Dobbs Jolt Award Finalist since Bruce Schneier's Secrets and Lies and Applied Cryptography!Adam Shostack is responsible for security development lifecycle threat modeling at Microsoft and is one of a handful of threat modeling experts in the world. Now, he is sharing his considerable expertise into this unique book. With pages of specific actionable advice, he details how to build better security into the design of systems, software, or services from the outset. You'll explore various threat modeling approaches, find out how to test your designs against threats, and learn effective ways to address threats that have been validated at Microsoft and other top companies.Systems security managers, you'll find tools and a framework for structured thinking about what can go wrong. Software developers, you'll appreciate the jargon-free and accessible introduction to this essential skill. Security professionals, you'll learn to discern changing threats and discover the easiest ways to adopt a structured approach to threat modeling.Provides a unique how-to for security and software developers who need to design secure products and systems and test their designs Explains how to threat model and explores various threat modeling approaches, such as asset-centric, attacker-centric and software-centric Provides effective approaches and techniques that have been proven at Microsoft and elsewhere Offers actionable how-to advice not tied to any specific software, operating system, or programming language Authored by a Microsoft professional who is one of the most prominent threat modeling experts in the world As more software is delivered on the Internet or operates on Internet-connected devices, the design of secure software is absolutely critical. Make sure you're ready with Threat Modeling: Designing for Security.

    A whole generation was introduced to object technology through the first edition of this book. This long-awaited new edition retains the qualities of clarity, practicality and scholarship that made the first an instant bestseller, but has been thoroughly revised and expanded.Among the new topics covered in depth are: concurrency, distribution, client/server and the Internet, object-oriented databases, design by contract, fundamental design patterns, finding classes, the use and misuse of inheritance, abstract data types, and typing issues. The book also includes completely updated discussions of reusability, modularity, software quality, object-oriented languages, memory management, and many other essential topics.

    More than four dozen architects -- including Neal Ford, Michael Nygard, and Bill de hOra -- offer advice for communicating with stakeholders, eliminating complexity, empowering developers, and many more practical lessons they've learned from years of experience. Among the 97 principles in this book, you'll find useful advice such as:Don't Put Your Resume Ahead of the Requirements (Nitin Borwankar) Chances Are, Your Biggest Problem Isn't Technical (Mark Ramm) Communication Is King; Clarity and Leadership, Its Humble Servants (Mark Richards) Simplicity Before Generality, Use Before Reuse (Kevlin Henney) For the End User, the Interface Is the System (Vinayak Hegde) It's Never Too Early to Think About Performance (Rebecca Parsons) To be successful as a software architect, you need to master both business and technology. This book tells you what top software architects think is important and how they approach a project. If you want to enhance your career, 97 Things Every Software Architect Should Know is essential reading.

    But you don't need to commit every XML syntax, API, or XSLT transformation to memory; you only need to know where to find it. And if it's a detail that has to do with XML or its companion standards, you'll find it--clear, concise, useful, and well-organized--in the updated third edition of XML in a Nutshell.With XML in a Nutshell beside your keyboard, you'll be able to: Quick-reference syntax rules and usage examples for the core XML technologies, including XML, DTDs, Xpath, XSLT, SAX, and DOM Develop an understanding of well-formed XML, DTDs, namespaces, Unicode, and W3C XML Schema Gain a working knowledge of key technologies used for narrative XML documents such as web pages, books, and articles technologies like XSLT, Xpath, Xlink, Xpointer, CSS, and XSL-FO Build data-intensive XML applications Understand the tools and APIs necessary to build data-intensive XML applications and process XML documents, including the event-based Simple API for XML (SAX2) and the tree-oriented Document Object Model (DOM) This powerful new edition is the comprehensive XML reference. Serious users of XML will find coverage on just about everything they need, from fundamental syntax rules, to details of DTD and XML Schema creation, to XSLT transformations, to APIs used for processing XML documents. XML in a Nutshell also covers XML 1.1, as well as updates to SAX2 and DOM Level 3 coverage. If you need explanation of how a technology works, or just need to quickly find the precise syntax for a particular piece, XML in a Nutshell puts the information at your fingertips.Simply put, XML in a Nutshell is the critical, must-have reference for any XML developer.

    Sipser's candid, crystal-clear style allows students at every level to understand and enjoy this field. His innovative "proof idea" sections explain profound concepts in plain English. The new edition incorporates many improvements students and professors have suggested over the years, and offers updated, classroom-tested problem sets at the end of each chapter.

    unsigned numbers- Floating point and fixed point arithmeticThis short, easily understood book will quickly get you thinking like a programmer.

    Unfortunately, developers are creating mountains of unmaintainable tests as a side effect. I've been fighting the maintenance battle pretty aggressively for years, and this book captures the what I believe is the most effective way to test.This book details my strong opinions on the best way to test, while acknowledging alternative styles and various contexts in which tests are written. Whether you prefer my style or not, this book will help you write better Unit and Functional Tests.

    If you're working with a relational database--whether you're writing applications, performing administrative tasks, or generating reports--you need to know how to interact with your data. Even if you are using a tool that generates SQL for you, such as a reporting tool, there may still be cases where you need to bypass the automatic generation feature and write your own SQL statements.To help you attain this fundamental SQL knowledge, look to "Learning SQL," an introductory guide to SQL, designed primarily for developers just cutting their teeth on the language."Learning SQL" moves you quickly through the basics and then on to some of the more commonly used advanced features. Among the topics discussed: The history of the computerized databaseSQL Data Statements--those used to create, manipulate, and retrieve data stored in your database; example statements include select, update, insert, and deleteSQL Schema Statements--those used to create database objects, such as tables, indexes, and constraintsHow data sets can interact with queriesThe importance of subqueriesData conversion and manipulation via SQL's built-in functionsHow conditional logic can be used in Data StatementsBest of all, "Learning SQL" talks to you in a real-world manner, discussing various platform differences that you're likely to encounter and offering a series of chapter exercises that walk you through the learning process. Whenever possible, the book sticks to the features included in the ANSI SQL standards. This means you'll be able to apply what you learn to any of several different databases; the book covers MySQL, Microsoft SQL Server, and Oracle Database, but the features and syntax should apply just as well (perhaps with some tweaking) to IBM DB2, Sybase Adaptive Server, and PostgreSQL.Put the power and flexibility of SQL to work. With "Learning SQL" you can master this important skill and know that the SQL statements you write are indeed correct.

    Since the last edition of this book appeared five years ago, there has been a major climate change with regard to web standards. Designers are no longer using (X)HTML as a design tool, but as a means of defining the meaning and structure of content. Cascading Style Sheets are no longer just something interesting to tinker with, but rather a reliable method for handling all matters of presentation, from fonts and colors to the layout of the entire page. In fact, following the standards is now a mandate of professional web design.Our popular reference, Web Design in a Nutshell, is one of the first books to capture this new web landscape with an edition that's been completely rewritten and expanded to reflect the state of the art. In addition to being an authoritative reference for (X)HTML and Cascading Style Sheets, this book also provides an overview of the unique requirements of designing for the Web and gets to the nitty-gritty of JavaScript and DOM Scripting, web graphics optimization, and multimedia production. It is an indispensable tool for web designers and developers of all levels.The third edition covers these contemporary web design topics:Structural layer: HTML 4.01 and XHTML 1.0 (9 chapters), including an alphabetical reference of all elements, attributes and character entities Presentation layer: Ten all-new chapters on Cascading Style Sheets, Level 2.1, including an alphabetical reference of all properties and values. Behavior layer: JavaScript and scripting with the Document Object Model (DOM) Web environment: New web standards, browsers, display devices, accessibility, and internationalization Web graphics optimization: Producing lean and mean GIF, JPEG, PNG, and animated GIFs Multimedia: Web audio, video, Flash, and PDFOrganized so that readers can find answers quickly, Web Design in a Nutshell, Third Edition helps experienced designers come up to speed quickly on standards-based web design, and serves as a quick reference for those already familiar with the new standards and technology. There are many books for web designers, but none that address such a wide variety of topics. Find out why nearly half a million buyers have made this the most popular web design book available.

    Scripting is a way to harness and customize the power of any Unix system, and it's an essential skill for any Unix users, including system administrators and professional OS X developers. But beneath this simple promise lies a treacherous ocean of variations in Unix commands and standards.bash Cookbook teaches shell scripting the way Unix masters practice the craft. It presents a variety of recipes and tricks for all levels of shell programmers so that anyone can become a proficient user of the most common Unix shell -- the bash shell -- and cygwin or other popular Unix emulation packages. Packed full of useful scripts, along with examples that explain how to create better scripts, this new cookbook gives professionals and power users everything they need to automate routine tasks and enable them to truly manage their systems -- rather than have their systems manage them.

     Rails(TM) AntiPatterns identifies these widespread Rails code and design problems, explains why they're bad and why they happen--and shows exactly what to do instead.The book is organized into concise, modular chapters--each outlines a single common AntiPattern and offers detailed, cookbook-style code solutions that were previously difficult or impossible to find. Leading Rails developers Chad Pytel and Tammer Saleh also offer specific guidance for refactoring existing bad code or design to reflect sound object-oriented principles and established Rails best practices. With their help, developers, architects, and testers can dramatically improve new and existing applications, avoid future problems, and establish superior Rails coding standards throughout their organizations.This book will help you understand, avoid, and solve problems withModel layer code, from general object-oriented programming violations to complex SQL and excessive redundancy Domain modeling, including schema and database issues such as normalization and serialization View layer tools and conventions Controller-layer code, including RESTful code Service-related APIs, including timeouts, exceptions, backgrounding, and response codes Third-party code, including plug-ins and gems Testing, from test suites to test-driven development processes Scaling and deployment Database issues, including migrations and validations System design for "graceful degradation" in the real world

    The problems are challenging, well-motivated, and accessible. They are representative of the questions asked at interviews at the most exciting companies.The book begins with a summary of patterns for data structure, algorithms, and problem solving that will help you solve the most challenging interview problems. This is followed by chapters on basic and advanced data structures, algorithm design, concurrency, system design, probability and discrete mathematics. Each chapter starts with a brief review of key concepts and results followed by a deep and wide set of questions.EPI concludes with a summary of the nontechnical aspects of interviewing, including common mistakes, strategies for a great interview, perspectives from across the table, negotiating the best offer, and much more."This book is the best compilation of programming related problems I have seen. It is a great resource for a diverse set of topics when preparing for technical interviews, as a quick refresher in a subject area or when you are just looking for a brain teaser to challenge yourself." Shashank Gupta / Scaligent, formerly Engineering Manager, Amazon.com, Senior Engineering Manager, Yahoo!, Manager of Software Development, Cisco Systems

    "This book is a guide to how we do product development at Basecamp. It’s also a toolbox full of techniques that you can apply in your own way to your own process.Whether you’re a founder, CTO, product manager, designer, or developer, you’re probably here because of some common challenges that all software companies have to face."