Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.

  • Apple
  • Android
  • Windows Phone
  • Android

To get the free app, enter your email address or mobile phone number.

Web Application Defender's Cookbook: Battling Hackers and Protecting Users 1st Edition

4 out of 5 stars 6 customer reviews
ISBN-13: 978-1118362181
ISBN-10: 1118362187
Why is ISBN important?
ISBN
This bar-code number lets you verify that you're getting exactly the right version or edition of a book. The 13-digit and 10-digit formats both work.
Scan an ISBN with your phone
Use the Amazon App to scan ISBNs and compare prices.
Have one to sell? Sell on Amazon
Rent On clicking this link, a new layer will be open
$13.60 On clicking this link, a new layer will be open
Buy used On clicking this link, a new layer will be open
$20.50 On clicking this link, a new layer will be open
Buy new On clicking this link, a new layer will be open
$33.99 On clicking this link, a new layer will be open
More Buying Choices
42 New from $1.89 28 Used from $1.88
Free Two-Day Shipping for College Students with Amazon Student Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student


Amazon Book Review
The Amazon Book Review
Discover what to read next through the Amazon Book Review. Learn more.
$33.99 FREE Shipping. Only 6 left in stock (more on the way). Ships from and sold by Amazon.com. Gift-wrap available.
click to open popover

Frequently Bought Together

  • Web Application Defender's Cookbook: Battling Hackers and Protecting Users
  • +
  • The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws
  • +
  • The Browser Hacker's Handbook
Total price: $118.79
Buy the selected items together

Editorial Reviews

Review

For those that want to ensure their web sites are as secure as possible, their developers should certainly implement the delicious recipes in Web Application Defender's Cookbook. (RSA Conference, Jan 2013)

From the Back Cover

100+ recipes to improve your defenses

Are your web applications secure? Do you know how to lock down new web applications when they are placed into production? Do you know if attackers are trying to break into your site and steal data or cause other harm? The solutions in this book provide answers to these critical questions and increase your ability to thwart malicious activity within your web applications.

Each recipe includes background data explaining how the attack works, an ingredients list, and step-by-step directions. You'll learn how to prepare for attacks, analyze web transactions for malicious activity, and respond with the best solutions. ModSecurity, a versatile, open source web application firewall module for Apache, Microsoft IIS, and Nginx web server platforms, is used to demonstrate each defensive technique.

Learn to:

  • Implement full HTTP auditing for incident response
  • Utilize virtual patching processes to remediate identified vulnerabilities
  • Deploy web tripwires (honeytraps) to identify malicious users
  • Detect when users are acting abnormally
  • Analyze uploaded files and web content for malware
  • Recognize when web applications leak sensitive user or technical data
  • Respond to attacks with varying levels of force
NO_CONTENT_IN_FEATURE


Product Details

  • Paperback: 552 pages
  • Publisher: Wiley; 1 edition (December 10, 2012)
  • Language: English
  • ISBN-10: 1118362187
  • ISBN-13: 978-1118362181
  • Product Dimensions: 7.4 x 1.2 x 9.3 inches
  • Shipping Weight: 1.8 pounds (View shipping rates and policies)
  • Average Customer Review: 4.0 out of 5 stars  See all reviews (6 customer reviews)
  • Amazon Best Sellers Rank: #379,868 in Books (See Top 100 in Books)

Customer Reviews

Top Customer Reviews

Format: Paperback Verified Purchase
The description seemed misleading. This book dedicates its entirety to apache modsecurity. Any and all of the defenses are with modsecurity.

So, 5 stars if you wanted a book on modsecurity. I obviously did not.

The defenses were basic and probably well written out, if you use modsecurity and need help understanding it. I personally have no use for this book and a complete waste of money.

Most of us would think 'web application' as our program we built as a web application. Apache is a webserver. I was hoping for a book that might have extra guidelines or thoughts on adding great things to your web apps to defend them.

This book does none of that for me.

So, if you are not looking for mod security info, do not waste money. Seller should add 'modsecurity' only and possibly renamed the book as 'Modsecurity used to defend web apps' or something.

buyer beware.

to top it off, this book is not 'new'...it has scratches all over the cover. If it is new then it was damaged from shipping...

EDIT: I have contacted wiley and a rep will be getting back to me about changing this description from 'great techniques AND some madsecurity code' to 'modsecurity techniques only'

Don't be misled by the small blurb about mod_security...this is all the book is, pure mod_Security.

Personally, if you want to use mod_Security I would highly recommend this book..but if you are looking for this as a companion to the hackers handbooks to beef up your web app security, then you will be completely disappointed and out 30 bucks.
5 Comments 42 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Paperback
While far from scientific, a search of web application security vulnerabilities returns over 2,600,000 results. However you search for it, web applications need to be secured, and insecure web applications are a major problem.

In Web Application Defender's Cookbook: Battling Hackers and Protecting Users, author Ryan Barnett provides a highly technical resource for web application developers. All of the over 100 recipes are valuable tips on how to secure web applications.

In the forward to the book, Jeremiah Grossman of WhiteHat Security writes that a web defenders success comes down to understanding a few key points. One of those points is that defenders will find themselves responsible for protecting web suites they did not create and have little or no insight into or control over. That and Grossman's other observations highlight the imperative for organization to ensure that web application security is made an imperative.

Part of the challenge is that today's web sites are becoming more complex, with many interrelated connection, protocol and technologies. While many network infrastructures are a lot more secure; if web applications are not completely locked down, patched and secured, they are simply targets for attackers.

And the challenge is that even if a network is secured, it will still likely allow web traffic to pass through, given that http is perceived as friendly. And given that there is a lot that a firewall can't do; web application defense is a must-have item.
The reality is that securing web sites is difficult. But for those that want to ensure their web sites are as secure as possible, their developers should certainly implement the delicious recipes in Web Application Defender's Cookbook: Battling Hackers and Protecting Users.
Comment 7 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Paperback
It focuses a great deal on Mod Security for Apache; in some ways I wish it could be a bit more diversified.

I found the first part about measuring security to be very useful. It is beneficial to move beyond shock and awe when reporting about security to management. This book provides a way for real numbers that represent the validity of your security efforts.
Comment One person found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse

Set up an Amazon Giveaway

Web Application Defender's Cookbook: Battling Hackers and Protecting Users
Amazon Giveaway allows you to run promotional giveaways in order to create buzz, reward your audience, and attract new followers and customers. Learn more
This item: Web Application Defender's Cookbook: Battling Hackers and Protecting Users