Writing Secure Code, 2nd Ed.

Paladion
By Paladion

September 15, 2004

We take a look at the "Writing Secure Code, 2nd Ed" book by Michael Howard & David LeBlanc on safe programming practices and guidelines security principles and threat modeling

Writing Secure CodeThis is easily the most detailed work on safe programming practices for developers who write applications on the Windows platform. The 2nd edition is over twice the size of the earlier edition with broader coverage of the security issues involved in developing applications. This edition continues to be targeted at the developer with in-depth discussions
on input validation, ACLs, privilege levels and cryptographic functions. Designers and security testers will find the book useful not only because these issues are important for everyone, but also thanks to the greater coverage given to design and testing. The chapters on Security principles and Threat modeling cover important ideas for designers, and there is an entire chapter devoted to security testing techniques. [Update: For the experienced security tester, we would however recommend
a more in-depth work like the "Shellcoder's Handbook" by Jack Koziol and others.] The Appendix has useful ready-to-use security checklists for designers, developers and testers. If you develop applications on the Windows platform, this is a book worth investing in.


Tags: Review

About

Paladion

SUBSCRIBE TO OUR BLOG

Buyers-Guide-Collateral

WHITEPAPER

Buyer’s Guide to Managed Detection and Response

Download
MDR

Get AI Powered

Managed Detection and Response

MDR-learmore-btn

 

MDR-Guide-Collateral

REPORT

AI-Driven Managed Detection and Response

Download Report
Episode

EPISODE-25

Red-LineAsset-6

Why Your ‘Likes’ on Facebook May Be Revealing Far More than You Thought

Click URL in the Post for the Full Podacst
  • FacebookAsset
  • LinkedinAsset
  • TwitterAsset