ACDelco Radiators & Heating Components Shop Men's Watches Cloud Drive Photos nav_sap_plcc_6M_fly_beacon Jana Kramer belkin All-New Fire TV Stick with Voice Remote Grocery Introducing Handmade Find the Best Purina Pro Plan for Your Pet Amazon Gift Card Offer wdftv wdftv wdftv  Amazon Echo Starting at $49.99 Kindle Voyage Nintendo Digital Games Shop Now STEM Toys & Games
Profile for John Jansen > Reviews


John Jansen's Profile

Customer Reviews: 1
Top Reviewer Ranking: 31,386,545
Helpful Votes: 7

Community Features
Review Discussion Boards
Top Reviewers

Guidelines: Learn more about the ins and outs of Your Profile.

Reviews Written by
John Jansen RSS Feed (Seattle, WA United States)

Page: 1
Hunting Security Bugs (Developer Reference)
Hunting Security Bugs (Developer Reference)
by Tom Gallagher
Edition: Paperback
28 used & new from $1.77

7 of 7 people found the following review helpful
4.0 out of 5 stars Finally something more than a checklist, February 5, 2007
As with other reviewers of the book: in an attempt at full disclosure, I also work at Microsoft. I am a Test Lead in the Office organization.

One of the challenges that faces any quality assurance engineer or Test engineer, or whatever our industry has chosen to call us this year is that we are constantly tasked with trying to "test in security" or "find the flaws in the product" after it has already been coded. While this is clearly a PART of our jobs, it is by no means the most important part. This book addresses what I consider to be a much higher priority for the Test Org generally, and Test Engineers specifically: helping reduce security vulnerabilities before they are coded into the product to begin with: as features are being spec'd and as code is being designed.
This book is not a simple check-list testers can use to say "Yes, my feature is secure, Ship It". Rather, it helps place Test into the frame of mind of a hacker, it gives test a set of tools to help find security issues, it outlines an approach to software Test that will cause fewer security issues to be coded at all, let alone have to be fixed post code-complete (or in a Service Pack). Used in conjunction with other test books like _How to Break Software Security_ by James A. Whittaker, this book will help ship more secure products.
Incidentally, I expect hackers will be reading this book in an effort to better understand the science of hunting security bugs, as well as the tools we use to do so - so if you're not using it, I'd expect your attackers will be thankful...

Page: 1