Evifa-Portal

Hits per page

hits 1 - 4 | 4 hits

Sorting

Online Resource

Software security : building security in (2006)

McGraw, Gary [VerfasserIn] 1966-

Upper Saddle River, NJ : Addison-Wesley | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: p. cm

DDC: 005.8

Keywords: Computer security ; Electronic books ; local

Abstract: "When it comes to software security, the devil is in the details. This book tackles the details." --Bruce Schneier, CTO and founder, Counterpane, and author of Beyond Fear and Secrets and Lies "McGraw's book shows you how to make the 'culture of security' part of your development lifecycle." --Howard A. Schmidt, Former White House Cyber Security Advisor "McGraw is leading the charge in software security. His advice is as straightforward as it is actionable. If your business relies on software (and whose doesn't), buy this book and post it up on the lunchroom wall." --Avi Rubin, Director of the NSF ACCURATE Center; Professor, Johns Hopkins University; and coauthor of Firewalls and Internet Security Beginning where the best-selling book Building Secure Software left off, Software Security teaches you how to put software security into practice.The software security best practices, or touchpoints, described in this book have their basis in good software engineering and involve explicitly pondering security throughout the software development lifecycle. This means knowing and understanding common risks (including implementation bugsand architectural flaws), designing for security, and subjecting all software artifacts to thorough, objective risk analyses and testing. Software Security is about putting the touchpoints to work for you. Because you can apply these touchpoints to the software artifacts you already produce as you develop software, you can adopt this book's methods without radically changing the way you work. Inside you'll find detailed explanations of Risk management frameworks and processes Code review using static analysis tools Architectural risk analysis Penetration testing Security testing Abuse case development In addition to the touchpoints, Software Security covers knowledge management, training and awareness, and enterprise-level software security programs. Now that the world agrees that software security is central to computer security, it is time to put philosophy into practice. Create your own secure development lifecycle by enhancing your existing software development lifecycle with the touchpoints described in this book. Let this expert author show you how to build more secure software by building security in.

Note: Includes bibliographical references and index

URL: https://learning.oreilly.com/library/view/-/0321356705/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

Online Resource

Windows Server 2003 security : a technical reference (2005)

Bragg, Roberta [VerfasserIn]

Upper Saddle River, NJ : Addison-Wesley | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xxviii, 1142 p. , ill. ; , 24 cm

DDC: 005.4/476

Keywords: Microsoft Windows server ; Computer security ; Operating systems (Computers) ; Electronic books ; local

Abstract: "Once again, Roberta Bragg proves why she is a leading authority in the security field! It's clear that Roberta has had a great deal of experience in real-world security design and implementation. I'm grateful that this book provides clarity on what is often a baffling subject!" James I. Conrad, MCSE 2003, Server+, Certified Ethical Hacker Jamesaccusource.net "Full of relevant and insightful information. Certain to be a staple reference book for anyone dealing with Windows Server 2003 security. Roberta Bragg's Windows Server 2003 Security is a MUST read for anyone administering Windows Server 2003." Philip Cox, Consultant, SystemExperts Corporation phil.cox@systemexperts.com "Few people in the security world understand and appreciate every aspect of network security like Roberta Bragg. She is as formidable a security mind as I have ever met, and this is augmented by her ability to communicate the concepts clearly, concisely, and with a rapier wit. I have enjoyed working with Roberta more than I have on any of the other 20 some odd books to which I have contributed. She is a giant in the field of network security." Bob Reinsch bob.reinsch@fosstraining.com " Windows Server 2003 Security explains why you should do things and then tells you how to do it! It is a comprehensive guide to Windows security that provides the information you need to secure your systems. Read it and apply the information." Richard Siddaway, MCSE rsiddaw@hotmail.com "Ms. Bragg's latest book is both easy to read and technically accurate. It will be a valuable resource for network administrators and anyone else dealing with Windows Server 2003 security." Michael VonTungeln, MCSE, CTT mvontung@yahoo.com "I subscribe to a number of newsletters that Roberta Bragg writes and I have 'always' found her writing to be perfectly focused on issues I 'need' to know in my workplace when dealing with my users. Her concise writing style and simple solutions bring me back to her columns time after time. When I heard she had written a guide on Windows 2003 security, I 'had' to have it. Following her guidance on deployment, her advice on avoiding common pitfalls, and her easy to follow guidelines on how to lock down my network and user environments (those darned users!) has me (and my clients) much more comfortable with our Win2k3 Server deployments. From AD to GPO's to EFS, this book covers it all." Robert Laposta, MCP, MCSA, MCSE, Io Network Services, Sierra Vista AZrob.laposta@cox.net "R...

Note: Includes bibliographical references and index

URL: https://learning.oreilly.com/library/view/-/0321305019/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

Online Resource

Rootkits : subverting the Windows kernel (2005)

Hoglund, Greg [VerfasserIn] ; Butler, James [MitwirkendeR]

Upper Saddle River, NJ : Addison-Wesley | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: p. cm

DDC: 005.8

Keywords: Microsoft Windows (Computer file) ; Computer security ; Computers ; Access control ; Electronic books ; local

Abstract: "It's imperative that everybody working in the field of cyber-security read this book to understand the growing threat of rootkits." --Mark Russinovich, editor, Windows IT Pro / Windows & .NET Magazine "This material is not only up-to-date, it defines up-to-date. It is truly cutting-edge. As the only book on the subject, Rootkits will be of interest to any Windows security researcher or security programmer. It's detailed, well researched and the technical information is excellent. The level of technical detail, research, and time invested in developing relevant examples is impressive. In one word: Outstanding." --Tony Bautts, Security Consultant; CEO, Xtivix, Inc. "This book is an essential read for anyone responsible for Windows security. Security professionals, Windows system administrators, and programmers in general will want to understand the techniques used by rootkit authors. At a time when many IT and security professionals are still worrying about the latest e-mail virus or how to get all of this month's security patches installed, Mr. Hoglund and Mr. Butler open your eyes to some of the most stealthy and significant threats to the Windows operating system. Only by understanding these offensive techniques can you properly defend the networks and systems for which you are responsible." --Jennifer Kolde, Security Consultant, Author, and Instructor "What's worse than being owned? Not knowing it. Find out what it means to be owned by reading Hoglund and Butler's first-of-a-kind book on rootkits. At the apex the malicious hacker toolset--which includes decompilers, disassemblers, fault-injection engines, kernel debuggers, payload collections, coverage tools, and flow analysis tools--is the rootkit. Beginning where Exploiting Software left off, this book shows how attackers hide in plain sight. "Rootkits are extremely powerful and are the next wave of attack technology. Like other types of malicious code, rootkits thrive on stealthiness. They hide away from standard system observers, employing hooks, trampolines, and patches to get their work done. Sophisticated rootkits run in such a way that other programs that usually monitor machine behavior can't easily detect them. A rootkit thus provides insider access only to people who know that it is running and available to accept commands. Kernel rootkits can hide files and running processes to provide a backdoor into the target machine. "Understanding the ultimate attacker's tool provides ...

Note: Includes bibliographical references and index

URL: https://learning.oreilly.com/library/view/-/0321294319/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

Online Resource

The art of computer virus research and defense (2005)

Szor, Peter [VerfasserIn]

Upper Saddle River, NJ : Addison-Wesley | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xxvii, 713 p. , ill. ; , 24 cm

DDC: 005.8

Keywords: Computer security ; Computer viruses ; Electronic books ; local

Abstract: "Of all the computer-related books I've read recently, this one influenced my thoughts about security the most. There is very little trustworthy information about computer viruses. Peter Szor is one of the best virus analysts in the world and has the perfect credentials to write this book." -Halvar Flake, Reverse Engineer, SABRE Security GmbH Symantec's chief antivirus researcher has written the definitive guide to contemporary virus threats, defense techniques, and analysis tools. Unlike most books on computer viruses, The Art of Computer Virus Research and Defense is a reference written strictly for white hats: IT and security professionals responsible for protecting their organizations against malware. Peter Szor systematically covers everything you need to know, including virus behavior and classification, protection strategies, antivirus and worm-blocking techniques, and much more. Szor presents the state-of-the-art in both malware and protection, providing the full technical detail that professionals need to handle increasingly complex attacks. Along the way, he provides extensive information on code metamorphism and other emerging techniques, so you can anticipate and prepare for future threats. Szor also offers the most thorough and practical primer on virus analysis ever published-addressing everything from creating your own personal laboratory to automating the analysis process. This book's coverage includes Discovering how malicious code attacks on a variety of platforms Classifying malware strategies for infection, in-memory operation, self-protection, payload delivery, exploitation, and more Identifying and responding to code obfuscation threats: encrypted, polymorphic, and metamorphic Mastering empirical methods for analyzing malicious code-and what to do with what you learn Reverse-engineering malicious code with disassemblers, debuggers, emulators, and virtual machines Implementing technical defenses: scanning, code emulation, disinfection, inoculation, integrity checking, sandboxing, honeypots, behavior blocking, and much more Using worm blocking, host-based intrusion prevention, and network-level defense strategies © Copyright Pearson Education. All rights reserved.

Note: Includes bibliographical references and index

URL: https://learning.oreilly.com/library/view/-/0321304543/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

hits 1 - 4 | 4 hits