ばいちょ(売価調査)、価格比較とネットでのお買い物を楽に

Bar
お店のコメント(スペック情報を含む場合もあり)

内容説明 Risk-based security testing, the important subject of this book, is one of seven software security touchpoints introduced in my book, Software Security: Building Security In. This book takes the basic idea several steps forward. Written by masters of software exploit, this book describes in very basic terms how security testing differs from standard software testing as practiced by QA groups everywhere. It unifies in one place ideas from Michael Howard, David Litchfield, Greg Hoglund, and me into a concise introductory package. Improve your security testing by reading this book today.” –Gary McGraw, Ph.D., CTO, Cigital; Author, Software Security, Exploiting Software, Building Secure Software, and Software Fault Injection; www.cigital.com/~gem “As 2006 closes out, we will see over 5,000 software vulnerabilities announced to the public. Many of these vulnerabilities were, or will be, found in enterprise applications from companies who are staffed with large, professional, QA teams. How then can it be that these flaws consistently continue to escape even well-structured diligent testing? The answer, in part, is that testing still by and large only scratches the surface when validating the presence of security flaws. Books such as this hopefully will start to bring a more thorough level of understanding to the arena of security testing and make us all a little safer over time.” –Alfred Huger, Senior Director, Development, Symantec Corporation “Software security testing may indeed be an art, but this book provides the paint-by-numbers to perform good, solid, and appropriately destructive security testing: proof that an ounce of creative destruction is worth a pound of patching later. If understanding how software can be broken is step one in every programmers’ twelve-step program to defensible, secure, robust software, then knowledgeable security testing comprises at least steps two through six.” –Mary Ann Davidson, Chief Security Officer, Oracle “Over the past few years, several excellent books have come out teaching developers how to write more secure software by describing common security failure patterns. However, none of these books have targeted the tester whose job it is to find the security problems before they make it out of the R&D lab and into customer hands. Into this void comes The Art of Software Security Testing: Identifying Software Security Flaws. The authors, all of whom have extensive experience in security testing, explain how to use free tools to find the problems in software, giving plenty of examples of what a software flaw looks like when it shows up in the test tool. The reader learns why security flaws are different from other types of bugs (we want to know not only that ‘the program does what it’s supposed to,’ but also that ‘the program doesn’t do that which it’s not supposed to’), and how to use the tools to find them. Examples are primarily based on C code, but some description of Java, C#, and scripting languages help for those environments. The authors cover both Windows and UNIX-based test tools, with plenty of screenshots to see what to expect. Anyone who’s doing QA testing on software should read this book, whether as a refresher for finding security problems, or as a starting point for QA people who have focused on testing functionality.” –Jeremy Epstein, WebMethods State-of-the-Art Software Security Testing: Expert, Up to Date, and Comprehensive The Art of Software Security Testing delivers in-depth, up-to-date, battle-tested techniques for anticipating and identifying software security problems before the “bad guys” do. Drawing on decades of experience in application and penetration testing, this book’s authors can help you transform your approach from mere “verification” to proactive “attack.” The authors begin by systematically reviewing the design and coding vulnerabilities that can arise in software, and offering realistic guidance in avoiding them. Next, they show you ways to customize software debugging tools to test the unique aspects of any program and then analyze the results to identify exploitable vulnerabilities. Coverage includes Tips on how to think the way software attackers think to strengthen your defense strategy Cost-effectively integrating security testing into your development lifecycle Using threat modeling to prioritize testing based on your top areas of risk Building testing labs for performing white-, grey-, and black-box software testing Choosing and using the right tools for each testing project Executing today’s leading attacks, from fault injection to buffer overflows Determining which flaws are most likely to be exploited by real-world attackers This book is indispensable for every technical professional responsible for software security: testers, QA specialists, security professionals, developers, and more. For IT managers and leaders, it offers a proven blueprint for implementing effective security testing or strengthening existing processes. Foreword xiii Preface xvii Acknowledgments xxix About the Authors xxxi Part I: Introduction Chapter 1: Case Your Own Joint: A Paradigm Shift from Traditional Software Testing 3 Chapter 2: How Vulnerabilities Get Into All Software 19 Chapter 3: The Secure Software Development Lifecycle 55 Chapter 4: Risk-Based Security Testing: Prioritizing Security Testing with Threat Modeling 73 Chapter 5: Shades of Analysis: White, Gray, and Black Box Testing 93 Part II: Performing the Attacks Chapter 6: Generic Network Fault Injection 107 Chapter 7: Web Applications: Session Attacks 125 Chapter 8: Web Applications: Common Issues 141 Chapter 9: Web Proxies: Using WebScarab 169 Chapter 10: Implementing a Custom Fuzz Utility 185 Chapter 11: Local Fault Injection 201 Part III: Analysis Chapter 12: Determining Exploitability 233 Index 251

お店
アマゾン (amazon)
お店の商品コード
0321304861
JANコード
-
メーカー

お店の、この商品ページへ直行
商品ジャンル

商品名
最終調査日時
2015/08/02 (Sun) 05:30:12
価格の変動(直近3回 : ¥0は未調査回)
取得日時
販売価格
ポイント
実質価格
在庫状態
2015/08/02 (Sun) 05:30:12
¥7,353
0 %
¥7,353
通常2~3週間以内に発送します。
2012/11/11 (Sun) 11:40:50
¥4,785
0 %
¥4,785
2012/02/01 (Wed) 09:16:30
¥4,660
0 %
¥4,660
商品検索
 商品名 ※スペース区切りで複数キーワード(and・絞り込み)可
検索オプション検索オプションを展開する検索オプションをたたむ
 JANコード(バーコード)
  お店のコード
【取得NG】(売切れ?)のものを表示
※「しない」を選択すると、掲載落ち(売切れ)と思われる商品は表示しません。
検索の対象にするお店
店舗を選択しない結果に含めたいお店にチェックをつけてください。
全てOFFにしたり、10店より多く選択すると全店が対象となります。
ioPLAZA
アイテムポスト
アイリスプラザ
秋葉館
アニメイト
アマゾン
あみあみ
イオンショップ
イシバシ楽器
イトーヨーカドー
eカシオ
イーカプコン
ECカレント
NTT-X
エレコム
オフィスデポ
OLYMPUS
キタムラ
Qoo10
K’sデンキ
コジマ
コメリ
サンワ
ジャパネットたかた
ジュリアインテリア
すぃーとあっぷるぱい
セブンネット
センチュリー
ソフマップ
たのめーる
タミヤショップ
タンタン
ツクモ
DMM
DCM
デンマート
トイザらス
ドスパラ
ナチュラム
日本文化センター
nojima
パソコン工房
パソ電
ビックカメラ
PCワンズ
フルイチ
ブラザー
プレミアムバンダイ
PREMOA
ベスト電器
見てね価格
ムラウチ
ムラウチ
Yamagaiwa
ヤマダ電機
東急ハンズ
条件クリア
サイト内キーワード検索
商品名の検索は通常の商品検索ボックスで。
コメントやスペックなどから検索したい場合はこちらから。
このお店の商品コード類似品
The Embedded Internet with CD: TCP/ IP basics, Implementation and Applications: Sergio Scaglia: 洋書
Illustrator CS2 Killer Tips: Dave Kloskowski, Matt Cross: 洋書
Tcl and the Tk Toolkit (Addison-Wesley Professional Computing Series): John K. Jones, Ken Ousterhout: 洋書
Illustrator CS2 for Windows and Macintosh: Visual QuickStart Guide: Elaine Lourekas, Peter Weinmann: 洋書
Adobe InCopy CS2 Book, The: Adam Richman, Mike Pratt: 洋書
Women and Elections: The Impact in 2004 and Beyond: Karen O’Connor: 洋書
Effective Java (Java Series): Joshua Bloch: 洋書
Photoshop LAB Color: The Canyon Conundrum and Other Adventures in the Most Powerful Colorspace: Dan Margulis: 洋書
Adobe Premiere Pro 2.0 Classroom in a Book: Adobe Creative Team: 洋書
広告