See buying choices for this item to see if it's one of the millions that are eligible for Amazon Prime.

Ready to Buy?
woodys-uk
Price: £26.85
In stock
15 used & new from £2.77
See All Buying Options
Have one to sell? Sell yours here
 
   
Writing Secure Code
 
 
Share your own customer images
Search inside this book

Writing Secure Code (Paperback)

by M Howard (Author), David LeBlanc (Author) "In memory of all those people who needlessly perished on September 11, 2001 ..." (more)
5.0 out of 5 stars See all reviews (3 customer reviews)

Available from these sellers.


5 new from £9.99 10 used from £2.77
Other Editions: RRP: Our Price: Other Offers:
Paperback (2nd Revised edition) £39.49 £25.67 31 used & new from £12.75

Customers Who Bought This Item Also Bought

The Security Development Lifecycle

The Security Development Lifecycle

by Michael Howard and Steve Lipner
£17.49
Writing Secure Code for Windows Vista® (Best Practices (Microsoft))

Writing Secure Code for Windows Vista® (Best Practices (Microsoft))

by Michael Howard; David LeBlanc
2.0 out of 5 stars (1)  £18.99
19 Deadly Sins of Software Security: Programming Flaws and How to Fix Them (Security One-off)

19 Deadly Sins of Software Security: Programming Flaws and How to Fix Them (Security One-off)

by Michael Howard
5.0 out of 5 stars (1)  £19.54
Secure Coding: Principles and Practices

Secure Coding: Principles and Practices

by Mark Graff
5.0 out of 5 stars (2) 
Threat Modeling (Microsoft Professional)

Threat Modeling (Microsoft Professional)

by Frank Swiderski and Window Snyder
£23.99
Explore similar items

Product details

  • Paperback: 477 pages
  • Publisher: Microsoft Press,U.S.; Pap/Cdr edition (31 Oct 2001)
  • Language English
  • ISBN-10: 0735615888
  • ISBN-13: 978-0735615885
  • Product Dimensions: 23.2 x 18.7 x 3.4 cm
  • Average Customer Review: 5.0 out of 5 stars See all reviews (3 customer reviews)
  • Amazon.co.uk Sales Rank: 548,619 in Books (See Bestsellers in Books)

    Popular in this category:

    #12 in  Books > Computing & Internet > Computer Science > Security > Programming > Secure Coding

    •  Would you like to update product info or give feedback on images?

  • See Complete Table of Contents

Customers Viewing This Page May Be Interested in These Sponsored Links

  (What is this?)
Security Codes
   www.tesa-scribos.com    Cryptographically secured codes Authenticate via internet & phone 
Content Signing
   www.verisign.com    Secure and Protect Your Online Code Learn More about Content Signing 
Top-Secure Communication
   www.mils.com    Top-level encryption for your confidential information. 
  
 

Product Description

Synopsis
Aimed at software designers, architects, developers, and testers, discusses how to create secure applications in the development, design, writing, and testing stages.
Inside This Book (Learn More)
First Sentence
In memory of all those people who needlessly perished on September 11, 2001. Read the first page
Explore More
Concordance
Browse Sample Pages
Front Cover | Excerpt | Back Cover
Search inside this book:

Suggested Tags from Similar Products

 (What's this?)
Be the first one to add a relevant tag (keyword that's strongly related to this product)
Check a corresponding box or enter your own tags in the field below
software
security

Your tags: Add your first tag
 
See most popular tags
 

Customer Reviews

3 Reviews
5 star:
 (3)
4 star:    (0)
3 star:    (0)
2 star:    (0)
1 star:    (0)
 
 
 
 
 
Average Customer Review
5.0 out of 5 stars (3 customer reviews)
 
 
 
 
Share your thoughts with other customers:
Most Helpful Customer Reviews

 
24 of 24 people found the following review helpful:
5.0 out of 5 stars required reading, 29 Aug 2003
This review is from: Writing Secure Code, Second Edition (Paperback)
Some years ago i worked for a software house with over 30 developers, of which only one other had read the first edition of this book. I don't think that was uncommon. Few developers cared about application security in general terms, their encounters with security being an inconvenience that either 'broke' code or (often post-exploit) resulted in 'extra work' bug-fixing.
I use the past-tense, but i've really no evidence to suggest that things have changed all that much. Hopefully the wider distribution and publicity granted this second edition will help change that.
The book is organised into four major sections. The first provides background material that outlines the need to secure systems and techniques for designing secure systems. It is carefully written, appropriately illustrated and has only two very small code examples (one of which pseudo-code, the other a couple of lines of asp), making it good for photocopying and distribution to project managers...
The second and third sections provide the bulk of the book - secure coding techniques. As you'd expect buffer overruns, acls, least privilege, crypto, canonical mistakes, sql injection, cross site scripting, dos attacks, to name a few are all covered, and there are chapters on internalisation, sockets, rpc, and one - surprisingly small - on .net. I say surprisingly because a good part of the marketing for this book was that it was updated to cover .net, which it has - but not to the extent you'd think. if you're looking for an in-depth analysis of .net security, this work doesn't have it.
but it doesnt needs it - if there is one single message in the second and third sections it is that there is no replacement for responsible, informed programming regardless of the syntax or technology used. The chapter entitled 'All Input Is Evil' makes that point well, it - like the others - applies whether you use .net or not. The final section covers 'everything else' - testing, code reviews, installation, error messages, and a good - but brief - chapter on privacy and data security, and an excellent chapter on general good practises.
Part of what made the first edition a classic, to my mind, is that it addressed the security fundamentals *every* programmer on a microsoft platform should be aware of. after reading it i was in doubt of the importance of application security, the core principles, threats and coding countermeasures, and i went on to apply those in subsequent projects.
this edition builds, updates and expands on the first and is, simply, required reading. unlike many sequels, it does not disappoint.
Comment Comment | Permalink | Was this review helpful to you? Yes No (Report this)



 
12 of 13 people found the following review helpful:
5.0 out of 5 stars From vuagely interested in security to a security convert, 14 Nov 2002
When I started to read this book, I was convinced that security was an issue, but that I could not do much more than have a good firewall between my users and my app... now I know that my code, and configuration & settings this side of the firewall (all within my control) can make a significant difference to the security of my solutions.

Everyone that codes, review code, design code, design solutions, every one that ever have valuable info on their hard disks should probably read this great book.

Comment Comment | Permalink | Was this review helpful to you? Yes No (Report this)



 
2 of 2 people found the following review helpful:
5.0 out of 5 stars Mandatory, 28 Feb 2007
By Dominic Batstone (London) - See all my reviews
(TOP 1000 REVIEWER)    (REAL NAME)      
This review is from: Writing Secure Code, Second Edition (Paperback)
If you are a developer then this book is mandatory.

You do not realise the threats (from the desktop, the web, Intranet) until you read this book. Attacks come from everywhere.

Reading this together with "Code Complete 2" (Steve McConnell) will surely make you a better developer and your software safer, faster and more secure.

Imagine the consequences of a simple SQL injection attack or a cross site script attack on your customers. Your reputation, your job and your company are at risk. Its as simple as that. Getting a few copies of this for yourself and your colleagues makes sense.
Comment Comment | Permalink | Was this review helpful to you? Yes No (Report this)


Share your thoughts with other customers: Create your own review
 
 
 
Only search this product's reviews


Customer Discussions

 Beta (What's this?)
This product's forum (0 discussions)
  Discussion Replies Latest Post
  No discussions yet

Ask questions, Share opinions, Gain insight
Start a new discussion
Topic:
First post:
Prompts for sign-in
  [Cancel]

   

Listmania!

Create a Listmania! list

Look for similar items by category

Feedback

Building Secure ASP.NET Application

Building Secure ASP.NET...

This title presents a scenario-based approach to designing and... Read more
£37.52

Find similar items

 

More From Michael Howard

19 Deadly Sins...

19 Deadly Sins of Software Security...

This essential book for all software developers--regardless of... Read more
£22.99 £19.54

 

Train Hard...Play Hard

Nike, Gola, Converse, and more
Gear up with up to 60% off athletic and outdoor shoes.

Shop now

  

Treat Someone

Amazon.co.uk Gift Certificates--available in any amount from £5 to £500 With an Amazon.co.uk Gift Certificate, you can get them what they want (even if you don't know what that is).

Learn more about Gift Certificates

  
Ad

Where's My Stuff?

Delivery and Returns

Need Help?

Your Recent History

  (What's this?)
You have no recently viewed items or searches.

After viewing product detail pages or search results, look here to find an easy way to navigate back to pages you are interested in.

Look to the right column to find helpful suggestions for your shopping session.
Continue Shopping: Top Sellers

amazon.co.uk Amazon Home
International Sites:  United States  |  Germany  |  France  |  Japan  |  Canada  |  China
Business Programs: Sell on Amazon  |  Fulfilment by Amazon  |  Join Associates  |  Join Advantage
Customer Service  |  Help  |  View Basket  |  Your Account
About Amazon.co.uk  |  Careers at Amazon
Conditions of Use & Sale |  Privacy Notice  © 1996-2009, Amazon.com, Inc. and its affiliates