Testing Code Security - Maura A. van der Linden

Testing Code Security

Buch | Softcover
328 Seiten
2019
CRC Press (Verlag)
978-0-367-38901-7 (ISBN)
69,95 inkl. MwSt
The huge proliferation of security vulnerability exploits, worms, and viruses place an incredible drain on both cost and confidence for manufacturers and consumers. The release of trustworthy code requires a specific set of skills and techniques, but this information is often dispersed and decentralized, encrypted in its own jargon and terminology, and can take a colossal amount of time and data mining to find.

Written in simple, common terms, Testing Code Security is a consolidated resource designed to teach beginning and intermediate testers the software security concepts needed to conduct relevant and effective tests. Answering the questions pertinent to all testing procedures, the book considers the differences in process between security testing and functional testing, the creation of a security test plan, the benefits and pitfalls of threat-modeling, and the identification of root vulnerability problems and how to test for them. The book begins with coverage of foundation concepts, the process of security test planning, and the test pass. Offering real life examples, it presents various vulnerabilities and attacks and explains the testing techniques appropriate for each. It concludes with a collection of background overviews on related topics to fill common knowledge gaps. Filled with cases illustrating the most common classes of security vulnerabilities, the book is written for all testers working in any environment, and it gives extra insight to threats particular to Microsoft Windows® platforms.

Providing a practical guide on how to carry out the task of security software testing, Testing Code Security gives the reader the knowledge needed to begin testing software security for any project and become an integral part in the drive to produce better software security and safety.

van der Linden, Maura A.

Introduction, Security Vocabulary, Software Testing and Changes in the Security Landscape, All Trust Is Misplaced, Security Testing Considerations, Threat Modeling and Risk Assessment Processes, Personas and Testing, Security Test Planning, Sample Security Considerations, Vulnerability Case Study - Brute Force Browsing, Vulnerability Case Study - Buffer Overruns, Vulnerability Case Study - Cookie Tampering, Vulnerability Case Study: Cross-Site Scripting (XSS), Vulnerability Case Study: Denial of Service/Distributed Denial of Service, Vulnerability Case Study: Format String Vulnerabilities, Vulnerability Case Study: Integer Overflows and Underflows, Vulnerability Case Study: Man-in-the-Middle Attacks, Vulnerability Case Study - Password Cracking, Vulnerability Case Study - Session Hijacking, Vulnerability Case Study - Spoofing Attacks, Vulnerability Case Study - SQL Injection, Fuzz Testing, Background - Cryptography, Background - Firewalls, Background - OSI Network Model, Background - Proxy Servers, Background - TCP/IP and Other Networking Protocols, Background - Test Case Outlining (TCO), Additional Sources of Information, Index

Erscheinungsdatum
Verlagsort London
Sprache englisch
Maße 156 x 234 mm
Gewicht 1050 g
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Mathematik / Informatik Informatik Programmiersprachen / -werkzeuge
Mathematik / Informatik Informatik Software Entwicklung
Mathematik / Informatik Informatik Theorie / Studium
Recht / Steuern Privatrecht / Bürgerliches Recht IT-Recht
ISBN-10 0-367-38901-0 / 0367389010
ISBN-13 978-0-367-38901-7 / 9780367389017
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich
Das Lehrbuch für Konzepte, Prinzipien, Mechanismen, Architekturen und …

von Norbert Pohlmann

Buch | Softcover (2022)
Springer Vieweg (Verlag)
34,99
Management der Informationssicherheit und Vorbereitung auf die …

von Michael Brenner; Nils gentschen Felde; Wolfgang Hommel

Buch (2024)
Carl Hanser (Verlag)
69,99

von Chaos Computer Club

Buch | Softcover (2024)
KATAPULT Verlag
28,00