Automotive Deals HPCC Amazon Fashion Learn more nav_sap_plcc_ascpsc Pink Floyd Fire TV Stick Sun Care Handmade school supplies Shop-by-Room Amazon Cash Back Offer TarantinoCollection TarantinoCollection TarantinoCollection  Amazon Echo  Echo Dot  Amazon Tap  Echo Dot  Amazon Tap  Amazon Echo Introducing new colors All-New Kindle Oasis AutoRip in CDs & Vinyl Segway miniPro
Customer Review

5 of 5 people found the following review helpful
5.0 out of 5 stars Just get it!There is nothing that compares to it., March 8, 2004
This review is from: Improving Web Application Security: Threats and Countermeasures (Paperback)
If you are designing, building and deploying Web based applications using Microsoft's .NET Framework run and get this book. Currently, there is no other book that can match the breath and depth of the topic covered in this book.
Contrary to what the title may imply, in addition to ASP.NET this book also covers how security should be addressed in the building of Serviced components, Web Services and Remoting. The chapters on Code Access Security are among the clearest that can be found anywhere.
This book takes a holistic approach to Security in that it addresses threats to the network, host and application layers. The old adage of a chain is only as strong as its weakest link is taken to heart in the book so guidance is provided on how security should be addressed across tiers and at multiple layers. Secure app development across the entire software development and deployment lifecycle is considered within the scope of this book.
In addition to Secure Coding guidelines, Extensive guidelines are provided that show how the Network, Web Server, Application Server and Database Server should be secured.
One of the things that I like about this book is that the guidance that is provided is task and role based. So even though the book is 800+ pages, it can be very easily used as a ready reference.
Multiple checklists that deal with Design, Build, Securing and Assessment are given and can be used out of the box.
In short, don't wait. Go get it now!
From the book's introduction:
Part I, "Introduction to Threats and Countermeasures," identifies and illustrates the various threats facing the network, host, and application layers. The process of threat modeling helps you to identify those threats that can harm your application. By understanding these threats, you can identify and prioritize effective countermeasures.
Part II, "Designing Secure Web Applications," gives you the guidance you require to design secure Web applications. Even if you have deployed your application, we recommend that you examine and evaluate the concepts, principles, and techniques outlined in this part.
Part III, "Building Secure Web Applications," allows you to apply the secure design practices introduced in Part II to create secure implementations. You will learn defensive coding techniques that make your code and application resilient to attack.
Part IV, "Securing Your Network, Host, and Application," describes how you will apply security configuration settings to secure these three interrelated levels. Instead of applying security randomly, you will learn the rationale behind the security recommendations.
Part V, "Assessing Your Security," provides the tools you require to evaluate the success of your security efforts. Starting with the application, you'll take an inside-out approach to evaluating your code and design. You'll follow this with an outside-in view of the security risks that challenge your network, host and application.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No

Be the first person to comment on this review.

[Add comment]
Post a comment
To insert a product link use the format: [[ASIN:ASIN product-title]] (What's this?)
Amazon will display this name with all your submissions, including reviews and discussion posts. (Learn more)
Name:
Badge:
This badge will be assigned to you and will appear along with your name.
There was an error. Please try again.
Please see the full guidelines here.

Official Comment

As a representative of this product you can post one Official Comment on this review. It will appear immediately below the review wherever it is displayed.   Learn more
The following name and badge will be shown with this comment:
 (edit name)
After clicking the Post button you will be asked to create your public name, which will be shown with all your contributions.

Is this your product?

If you are the author, artist, manufacturer or an official representative of this product, you can post an Official Comment on this review. It will appear immediately below the review wherever it is displayed.  Learn more
Otherwise, you can still post a regular comment on this review.

Is this your product?

If you are the author, artist, manufacturer or an official representative of this product, you can post an Official Comment on this review. It will appear immediately below the review wherever it is displayed.   Learn more
 
System timed out

We were unable to verify whether you represent the product. Please try again later, or retry now. Otherwise you can post a regular comment.

Since you previously posted an Official Comment, this comment will appear in the comment section below. You also have the option to edit your Official Comment.   Learn more
The maximum number of Official Comments have been posted. This comment will appear in the comment section below.   Learn more
Prompts for sign-in
  [Cancel]


Review Details

Item

Reviewer

Anil John
(REAL NAME)   

Location: Columbia, MD USA

Top Reviewer Ranking: 40,018,476