The RESTful approach to web services design is rapidly become the approach of choice. Unfortunately, too few people have truly solid REST API design skills, and discussions of REST can become bogged down in dry theory.The REST API Design Handbook is a simple, practical guide to aid software engineers and software architects create lasting, scalable APIs based on REST architectural principles. The book provides a sound foundation in discussing the constraints that define a REST API. It quickly goes beyond that into the practical aspects of implementing such an API in the real world.Written by cloud computing expert George Reese, The REST API Design Handbook reflects hands on work in consuming many different third party APIs as well the development of REST-based web services APIs. It addresses all of the debates the commonly arise while creating these APIs. Subjects covered include:* REST architectural constraints* Using HTTP methods and response codes in an API* Authenticating RESTful API calls* Versioning* Asynchronous Operations* Pagination and Streaming* Polling and Push Notifications* Rate Limiting

    Readers will learn how to define the overall testing goals and strategies for the systems being tested.This hands-on, exercise-rich book provides experience with planning, scheduling, and tracking these tasks. You'll be able to describe and organize the necessary activities as well as learn to select, acquire, and assign adequate resources for testing tasks. Learn how to form, organize, and lead testing teams Master the organizing of communication among the members of the testing teams, and between the testing teams and all the other stakeholders. Additionally, you'll learn how to justify decisions and provide adequate reporting information where applicable.Target Audience: Software Testers, Programmers, System Designers, IT Managers

    This bestselling Sybex study guide covers 100% of all exam objectives. You'll prepare for the exam smarter and faster with Sybex thanks to expert content, real-world examples, advice on passing each section of the exam, access to the Sybex online interactive learning environment, and much more. Reinforce what you've learned with key topic exam essentials and chapter review questions. Along with the book, you also get access to Sybex's superior online interactive learning environment that includes: Four unique 250 question practice exams to help you identify where you need to study more. Get more than 90 percent of the answers correct, and you're ready to take the certification exam. More than 650 Electronic Flashcards to reinforce your learning and give you last-minute test prep before the exam A searchable glossary in PDF to give you instant access to the key terms you need to know for the exam Coverage of all of the exam topics in the book means you'll be ready for: Security and Risk Management Asset Security Security Engineering Communication and Network Security Identity and Access Management Security Assessment and Testing Security Operations Software Development Security

    This book explains the technical aspects of hacking, including stack based overflows, heap based overflows, string exploits, return-into-libc, shellcode, and cryptographic attacks on 802.11b.

    It also works beautifully with other open source tools, such as the MySQL database and the Apache web server. However, as more web sites are developed in PHP, they become targets for malicious attackers, and developers need to prepare for the attacks.Security is an issue that demands attention, given the growing frequency of attacks on web sites. Essential PHP Security explains the most common types of attacks and how to write code that isn't susceptible to them. By examining specific attacks and the techniques used to protect against them, you will have a deeper understanding and appreciation of the safeguards you are about to learn in this book.In the much-needed (and highly-requested) Essential PHP Security, each chapter covers an aspect of a web application (such as form processing, database programming, session management, and authentication). Chapters describe potential attacks with examples and then explain techniques to help you prevent those attacks.Topics covered include:Preventing cross-site scripting (XSS) vulnerabilitiesProtecting against SQL injection attacksComplicating session hijacking attemptsYou are in good hands with author Chris Shiflett, an internationally-recognized expert in the field of PHP security. Shiflett is also the founder and President of Brain Bulb, a PHP consultancy that offers a variety of services to clients around the world.

    But the principles and practices of software architecting–what the authors call the “science of hard decisions”–have been evolving for cloud, mobile, and other shifts. Now fully revised and updated, this book shares the knowledge and real-world perspectives that enable you to design for success–and deliver more successful solutions. In this fully updated Second Edition, you will: Learn how only a deep understanding of domain can lead to appropriate architecture Examine domain-driven design in both theory and implementation Shift your approach to code first, model later–including multilayer architecture Capture the benefits of prioritizing software maintainability See how readability, testability, and extensibility lead to code quality Take a user experience (UX) first approach, rather than designing for data Review patterns for organizing business logic Use event sourcing and CQRS together to model complex business domains more effectively Delve inside the persistence layer, including patterns and implementation.

    Richard Stevens' classic TCP/IP Illustrated, Volume 1 to gain the detailed understanding of TCP/IP they need to be effective. Now, the world's leading TCP/IP best-seller has been thoroughly updated to reflect a new generation of TCP/IP-based networking technologies. TCP/IP Illustrated, Volume 1, Second Edition doesn't just describe protocols: it enables readers to observe how these protocols operate under different conditions, using publicly available tools, and explains why key design decisions were made. The result: readers gain a deep understanding of how TCP/IP protocols function, and why they function that way. Now thoroughly updated by long-time networking expert Kevin Fall, this brand-new second edition's extensive new coverage includes: " Remote procedure call " Identity management (access control / authentication) " Network and transport layer security (authentication / privacy) " File access protocols, including NFS and SMB/CIFS " Host initialization and DHCP " NAT and firewalls " E-mail " Web and web services " Wireless and wireless security " New tools, including Ethereal, nmap and netcat

    Mitnick claims that this socialengineering tactic was the single-most effective method in hisarsenal. This indispensable book examines a variety of maneuversthat are aimed at deceiving unsuspecting victims, while it alsoaddresses ways to prevent social engineering threats.Examines social engineering, the science of influencing atarget to perform a desired task or divulge informationArms you with invaluable information about the many methods oftrickery that hackers use in order to gather information with theintent of executing identity theft, fraud, or gaining computersystem accessReveals vital steps for preventing social engineeringthreatsSocial Engineering: The Art of Human Hacking does itspart to prepare you against nefarious hackers--now you can doyour part by putting to good use the critical information withinits pages.

    We're going to do that by introducing you to Example.com, where you're going to start a new job as one of its SysAdmins. The first project you'll be in charge of is developing its new log management solution. We'll teach you how to:* Install and deploy LogStash.* Ship events from a LogStash Shipper to a central LogStash server.* Filter incoming events using a variety of techniques.* Output those events to a selection of useful destinations.* Use LogStash's Web interface and alternative interfaces like Kibana.* Scale out your LogStash implementation as your environment grows.* Quickly and easily extend LogStash to deliver additional functionality you might need.By the end of the book you should have a functional and effective log management solution that you can deploy into your own environment.

    It presents a learning journey, not definitive guidance. It describes the experiences of a development team with no prior CQRS proficiency in building, deploying (to Windows Azure), and maintaining a sample real-world, complex, enterprise system to showcase various CQRS and ES concepts, challenges, and techniques.The development team did not work in isolation; we actively sought input from industry experts and from a wide group of advisors to ensure that the guidance is both detailed and practical.The CQRS pattern and event sourcing are not mere simplistic solutions to the problems associated with large-scale, distributed systems. By providing you with both a working application and written guidance, we expect you’ll be well prepared to embark on your own CQRS journey.

    Whether you're new to Linux or need a reliable update and reference, this is an excellent resource. Veteran bestselling author Christopher Negus provides a complete tutorial packed with major updates, revisions, and hands-on exercises so that you can confidently start using Linux today. Offers a complete restructure, complete with exercises, to make the book a better learning tool Places a strong focus on the Linux command line tools and can be used with all distributions and versions of Linux Features in-depth coverage of the tools that a power user and a Linux administrator need to get startedThis practical learning tool is ideal for anyone eager to set up a new Linux desktop system at home or curious to learn how to manage Linux server systems at work.

    Book annotation not available for this title.Title: CCNP ROUTE 642-902Author: Odom, WendellPublisher: Pearson P T RPublication Date: 2010/02/09Number of Pages: 730Binding Type: HARDCOVERLibrary of Congress: 2009049908

    Learn how to leverage the Django web framework to its full potential in this advanced tutorial and reference. Endorsed by Django, Pro Django more or less picks up where The Definitive Guide to Django left off and examines in greater detail the unusual and complex problems that Python web application developers can face and how to solve them.Provides in-depth information about advanced tools and techniques available in every Django installation Runs the gamut from the theory of Django's internal operations to actual code that solves real-world problems for high-volume environments Goes above and beyond other books, leaving the basics behind Shows how Django can do things even its core developers never dreamed possible

    But until now, there has been no real manual on how to use Python for a variety of hacking tasks. You had to dig through forum posts and man pages, endlessly tweaking your own code to get everything working. Not anymore.Gray Hat Python explains the concepts behind hacking tools and techniques like debuggers, trojans, fuzzers, and emulators. But author Justin Seitz goes beyond theory, showing you how to harness existing Python-based security tools - and how to build your own when the pre-built ones won't cut it.You'll learn how to:Automate tedious reversing and security tasks Design and program your own debugger Learn how to fuzz Windows drivers and create powerful fuzzers from scratch Have fun with code and library injection, soft and hard hooking techniques, and other software trickery Sniff secure traffic out of an encrypted web browser session Use PyDBG, Immunity Debugger, Sulley, IDAPython, PyEMU, and more The world's best hackers are using Python to do their handiwork. Shouldn't you?

    In this one-of-a-kind account, you'll see how the developers responsible for these flaws patched the bugs—or failed to respond at all. As you follow Klein on his journey, you'll gain deep technical knowledge and insight into how hackers approach difficult problems and experience the true joys (and frustrations) of bug hunting.Along the way you'll learn how to:Use field-tested techniques to find bugs, like identifying and tracing user input data and reverse engineering Exploit vulnerabilities like NULL pointer dereferences, buffer overflows, and type conversion flaws Develop proof of concept code that verifies the security flaw Report bugs to vendors or third party brokersA Bug Hunter's Diary is packed with real-world examples of vulnerable code and the custom programs used to find and test bugs. Whether you're hunting bugs for fun, for profit, or to make the world a safer place, you'll learn valuable new skills by looking over the shoulder of a professional bug hunter in action.