Book picks similar to
The 7 Qualities of Highly Secure Software by Mano Paul


computer-science
information-security
security
software-engineering

AWS Security Best Practices (AWS Whitepaper)


Amazon Web Services - 2016
    It also provides an overview of different security topics such as identifying, categorizing and protecting your assets on AWS, managing access to AWS resources using accounts, users and groups and suggesting ways you can secure your data, your operating systems and applications and overall infrastructure in the cloud.

CEH Certified Ethical Hacker Study Guide


Kimberly Graves - 2010
    That's the philosophy behind ethical hacking, and it's a growing field. Prepare for certification in this important area with this advanced study guide that covers all exam objectives for the challenging CEH Certified Ethical Hackers exam. The book provides full coverage of exam topics, real-world examples, and a CD with additional materials for extra review and practice. Covers ethics and legal issues, footprinting, scanning, enumeration, system hacking, trojans and backdoors, sniffers, denial of service, social engineering, session hijacking, hacking Web servers, Web application vulnerabilities, and more Walks you through exam topics and includes plenty of real-world scenarios to help reinforce concepts Includes a CD with review questions, bonus exams, and more study tools This is the ideal guide to prepare you for the new CEH certification exam. Reviews

Introducing Windows Azure for IT Professionals


Mitch Tulloch - 2013
    It is offered for sale in print format as a convenience.Get a head start evaluating Windows Azure - with technical insights from a Microsoft MVP Mitch Tulloch. This guide introduces the latest features and capabilities, with scenario-based advice on how the platform can meet the needs of your business. Get the high-level overview you need to begin preparing your deployment now.Topics include: Understanding Windows Azure Windows Azure Compute Services Windows Azure Network Services Windows Azure Data Services Windows Azure App Services Getting Started with Windows Azure

Java SE 6: The Complete Reference


Herbert Schildt - 2006
    He includes information on Java Platform Standard Edition 6 (Java SE 6) and offers complete coverage of the Java language, its syntax, keywords, and fundamental programming principles.

Object-Oriented Information Systems Analysis and Design Using UML


Simon Bennett - 1999
    It can be used as a course book for students who are first encountering systems analysis and design at any level. This second edition contains many updates, including the latest version of the UML standard, and reflects the most up to date approaches to the information systems development process. It provides a clear and comprehensive treatment of UML 1.4 in the context of the systems development life cycle, without assuming previous knowledge of analysis and design. It also discusses implementation issues in detail and gives code fragments to show possible mappings to implementation technology. Extensive use of examples and exercises from two case studies provides the reader with many opportunities to practise the application of UML.

The Basics of Digital Forensics: The Primer for Getting Started in Digital Forensics


John Sammons - 2011
    This book teaches you how to conduct examinations by explaining what digital forensics is, the methodologies used, key technical concepts and the tools needed to perform examinations. Details on digital forensics for computers, networks, cell phones, GPS, the cloud, and Internet are discussed. Readers will also learn how to collect evidence, document the scene, and recover deleted data. This is the only resource your students need to get a jump-start into digital forensics investigations.This book is organized into 11 chapters. After an introduction to the basics of digital forensics, the book proceeds with a discussion of key technical concepts. Succeeding chapters cover labs and tools; collecting evidence; Windows system artifacts; anti-forensics; Internet and email; network forensics; and mobile device forensics. The book concludes by outlining challenges and concerns associated with digital forensics. PowerPoint lecture slides are also available.This book will be a valuable resource for entry-level digital forensics professionals as well as those in complimentary fields including law enforcement, legal, and general information security.

The Art of Invisibility: The World's Most Famous Hacker Teaches You How to Be Safe in the Age of Big Brother and Big Data


Kevin D. Mitnick - 2017
    Consumer's identities are being stolen, and a person's every step is being tracked and stored. What once might have been dismissed as paranoia is now a hard truth, and privacy is a luxury few can afford or understand.In this explosive yet practical book, Kevin Mitnick illustrates what is happening without your knowledge--and he teaches you "the art of invisibility." Mitnick is the world's most famous--and formerly the Most Wanted--computer hacker. He has hacked into some of the country's most powerful and seemingly impenetrable agencies and companies, and at one point he was on a three-year run from the FBI. Now, though, Mitnick is reformed and is widely regarded as the expert on the subject of computer security. He knows exactly how vulnerabilities can be exploited and just what to do to prevent that from happening. In THE ART OF INVISIBILITY Mitnick provides both online and real life tactics and inexpensive methods to protect you and your family, in easy step-by-step instructions. He even talks about more advanced "elite" techniques, which, if used properly, can maximize your privacy. Invisibility isn't just for superheroes--privacy is a power you deserve and need in this modern age.

Nmap Cookbook: The Fat-free Guide to Network Scanning


Nicholas Marsh - 2010
    Every Nmap feature is covered with visual examples to help you quickly understand and identify proper usage for practical results.Topics covered include:* Installation on Windows, Mac OS X, Unix/Linux platforms* Basic and advanced scanning techniques* Network inventory and security auditing* Firewall evasion techniques* Zenmap - A graphical front-end for Nmap* NSE - The Nmap Scripting Engine* Ndiff - A Nmap scan comparison utilitySimplified coverage of Nmap 5.00 features.

Laravel: Code Bright


Dayle Rees - 2013
    At $29 and cheaper than a good pizza, you will get the book in its current partial form, along with all future chapters, updates, and fixes for free. As of the day I wrote this description, Code Bright had 130 pages and was just getting started. To give you some perspective on how detailed it is, Code Happy was 127 pages in its complete state. Want to know more? Carry on reading.Welcome back to Laravel. Last year I wrote a book about the Laravel PHP framework. It started as a collection of tutorials on my blog, and eventually became a full book. I definitely didn’t expect it to be as popular as it was. Code Happy has sold almost 3000 copies, and is considered to be one of the most valuable resourcesfor learning the Laravel framework.Code Bright is the spiritual successor to Code Happy. The framework has grown a lot in the past year, and has changed enough to merit a new title. With Code Bright I hope to improve on Code Happy with every way, my goal is, to once again, build the most comprehensive learning experience for the framework. Oh, and to still be funny. That’s very important to me.Laravel Code Bright will contain a complete learning experience for all of the framework’s features. The style of writing will make it approachable for beginners, and a wonderful reference resource for experienced developers alike.You see, people have told me that they enjoyed reading Code Happy, not only for its educational content, but for its humour, and for my down to earth writing style. This is very important to me. I like to write my books as if we were having a conversation in a bar.When I wrote Code Happy last year, I was simply a framework enthusiast. One of the first to share information about the framework. However, since then I have become a committed member of the core development team. Working directly with the framework author to make Laravel a wonderful experience for the developers of the world.One other important feature of both books, is that they are published while in progress. This means that the book is available in an incomplete state, but will grow over time into a complete title. All future updates will be provided for free.What this means is that I don’t have to worry about deadlines, or a fixed point of completion. It leads to less stress and better writing. If I think of a better way to explain something, I can go back and change it. In a sense, the book will never be completed. I can constantly add more information to it, until it becomes the perfect resource.Given that this time I am using the majority of my spare time to write the title (yes, I have a full time job too!), I have raised the price a little to justify my invested time. I was told by many of my past readers that they found the previous title very cheap for the resource that it grew into, so if you are worried about the new price, then let me remind you what you will get for your 29 bucks.The successor to Code Happy, seen by many as the #1 learning resource for the Laravel PHP framework.An unending source of information, chapters will be constantly added as needed until the book becomes a giant vault of framework knowledge.Comedy, and a little cheesy, but very friendly writing.

The Tangled Web: A Guide to Securing Modern Web Applications


Michal Zalewski - 2011
    Every piece of the web application stack, from HTTP requests to browser-side scripts, comes with important yet subtle security consequences. To keep users safe, it is essential for developers to confidently navigate this landscape.In The Tangled Web, Michal Zalewski, one of the world's top browser security experts, offers a compelling narrative that explains exactly how browsers work and why they're fundamentally insecure. Rather than dispense simplistic advice on vulnerabilities, Zalewski examines the entire browser security model, revealing weak points and providing crucial information for shoring up web application security. You'll learn how to:Perform common but surprisingly complex tasks such as URL parsing and HTML sanitization Use modern security features like Strict Transport Security, Content Security Policy, and Cross-Origin Resource Sharing Leverage many variants of the same-origin policy to safely compartmentalize complex web applications and protect user credentials in case of XSS bugs Build mashups and embed gadgets without getting stung by the tricky frame navigation policy Embed or host user-supplied content without running into the trap of content sniffing For quick reference, "Security Engineering Cheat Sheets" at the end of each chapter offer ready solutions to problems you're most likely to encounter. With coverage extending as far as planned HTML5 features, The Tangled Web will help you create secure web applications that stand the test of time.

CCNA: Cisco Certified Network Associate Study Guide [Exam 640-801]


Todd Lammle - 2000
    This Study Guide was developed to meet the exacting requirements of today's Cisco certification candidates. In addition to the engaging and accessible instructional approach that has earned author Todd Lammle the "Best Study Guide Author" award in CertCities Readers' Choice Awards for two consecutive years, this updated fifth edition provides:In-depth coverage of every CCNA exam objective Expanded IP addressing and subnetting coverage More detailed information on EIGRP and OSPF Leading-edge exam preparation software Authoritative coverage of all exam objectives, including:Network planning & designing Implementation & operation LAN and WAN troubleshooting Communications technology

Secrets and Lies: Digital Security in a Networked World


Bruce Schneier - 2000
    Identity Theft. Corporate Espionage. National secrets compromised. Can anyone promise security in our digital world?The man who introduced cryptography to the boardroom says no. But in this fascinating read, he shows us how to come closer by developing security measures in terms of context, tools, and strategy. Security is a process, not a product – one that system administrators and corporate executives alike must understand to survive.This edition updated with new information about post-9/11 security.

CISSP Study Guide


Eric Conrad - 2010
    The exam is designed to ensure that someone who is handling computer security in a company has a standardized body of knowledge. The book is composed of 10 domains of the Common Body of Knowledge. In each section, it defines each domain. It also provides tips on how to prepare for the exam and take the exam. It also contains CISSP practice quizzes to test ones knowledge. The first domain provides information about risk analysis and mitigation. It also discusses security governance. The second domain discusses different techniques for access control, which is the basis for all the security disciplines. The third domain explains the concepts behind cryptography, which is a secure way of communicating that is understood only by certain recipients. Domain 5 discusses security system design, which is fundamental for operating the system and software security components. Domain 6 is a critical domain in the Common Body of Knowledge, the Business Continuity Planning, and Disaster Recovery Planning. It is the final control against extreme events such as injury, loss of life, or failure of an organization. Domains 7, 8, and 9 discuss telecommunications and network security, application development security, and the operations domain, respectively. Domain 10 focuses on the major legal systems that provide a framework in determining the laws about information system.

Stealing the Network: How to Own a Shadow


Johnny Long - 2007
    Stealing the Network: How to Own a Shadow is the final book in Syngress ground breaking, best-selling, Stealing the Network series. As with previous title, How to Own a Shadow is a fictional story that demonstrates accurate, highly detailed scenarios of computer intrusions and counter-strikes. In How to Own a Thief, Knuth, the master-mind, shadowy figure from previous books, is tracked across the world and the Web by cyber adversaries with skill to match his own. Readers will be amazed at how Knuth, Law Enforcement, and Organized crime twist and torque everything from game stations, printers and fax machines to service provider class switches and routers steal, deceive, and obfuscate. From physical security to open source information gathering, Stealing the Network: How to Own a Shadow will entertain and educate the reader on every page. The book s companion Web site will also provide special, behind-the-scenes details and hacks for the reader to join in the chase for Knuth. . The final book in the Stealing the Network series will be a must read for the 50,000 readers worldwide of the first three titles . The companion Web site to the book will provide challenging scenarios from the book to allow the reader to track down Knuth . Law enforcement and security professionals will gain practical, technical knowledge for apprehending the most supplicated cyber-adversaries

Copying and Pasting from Stack Overflow


Vinit Nayak - 2016
    Mastering this art will not only make you the most desired developer in the market, but it will transform the craziest deadline into "Consider it done, Sir".