Innocent Code: A Security Wake-Up Call for Web Programmers and over one million other books are available for Amazon Kindle . Learn more


or
Sign in to turn on 1-Click ordering.
or
Amazon Prime free trial required. Sign up when you check out. Learn more
More Buying Choices
Have one to sell? Sell yours here
or
Get a £0.90 Amazon.co.uk Gift Card
Innocent Code: A Security Wake-up Call for Web Programmers
 
 
Share your own customer images
Search inside this book
Start reading Innocent Code: A Security Wake-Up Call for Web Programmers on your Kindle in under a minute.

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Innocent Code: A Security Wake-up Call for Web Programmers [Paperback]

Sverre H. Huseby (Author)
RRP: £24.99
Price: £21.24 & this item Delivered FREE in the UK with Super Saver Delivery. See details and conditions
You Save: £3.75 (15%)
  Special Offers Available
o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o
In stock.
Dispatched from and sold by Amazon.co.uk. Gift-wrap available.
Only 2 left in stock--order soon (more on the way).
Want guaranteed delivery by Friday, June 1? Choose Express delivery at checkout. See Details
‹  Return to Product Overview

Product Description

Review

the security book that all web developers need to read sound advice ignore at peril (Tech Book Report, January 2004)

" achieves its aims admirably " (PC Utilities, April 2004)

should be required reading for web developers (about.com, March 2004)

if you are a web techie you will love this book, I did (Infosecurity Today, July 04)

Review

“…the security book that all web developers need to read…sound advice…ignore at peril…” (Tech Book Report, January 2004)

"…achieves its aims admirably…" (PC Utilities, April 2004)

“…should be required reading for web developers…” (about.com, March 2004)

“…if you are a web techie you will love this book, I did…” (Infosecurity Today, July 04)

Infosecurity Today, July 04

"...if you are a web techie you will love this book, I did..."

Product Description

  • This concise and practical book shows where code vulnerabilities lie–without delving into the specifics of each system architecture, programming or scripting language, or application–and how best to fix them
  • Based on real–world situations taken from the author′s experiences of tracking coding mistakes at major financial institutions
  • Covers SQL injection attacks, cross–site scripting, data manipulation in order to bypass authorization, and other attacks that work because of missing pieces of code
  • Shows developers how to change their mindset from Web site construction to Web site destruction in order to find dangerous code

From the Back Cover

This book is much more than a wake–up call. It is also an eye–opener. Even for those who are already awake to the problems of Web server security, it is a serious guide for what to do and what not to do, with many well–chosen examples. The set of fundamental rules is highly relevant.

Peter G. Neumann, Author of Computer–Related Risks,and moderator of the Internet Risks Forum (risks.org).

This concise and practical book will show where code vulnerabilities lie and how best to fix them. Its value is in showing where code may be exploited to gain access to – or break – systems, but without delving into specific architectures, programming or scripting languages or applications. It provides illustrations with real code.

Innocent Code is an entertaining read showing how to change your mindset from website construction to website destruction so as to avoid writing dangerous code. Abundant examples from susceptible sites will bring the material alive and help you to guard against:

  • SQL Injection, shell command i njection and other attacks based on mishandling meta–characters
  • bad input
  • cross–site scripting
  • attackers who trick users into performing actions
  • leakage of server–side secrets
  • hidden enemies such as project deadlines, salesmen, messy code and tight budgets

All web programmers need to take precautions against producing websites vulnerable to malicious attack. This is the book which tells you how without trying to turn you into a security specialist.

About the Author

Sverre Huseby runs his own company selling courses and consultancy services in Web application security. He′s an active participant on webappsec mail forum.
‹  Return to Product Overview

Amazon.co.uk Privacy Statement Amazon.co.uk Delivery Information Amazon.co.uk Returns & Exchanges