Skip to Content
Secure Programming with Static Analysis
book

Secure Programming with Static Analysis

by Brian Chess, Jacob West
June 2007
Intermediate to advanced
624 pages
16h 18m
English
Addison-Wesley Professional
Content preview from Secure Programming with Static Analysis

Epilogue

To a large extent, this book is about all of the little things that programmers need to get right in order to create secure code. The devil is in the remarkably long list of details that, if overlooked or misunderstood, give attackers what they need to compromise a system. We’ve looked at endemic problems such as buffer overflow in C and session management with HTTP. We’ve seen numerous cases where security hinges on seemingly unrelated trivia: ignoring error conditions, using the wrong output encoding, or giving away too much information about the system.

Fewer words have gone towards the design decisions that affect software security. Good design and good implementation need each other; one is useless without the other. But design ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

You might also like

Secure Programming Cookbook for C and C++

Secure Programming Cookbook for C and C++

John Viega, Matt Messier
Secure Coding: Principles and Practices

Secure Coding: Principles and Practices

Mark G. Graff, Kenneth R. van Wyk
Hands-On Security in DevOps

Hands-On Security in DevOps

Tony Hsiang-Chih Hsu
Securing DevOps

Securing DevOps

Julien Vehent

Publisher Resources

ISBN: 9780321424778Purchase book