The Manager's Guide to Web Application Security - Ron Lepofsky

The Manager's Guide to Web Application Security (eBook)

A Concise Guide to the Weaker Side of the Web

(Autor)

eBook Download: PDF
2014 | 1st ed.
XX, 232 Seiten
Apress (Verlag)
978-1-4842-0148-0 (ISBN)
Systemvoraussetzungen
99,99 inkl. MwSt
  • Download sofort lieferbar
  • Zahlungsarten anzeigen

The Manager's Guide to Web Application Security is a concise, information-packed guide to application security risks every organization faces, written in plain language, with guidance on how to deal with those issues quickly and effectively. Often, security vulnerabilities are difficult to understand and quantify because they are the result of intricate programming deficiencies and highly technical issues. Author and noted industry expert Ron Lepofsky breaks down the technical barrier and identifies many real-world examples of security vulnerabilities commonly found by IT security auditors, translates them into business risks with identifiable consequences, and provides practical guidance about mitigating them.

The Manager's Guide to Web Application Security describes how to fix and prevent these vulnerabilities in easy-to-understand discussions of vulnerability classes and their remediation. For easy reference, the information is also presented schematically in Excel spreadsheets available to readers for free download from the publisher’s digital annex. The book is current, concise, and to the point—which is to help managers cut through the technical jargon and make the business decisions required to find, fix, and prevent serious vulnerabilities.



Ron Lepofsky is the president of ERE Information Security Auditors, which he founded in 2000. He holds the CISSP and CISM security certifications and a degree in mechanical engineering from the University of Toronto. He has extensive experience managing the web application security audit process, advising senior management on remediating security weaknesses, and translating the technical findings of his auditor teams into actionable terms for management.
The Manager's Guide to Web Application Security is a concise, information-packed guide to application security risks every organization faces, written in plain language, with guidance on how to deal with those issues quickly and effectively. Often, security vulnerabilities are difficult to understand and quantify because they are the result of intricate programming deficiencies and highly technical issues. Author and noted industry expert Ron Lepofsky breaks down the technical barrier and identifies many real-world examples of security vulnerabilities commonly found by IT security auditors, translates them into business risks with identifiable consequences, and provides practical guidance about mitigating them.The Manager's Guide to Web Application Security describes how to fix and prevent these vulnerabilities in easy-to-understand discussions of vulnerability classes and their remediation. For easy reference, the information is also presented schematically in Excel spreadsheets available to readers for free download from the publisher’s digital annex. The book is current, concise, and to the point—which is to help managers cut through the technical jargon and make the business decisions required to find, fix, and prevent serious vulnerabilities.

Ron Lepofsky is the president of ERE Information Security Auditors, which he founded in 2000. He holds the CISSP and CISM security certifications and a degree in mechanical engineering from the University of Toronto. He has extensive experience managing the web application security audit process, advising senior management on remediating security weaknesses, and translating the technical findings of his auditor teams into actionable terms for management.

1. Understanding IT Security Risks2. Types of Web Application Security Testing3. Web Application Vulnerabilities and the Damage They Can Cause4. Web Application Vulnerabilities and Countermeasures5. How to Build Preventative Countermeasures for Web Application Vulnerabilities6. How to Manage Security on Applications Written by Third Parties7. Integrating Compliance with Web Application Security8. How to Create a Business Case Cost for Web Application Security9. Parting ThoughtsA. COBIT 5 for Information SecurityB. Experian EI3PA Security AuditC. ISO/IEC 17799:2005 and the ISO/IEC 27000:2014 SeriesD. North American Energy Council Security Standard for Critical Infrastructure Protection (NERC CIP)E. NIST 800 GuidelinesF. Payment Card Industry (PCI) Data Security StandardG. Sarbanes-Oxley Security Compliance RequirementsH. Sources of Information

Erscheint lt. Verlag 26.12.2014
Zusatzinfo XX, 232 p. 11 illus.
Verlagsort Berkeley
Sprache englisch
Themenwelt Informatik Theorie / Studium Kryptologie
Mathematik / Informatik Informatik Web / Internet
ISBN-10 1-4842-0148-5 / 1484201485
ISBN-13 978-1-4842-0148-0 / 9781484201480
Haben Sie eine Frage zum Produkt?
PDFPDF (Wasserzeichen)
Größe: 1,8 MB

DRM: Digitales Wasserzeichen
Dieses eBook enthält ein digitales Wasser­zeichen und ist damit für Sie persona­lisiert. Bei einer missbräuch­lichen Weiter­gabe des eBooks an Dritte ist eine Rück­ver­folgung an die Quelle möglich.

Dateiformat: PDF (Portable Document Format)
Mit einem festen Seiten­layout eignet sich die PDF besonders für Fach­bücher mit Spalten, Tabellen und Abbild­ungen. Eine PDF kann auf fast allen Geräten ange­zeigt werden, ist aber für kleine Displays (Smart­phone, eReader) nur einge­schränkt geeignet.

Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen dafür einen PDF-Viewer - z.B. den Adobe Reader oder Adobe Digital Editions.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen dafür einen PDF-Viewer - z.B. die kostenlose Adobe Digital Editions-App.

Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.

Mehr entdecken
aus dem Bereich
Kryptographie und Geschichte

von Wolfgang Killmann; Winfried Stephan

eBook Download (2024)
Springer Berlin Heidelberg (Verlag)
39,99