those who can manage complex and...

©2021 LearnIT (support@pdfchm.net) - Privacy Policy