HACKING EXPOSED WEB APPLICATIONS 3E

作者 Joel Scambray著Vincent Liu著Caleb Sima著
出版社 McGraw-Hill Osborne Media
出版时间 2010年10月第3版
ISBN 9780071740647
定价 539.50

内容简介

Thisfullyupdatedbestsellercoversthelatestwebapplicationexploitationtechniquesandtheirprovencountermeasures"HackingExposed:WebApplications,ThirdEdition"showsyouhowtomeetthechallengesofonlinesecuritywiththetwo-pronged"attack-countermeasure"approach.TheThirdEditionprovidesleading-edgeupdatestoexploitationtechniques,aswellasnewchapterscoveringindustry-widethreatsandcountermeasures,suchaswebapplicationhacking,phishing,andpreventativewebsitedevelopmentpractices.ThisdefinitiveguideisorganizedaccordingtotheinternationallybestsellingHackingExposedmethodology,progressingfromreconnaissanceofthetargetthroughexploitationofcommonmisconfigurationsandsoftwareflaws.Anecdotesandpersonalexperiencesareinterspersedthroughouttoreinforcetherelevanceandseverityofspecificvulnerabilities.Basedontheauthor'smanyyearsasasecurityprofessionalhiredtobreakintotheworld'slargestITinfrastructures,thetechniquespresentedinthisbookwillimprovethesecurityofonlinebusiness."HackingExposed:WebApplications,ThirdEdition"CoversnewwebapplicationandphishingtechniquesaswellasbestpracticesinpreventingwebattacksIncludesnewcasestudiesandexamplesbasedonauthor'sexpertiseworkingwithglobalclientsOffersseasonedinsightintothecoresecurityissuesthatplagueonlinebusinessplatformsofallsizesProvidesprovenstrategiestoprevent,detect,andremediatecommonweaknessesandmaintainrock-solidsecurityforthelongtermAll-inclusivecoverage:HackingWebApps101;Profiling;HackingWebPlatforms;AttackingWebAuthentication;AttackingSessionManagement;InputInjectionAttacks;AttackingXMLWebServices;AttackingWebApplicationDevelopment;HackingWebClient;Full-KnowledgeAnalysis;WebApplicationSecurityScanners;WebSiteSecurityChecklistReviewofPreviousEdition"Agreatadditiontoanarsenaltofind,exploit,andovercomeWebsecurityissues.Suitablefordevelopersandanalystsalike,itwillunveilthemyriadoftechniquesyouradversariesmayemploy."--HeatherAdkins,GoogleSecurity

作者简介

JoelScambray,CISSP,isco-founderandCEOofConsciere,providerofstrategicsecurityadvisoryservices.HehasworkedinInternetsecurityassessmentanddefensefornearly15yearsatMicrosoft,Foundstone,Ernst&Young,andotherorganizations.Joelisaninternationallyrenownedspeakerandauthorofmultiplesecuritybooks,including12editionsintheHackingExposedseries.VincentLiu,CISSP,isamanagingpartneratStach&Liu.HepreviouslyledtheAttack&PenetrationandReverseEngineeringteamsatHoneywell'sGlobalSecuritygroup,wasaconsultantwiththeErnst&YoungAdvancedSecurityCenters,andwasananalystattheNationalSecurityAgency.Vincentspeaksatindustryconferences,includingBlackHat,ToorCon,andMicrosoft'sBlueHat.CalebSimaisCEOofArmorizeTechnologies,providerofintegratedWebapplicationsecuritysolutions.HefoundedSPIDynamics,aWebsecuritytechnologycompany,andwasanearlyinnovatoratInternetSecuritySystems/IBM'seliteX-Forceteam.Calebpresentsatkeyindustryconferences,suchasRSAandBlackHat.

— END —