24 Deadly Sins of Software Security and over one million other books are available for Amazon Kindle. Learn more
Buy New
$26.72
Qty:1
  • List Price: $52.00
  • Save: $25.28 (49%)
FREE Shipping on orders over $35.
Only 1 left in stock (more on the way).
Ships from and sold by Amazon.com.
Gift-wrap available.
Add to Cart
Want it Friday, April 18? Order within and choose One-Day Shipping at checkout. Details
Trade in your item
Get a $6.38
Gift Card.
Have one to sell?
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See all 2 images

24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them Paperback

ISBN-13: 978-0071626750 ISBN-10: 0071626751 Edition: 1st

See all 2 formats and editions Hide other formats and editions
Amazon Price New from Used from Collectible from
Kindle
"Please retry"
Paperback
"Please retry"
$26.72
$20.00 $14.35

Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student



Frequently Bought Together

24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them + Software Security: Building Security In + Writing Secure Code (2nd Edition) (Developer Best Practices)
Price for all three: $103.04

Buy the selected items together

NO_CONTENT_IN_FEATURE

Sell Your Books
Get up to 75% back when you sell your books on Amazon. Ship your books for free and get Amazon.com Gift Cards. Learn more.

Product Details

  • Paperback: 432 pages
  • Publisher: McGraw-Hill Osborne Media; 1 edition (September 3, 2009)
  • Language: English
  • ISBN-10: 0071626751
  • ISBN-13: 978-0071626750
  • Product Dimensions: 9.2 x 7.3 x 0.9 inches
  • Shipping Weight: 1.6 pounds (View shipping rates and policies)
  • Average Customer Review: 4.4 out of 5 stars  See all reviews (7 customer reviews)
  • Amazon Best Sellers Rank: #140,751 in Books (See Top 100 in Books)

Editorial Reviews

About the Author

Michael Howard is is a principal security program manager on the Trustworthy Computing Group’s Security Engineering team at Microsoft. He is the author or coauthor of many well-known software security books and is an editor of IEEE Security & Privacy.

David LeBlanc, Ph.D., is a principal software development engineer on the Microsoft Office security team. He is a coauthor, with Michael Howard, of Writing Secure Code (Microsoft Press).

John Viega is CTO of the SaaS Business Unit at McAfee and was previously their chief security architect. He is the author of five other security books. Mr. Viega first defined the 19 deadly sins of software security for the Department of Homeland Security.


More About the Authors

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

4.4 out of 5 stars
Share your thoughts with other customers

Most Helpful Customer Reviews

6 of 7 people found the following review helpful By Mike on August 9, 2010
Format: Paperback Verified Purchase
24 Deadly Sins carries on in the great tradition of the original 19 Deadly Sins but has expanded to cover problems that have developed since then as well as added coverage for more programing languages. It serves as a great introduction to the most common problems in software development that lead to security issues without getting bogged down in the weeds on any of them. It does not go into a great deal of detail so if that is what you are looking for this isn't the book you want but it does do what it sets out to do.

The organization of the book lends itself to a straight read through and as a jump around reference to cover the problems you need to look at when you need to look at them. Most chapters stand alone quite well and most references to other chapters are about closely related sins. It describes the basics of the problem, goes into more detail and helps you try to spot the problem in various languages. It covers some of the ways you can avoid the problems and provides additional remediation if available.

The book lends itself to being a decent text book on software security problems and its basic structure is not a bad approach to an introduction to the topic. I've been teaching an introduction to secure development class for a couple of years that was mostly based on the original book and I'm finishing updating that to the new 24 Deadly Sins breakdown.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
1 of 1 people found the following review helpful By Codemonkey on November 12, 2013
Format: Paperback Verified Purchase
Originally stumbled across a copy of 19 Deadly Sins in a half price bookstore and found myself thoroughly engrossed. When I discovered there was a second edition with even more information, I was all over it.

Software Security is a topic that all too often gets overlooked in the development process. That does a disservice to the client, the product, the developer and the company and not just for the obvious reasons. You see the same thought processes and practices which are required to build secure software also result in cleaner, less buggy, higher quality code. Wins all round.

This book covers multiple common types of security vulnerability, explaining what, why and how and giving examples of the problems and ways to mitigate / avoid them in multiple languages. More importantly, it gets you thinking about these important issues and about the quality of your code in general.

The book can be read cover to cover or you can cherry-pick the section(s) that are relevant (or which simply catch your interest) at any given time. Personally I prefer the latter as I absorb information better when I am particularly interested in the topic at hand.

This book has something for every software engineer, no matter what you work on. Highly recommended food for thought. :)
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
1 of 1 people found the following review helpful By Jose A. Villegas on December 24, 2012
Format: Paperback Verified Purchase
The authors definitely know about software vulnerabilities due mostly in part by mistakes made during software development and coding processes. Their recommendations are very effective and I am very satisfied with my purchase.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
1 of 1 people found the following review helpful By W. Conklin on December 6, 2011
Format: Paperback Verified Purchase
This book is the update to the 19 Deadly Sins, and does a tremendous job summarizing the information needed to understand the types of errors prevalent in software today. This is not a book with all the details behind the causes, fixes, etc. For those details, I would refer my students (and do) to Michael's other great book "Writing Secure Code, Second Edition". And for process related material, "The Security Development Lifecycle".

Howard is the real deal, a straight shooter and known for telling it like it is. This book is no different - no fluff, no extraneous material, just the stuff every project manager of a software development effort should know, so they know what to ask of their team.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Product Images from Customers

Search
ARRAY(0xa2f3f360)