The Manager's Guide to Web Application Security - Ron Lepofsky

The Manager's Guide to Web Application Security

A Concise Guide to the Weaker Side of the Web

(Autor)

Buch | Softcover
232 Seiten
2014 | 1st ed.
Apress (Verlag)
978-1-4842-0149-7 (ISBN)
106,99 inkl. MwSt
The Manager's Guide to Web Application Security is a concise, information-packed guide to application security risks every organization faces, written in plain language, with guidance on how to deal with those issues quickly and effectively. Often, security vulnerabilities are difficult to understand and quantify because they are the result of intricate programming deficiencies and highly technical issues. Author and noted industry expert Ron Lepofsky breaks down the technical barrier and identifies many real-world examples of security vulnerabilities commonly found by IT security auditors, translates them into business risks with identifiable consequences, and provides practical guidance about mitigating them.

The Manager's Guide to Web Application Security describes how to fix and prevent these vulnerabilities in easy-to-understand discussions of vulnerability classes and their remediation. For easy reference, the information is also presented schematically in Excel spreadsheets available to readers for free download from the publisher’s digital annex. The book is current, concise, and to the point—which is to help managers cut through the technical jargon and make the business decisions required to find, fix, and prevent serious vulnerabilities.

Ron Lepofsky is the president of ERE Information Security Auditors, which he founded in 2000. He holds the CISSP and CISM security certifications and a degree in mechanical engineering from the University of Toronto. He has extensive experience managing the web application security audit process, advising senior management on remediating security weaknesses, and translating the technical findings of his auditor teams into actionable terms for management.

1. Understanding IT Security Risks 2. Types of Web Application Security Testing 3. Web Application Vulnerabilities and the Damage They Can Cause 4. Web Application Vulnerabilities and Countermeasures 5. How to Build Preventative Countermeasures for Web Application Vulnerabilities 6. How to Manage Security on Applications Written by Third Parties 7. Integrating Compliance with Web Application Security 8. How to Create a Business Case Cost for Web Application Security 9. Parting Thoughts A. COBIT 5 for Information Security B. Experian EI3PA Security Audit C. ISO/IEC 17799:2005 and the ISO/IEC 27000:2014 Series D. North American Energy Council Security Standard for Critical Infrastructure Protection (NERC CIP) E. NIST 800 Guidelines F. Payment Card Industry (PCI) Data Security Standard G. Sarbanes-Oxley Security Compliance Requirements H. Sources of Information

Erscheint lt. Verlag 19.12.2014
Zusatzinfo 11 Illustrations, black and white; XX, 232 p. 11 illus.
Verlagsort Berkley
Sprache englisch
Maße 178 x 254 mm
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Informatik Theorie / Studium Kryptologie
Informatik Theorie / Studium Künstliche Intelligenz / Robotik
Mathematik / Informatik Informatik Web / Internet
Schlagworte Internet-Security • Web Apps
ISBN-10 1-4842-0149-3 / 1484201493
ISBN-13 978-1-4842-0149-7 / 9781484201497
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich
Das Lehrbuch für Konzepte, Prinzipien, Mechanismen, Architekturen und …

von Norbert Pohlmann

Buch | Softcover (2022)
Springer Vieweg (Verlag)
34,99
Management der Informationssicherheit und Vorbereitung auf die …

von Michael Brenner; Nils gentschen Felde; Wolfgang Hommel

Buch (2024)
Carl Hanser (Verlag)
69,99

von Chaos Computer Club

Buch | Softcover (2024)
KATAPULT Verlag
28,00