Join Amazon Prime and ship Two-Day for free and Overnight for $3.99. Already a member? Sign in.
Foundations of Security: What Every Programmer Needs to Know and over 300,000 other books are available for Amazon Kindle – Amazon’s new wireless reading device. Learn more

 

or
Sign in to turn on 1-Click ordering.
 
   
More Buying Choices
66 used & new from $1.85
Have one to sell? Sell yours here
 
   
Foundations of Security: What Every Programmer Needs to Know (Expert's Voice)
 
 
Share your own customer images
Search inside this book
Start reading Foundations of Security: What Every Programmer Needs to Know on your Kindle in under a minute.

Don’t have a Kindle? Get yours here.
 
  

Foundations of Security: What Every Programmer Needs to Know (Expert's Voice) (Paperback)

by Neil Daswani (Author), Christoph Kern (Author), Anita Kesavan (Author)
Key Phrases: creditcards table, malicious page, order confirmation form, Code Red, Internet Explorer, Death Star (more...)
4.5 out of 5 stars See all reviews (8 customer reviews)
List Price: $39.99
Price: $35.99
You Save: $4.00 (10%)
In Stock.
Ships from and sold by Amazon.com. Gift-wrap available.

Want it delivered Monday, July 13? Choose One-Day Shipping at checkout. Details
40 new from $2.80 26 used from $1.85
Also Available in: List Price: Our Price: Other Offers:
Kindle Edition (Kindle Book) $31.99

Frequently Bought Together

Customers buy this book with The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws by Dafydd Stuttard

Foundations of Security: What Every Programmer Needs to Know (Expert's Voice) + The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws
Price For Both: $67.49

Show availability and shipping details

Customers Who Bought This Item Also Bought

19 Deadly Sins of Software Security: Programming Flaws and How to Fix Them (Security One-off)

19 Deadly Sins of Software Security: Programming Flaws and How to Fix Them (Security One-off)

by Michael Howard
4.6 out of 5 stars (12)  $29.70
The Security Development Lifecycle

The Security Development Lifecycle

by Michael Howard
4.5 out of 5 stars (4)  $23.09
Core Security Patterns: Best Practices and Strategies for J2EE(TM), Web Services, and Identity Management (Sun Core Series)

Core Security Patterns: Best Practices and Strategies for J2EE(TM), Web Services, and Identity Management (Sun Core Series)

by Christopher Steel
4.7 out of 5 stars (31)  $44.09
Software Security: Building Security In (Addison-Wesley Software Security Series)

Software Security: Building Security In (Addison-Wesley Software Security Series)

by Gary McGraw
4.9 out of 5 stars (19)  $37.79
Hunting Security Bugs

Hunting Security Bugs

by Tom Gallagher
4.6 out of 5 stars (5)  $44.99
Explore similar items

Related Items

Workflow in the 2007 Microsoft Office System Pro C# with .NET 3.0, Special Edition Microsoft SharePoint: Building Office 2007 Solutions in C# 2005 (Expert's Voice in Sharepoint)
$49.99 $31.49 $59.99 $32.74 $59.99 $34.91

Editorial Reviews

Product Description

Information Technology is for everyone, not just geeks. But that means security is everyone's business, as you will discover in the pages of this excellent book!


— Vinton G. Cerf - a Founding Father of the Internet

This book serves as a great complement to the courses that make up the Stanford Center for Professional Development (SCPD) Security Certification Program. The book explains in detail how to defend against a wide range of attacks, and teaches principles of secure system design.


— Dr. Dan Boneh, Associate Professor, Computer Science and Electrical Engineering, Stanford University

Foundations of Security: What Every Programmer Needs to Know teaches new and current software professionals state-of-the-art software security design principles, methodology, and concrete programming techniques they need to build secure software systems. Once youre enabled with the techniques covered in this book, you can start to alleviate some of the inherent vulnerabilities that make todays software so susceptible to attack. The book uses web servers and web applications as running examples throughout the book.

For the past few years, the Internet has had a "wild, wild west" flavor to it. Credit card numbers are stolen in massive numbers. Commercial web sites have been shut down by Internet worms. Poor privacy practices come to light and cause great embarrassment to the corporations behind them. All these security-related issues contribute at least to a lack of trust and loss of goodwill. Often there is a monetary cost as well, as companies scramble to clean up the mess when they get spotlighted by poor security practices.

It takes time to build trust with users, and trust is hard to win back. Security vulnerabilities get in the way of that trust. Foundations of Security: What Every Programmer Needs To Know helps you manage risk due to insecure code and build trust with users by showing how to write code to prevent, detect, and contain attacks.

  • The lead author cofounded the Stanford Center for Professional Development Computer Security Certification.
  • This book teaches you how to be more vigilant and develop a sixth sense for identifying and eliminating potential security vulnerabilities.
  • Youll receive hands-on code examples for a deep and practical understanding of security.
  • Youll learn enough about security to get the job done.


About the Author

Neil Daswani has served in a variety of research, development, teaching, and managerial roles at Stanford University, DoCoMo USA Labs, Yodlee, and Bellcore (now Telcordia Technologies). His areas of expertise include security, wireless data technology, and peer-to-peer systems. He has published extensively in these areas, frequently gives talks at industry and academic conferences, and has been granted several U.S. patents. He received a Ph.D. and a master's in computer science from Stanford University, and he currently works for Google.
He earned a bachelor's in computer science with honors with distinction from Columbia University.



Christoph Kern is an information security engineer at Google and was previously a senior security architect at Yodlee, a provider of technology solutions to the financial services industry. He has extensive experience in performing security design reviews and code audits, designing and developing secure applications, and helping product managers and software engineers effectively mitigate security risks in their software products.



Anita Kesavan is a freelance writer and received her M.F.A. in creative writing from Sarah Lawrence College. She also holds a bachelor's in English from Illinois-Wesleyan University. She specializes in communicating complex technical ideas in simple, easy-to-understand language.

Product Details

  • Paperback: 320 pages
  • Publisher: Apress (February 16, 2007)
  • Language: English
  • ISBN-10: 1590597842
  • ISBN-13: 978-1590597842
  • Product Dimensions: 9.2 x 6.9 x 0.9 inches
  • Shipping Weight: 1.3 pounds (View shipping rates and policies)
  • Average Customer Review: 4.5 out of 5 stars See all reviews (8 customer reviews)
  • Amazon.com Sales Rank: #270,487 in Books (See Bestsellers in Books)

    •  Would you like to update product info or give feedback on images?
Front Cover | Table of Contents | First Pages | Index | Surprise Me!
Search Inside This Book:
Inside This Book (learn more)
Key Phrases - Statistically Improbable Phrases (SIPs): (learn more)
creditcards table, malicious page, order confirmation form, untrusted data, injection vulnerabilities, salted hash, biometric authentication techniques, click fraud, action token, offline dictionary attack, underlying hash function, asymmetric key cryptography, storing secrets, code excluded, session token, simple web server, overflow vulnerability, attack string, overflow vulnerabilities, malicious web site, template fragment, key disk, image authentication, technological security, password file
Key Phrases - Capitalized Phrases (CAPs): (learn more)
Code Red, Internet Explorer, Death Star, White House, Public Primary Certification Authority Verisign Class, Bank of America, Microsoft Windows, Once Bob
New!
Books on Related Topics | Concordance | Text Stats
Browse Sample Pages:
Front Cover | Table of Contents | First Pages | Index | Surprise Me!
Search Inside This Book:

Books on Related Topics (learn more)
 
 

Tags Customers Associate with This Product

 (What's this?)
Click on a tag to find related items, discussions, and people.
Check the boxes next to the tags you consider relevant or enter your own tags in the field below.
(2)
(1)

Your tags: Add your first tag
 
See most popular tags
Help others find this product — tag it for Amazon search
No one has tagged this product for Amazon search yet. Why not be the first to suggest a search for which it should appear?

Sell a Digital Version of This Book in the Kindle Store

If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store. Learn more
 

Customer Reviews

8 Reviews
5 star:
 (6)
4 star:
 (1)
3 star:    (0)
2 star:
 (1)
1 star:    (0)
 
 
 
 
 
Average Customer Review
4.5 out of 5 stars (8 customer reviews)
 
 
 
 
Share your thoughts with other customers:
Most Helpful Customer Reviews

 
7 of 7 people found the following review helpful:
5.0 out of 5 stars Programming with Security in Mind, April 18, 2007
An excellent book for new programmers. The first part of the book provides a very good overview of security concepts. Chapters 5-10 detail different attacks and their defense. At 290 pages, the authors don't waste the reader's time. Information is well covered with enough detail for most readers.

Throughout the book the authors present code examples on exploits and their defense. Even through the examples are written in different languages, the authors explain the code clearly. The reader doesn't' have to be familiar with the particular language. I haven't written anything in Java in over six years, but had no problem understand the Java examples.

If you are a new programmer or haven't read a book on security recently, this would be the book.
Comment Comment | Permalink | Was this review helpful to you? Yes No (Report this)



 
2 of 2 people found the following review helpful:
4.0 out of 5 stars Just like the title says - this book gives ' foundations ' of security what every programmers needs to know, November 18, 2008
By Pat Choi (L.A., CA United States) - See all my reviews
This book is very well written and easy to understand. I like the selection of software security topics it covers - blending of design principles and methodology with a mix of programming techniques.

Upon completion of the book, the reader should have a good basic computer security foundation.
Comment Comment | Permalink | Was this review helpful to you? Yes No (Report this)



 
10 of 14 people found the following review helpful:
2.0 out of 5 stars Alphabet soup with no practical guidance on security, December 14, 2007
I found this book as a collection of google-able basic material. The book provides zero guidance to a programmer on the basics for how-to implement security in code not just alphabet soup because "the devil is in the details". I wrongly picked this book and now it just fills an odd spot of our IT library as this book has no relevance to a Microsoft or Java programmer or Web 2.0 (J*Script) programmer. With Security taking mainstream in every aspect of programming and every component of IT stack - this book did not provide any confidence to an average developer aspiring to securing SOA or J2EE/.NET application. As a whole, the book reflects poorly on the technical content maybe I am not the intended audience of this book.
Comment Comment | Permalink | Was this review helpful to you? Yes No (Report this)


Share your thoughts with other customers: Create your own review
 
 
 
Most Recent Customer Reviews

5.0 out of 5 stars Wonderful book!
The best security book I have ever come across. If you want to be great programmer in IT security, then go for this bookand it will lift you to greater hights in your professional
Published 1 month ago by Benjamin Mushabe

5.0 out of 5 stars Easy to enjoy
Having an English major as one of the authors makes a big difference. The expertise from the other two reknown authors is communicated in simple, easy-to-understand language.
Published 20 months ago by Alvaro Agudelo

5.0 out of 5 stars Bleeding Edge Security Advice for Programmers
While some of the good security books for software developers need to be updated, this is, in my opinion, a much needed new security book for programmers. Read more
Published on April 15, 2007 by Tom Brown

5.0 out of 5 stars What all developers need to read
Our collective security against threats such as phishing, denial of service and online fraud in general depends not only on our own actions, but also on those of others. Read more
Published on April 2, 2007 by Bjorn M. Jakobsson

5.0 out of 5 stars A must read for every developer!
This book teaches new and current software professionals state-of-the-art software security design principles, methodology, and concrete programming techniques they need to build... Read more
Published on February 19, 2007 by J. Fernandez

Only search this product's reviews


Customer Discussions

 Beta (What's this?)
New! See all customer communities, and bookmark your communities to keep track of them.
This product's forum (0 discussions)
  Discussion Replies Latest Post
  No discussions yet

Ask questions, Share opinions, Gain insight
Start a new discussion
Topic:
First post:
Prompts for sign-in
  [Cancel]


Active discussions in related forums
   

Product Information from the Amapedia Community

Beta (What's this?)

Look for Similar Items by Category

Amazon MP3 Delivers Free Songs

Subscribe to The Amazon MP3 Download newsletter to find out about free song downloads, new releases and hot digital music deals first.
subscribe
  

Big Savings in Books

Bargain Books
Find great titles at fantastic prices in our Bargain Books Store.
 

Dive into Summer Reading

Summer Reading for Kids and Teens
Don't even think about hitting the beach without browsing the books in our Summer Reading Store. Discover bestsellers, paperback picks, beach reads, and more terrific titles all summer long.
 

Best Books

Best of the Month
See our editors' picks and more of the best new books on our Best of the Month page.
  
Ad

 

Feedback

If you need help or have a question for Customer Service, contact us.
 Would you like to update product info or give feedback on images?
Is there any other feedback you would like to provide?

Your comments can help make our site better for everyone.


Where's My Stuff?

Shipping & Returns

Need Help?

Your Recent History

  (What's this?)
You have no recently viewed items or searches.

After viewing product detail pages or search results, look here to find an easy way to navigate back to pages you are interested in.

Look to the right column to find helpful suggestions for your shopping session.
Continue shopping: Top Sellers
Glenn Beck's Common Sense
Glenn Beck's Common Sense by Glenn Beck
3.7 out of 5 stars (227)$6.59
 Glenn Beck's Common Sense
Glenn Beck's Common Sense by Glenn Beck
3.7 out of 5 stars (227)$6.59
 Darkfever
Darkfever by Karen Marie Moning
3.7 out of 5 stars (216)$0.00
 The Adventures of Sherlock Holmes
The Adventures of Sherlock Holmes by Arthur Conan, Sir, 1859-1930 Doyle
5.0 out of 5 stars (5)$0.00

amazon.com Amazon.com Home  |   Directory of All Stores
International Sites:  Canada  |  United Kingdom  |  Germany  |  Japan  |  France  |  China
Business Programs: Sell on Amazon  |  Build an eCommerce Site  |  Advertise With Us  |  Developer Services  |  Self-Publish with Us
Help  |  View Cart  |  Your Account  |  1-Click Settings
Investor Relations  |  Press Releases  |  Careers at Amazon  |  Join Associates  |  Join Advantage
Conditions of Use | Privacy Notice © 1996-2009, Amazon.com, Inc. or its affiliates