It also works beautifully with other open source tools, such as the MySQL database and the Apache web server. However, as more web sites are developed in PHP, they become targets for malicious attackers, and developers need to prepare for the attacks.Security is an issue that demands attention, given the growing frequency of attacks on web sites. Essential PHP Security explains the most common types of attacks and how to write code that isn't susceptible to them. By examining specific attacks and the techniques used to protect against them, you will have a deeper understanding and appreciation of the safeguards you are about to learn in this book.In the much-needed (and highly-requested) Essential PHP Security, each chapter covers an aspect of a web application (such as form processing, database programming, session management, and authentication). Chapters describe potential attacks with examples and then explain techniques to help you prevent those attacks.Topics covered include:Preventing cross-site scripting (XSS) vulnerabilitiesProtecting against SQL injection attacksComplicating session hijacking attemptsYou are in good hands with author Chris Shiflett, an internationally-recognized expert in the field of PHP security. Shiflett is also the founder and President of Brain Bulb, a PHP consultancy that offers a variety of services to clients around the world.

    Cassandra: The Definitive Guide provides the technical details and practical examples you need to assess this database management system and put it to work in a production environment.Author Eben Hewitt demonstrates the advantages of Cassandra's nonrelational design, and pays special attention to data modeling. If you're a developer, DBA, application architect, or manager looking to solve a database scaling issue or future-proof your application, this guide shows you how to harness Cassandra's speed and flexibility.Understand the tenets of Cassandra's column-oriented structureLearn how to write, update, and read Cassandra dataDiscover how to add or remove nodes from the cluster as your application requiresExamine a working application that translates from a relational model to Cassandra's data modelUse examples for writing clients in Java, Python, and C#Use the JMX interface to monitor a cluster's usage, memory patterns, and moreTune memory settings, data storage, and caching for better performance

    This book draws on material Michael created for his renowned Object Mentor seminars, techniques Michael has used in mentoring to help hundreds of developers, technical managers, and testers bring their legacy systems under control. The topics covered include: Understanding the mechanics of software change, adding features, fixing bugs, improving design, optimizing performance Getting legacy code into a test harness Writing tests that protect you against introducing new problems Techniques that can be used with any language or platform, with examples in Java, C++, C, and C# Accurately identifying where code changes need to be made Coping with legacy systems that aren't object-oriented Handling applications that don't seem to have any structureThis book also includes a catalog of twenty-four dependency-breaking techniques that help you work with program elements in isolation and make safer changes.

    It presents a learning journey, not definitive guidance. It describes the experiences of a development team with no prior CQRS proficiency in building, deploying (to Windows Azure), and maintaining a sample real-world, complex, enterprise system to showcase various CQRS and ES concepts, challenges, and techniques.The development team did not work in isolation; we actively sought input from industry experts and from a wide group of advisors to ensure that the guidance is both detailed and practical.The CQRS pattern and event sourcing are not mere simplistic solutions to the problems associated with large-scale, distributed systems. By providing you with both a working application and written guidance, we expect you’ll be well prepared to embark on your own CQRS journey.

    It illustrates little-known features and techniques for getting the most from the Tableau toolset, supporting the needs of the business analysts who use the product as well as the data and IT managers who support it.This comprehensive guide covers the core feature set for data analytics, illustrating best practices for creating and sharing specific types of dynamic data visualizations. Featuring a helpful full-color layout, the book covers analyzing data with Tableau Desktop, sharing information with Tableau Server, understanding Tableau functions and calculations, and Use Cases for Tableau Software.Includes little-known, as well as more advanced features and techniques, using detailed, real-world case studies that the author has developed as part of his consulting and training practice Explains why and how Tableau differs from traditional business information analysis tools Shows you how to deploy dashboards and visualizations throughout the enterprise Provides a detailed reference resource that is aimed at users of all skill levels Depicts ways to leverage Tableau across the value chain in the enterprise through case studies that target common business requirements Endorsed by Tableau Software Tableau Your Data shows you how to build dynamic, best-of-breed visualizations using the Tableau Software toolset.

    Darrell Huff runs the gamut of every popularly used type of statistic, probes such things as the sample study, the tabulation method, the interview technique, or the way the results are derived from the figures, and points up the countless number of dodges which are used to fool rather than to inform.

    Now, two science professors give us the tools to dismantle misinformation and think clearly in a world of fake news and bad data.It's increasingly difficult to know what's true. Misinformation, disinformation, and fake news abound. Our media environment has become hyperpartisan. Science is conducted by press release. Startup culture elevates bullshit to high art. We are fairly well equipped to spot the sort of old-school bullshit that is based in fancy rhetoric and weasel words, but most of us don't feel qualified to challenge the avalanche of new-school bullshit presented in the language of math, science, or statistics. In Calling Bullshit, Professors Carl Bergstrom and Jevin West give us a set of powerful tools to cut through the most intimidating data.You don't need a lot of technical expertise to call out problems with data. Are the numbers or results too good or too dramatic to be true? Is the claim comparing like with like? Is it confirming your personal bias? Drawing on a deep well of expertise in statistics and computational biology, Bergstrom and West exuberantly unpack examples of selection bias and muddled data visualization, distinguish between correlation and causation, and examine the susceptibility of science to modern bullshit.We have always needed people who call bullshit when necessary, whether within a circle of friends, a community of scholars, or the citizenry of a nation. Now that bullshit has evolved, we need to relearn the art of skepticism.

    Rich Stevens describes more than 200 system calls and functions; since he believes the best way to learn code is to read code, a brief example accompanies each description.Building upon information presented in the first 15 chapters, the author offers chapter-long examples teaching you how to create a database library, a PostScript printer driver, a modem dialer, and a program that runs other programs under a pseudo terminal. To make your analysis and understanding of this code even easier, and to allow you to modify it, all of the code in the book is available via UUNET.A 20-page appendix provides detailed function prototypes for all the UNIX, POSIX, and ANSI C functions that are described in the book, and lists the page on which each prototype function is described in detail. Additional tables throughout the text and a thorough index make Advanced Programming in the UNIX Environment an invaluable reference tool that all UNIX programmers - beginners to experts - w

    But few of us realize just how many oversights, biases, and downright ethical nightmares are baked inside the tech products we use every day. It’s time we change that.In Technically Wrong, Sara Wachter-Boettcher demystifies the tech industry, leaving those of us on the other side of the screen better prepared to make informed choices about the services we use—and to demand more from the companies behind them.

    Authors Tomasz Tunguz and Frank Bien draw on extensive background in big data, business intelligence, and business strategy to provide a blueprint for companies looking to move head-on into the data wave. Instrumentation is discussed in detail, but the core of the change is in the culture—this book provides sound guidance on building the type of organizational culture that creates and leverages data daily, in every aspect of the business. Real-world examples illustrate these important concepts at work: you'll learn how data helped Warby-Parker disrupt a $13 billion monopolized market, how ThredUp uses data to process more than 20 thousand items of clothing every day, how Venmo leverages data to build better products, how HubSpot empowers their salespeople to be more productive, and more. From decision making and strategy to shipping and sales, this book shows you how data makes better business. Big data has taken on buzzword status, but there is little real guidance for companies seeking everyday business data solutions. This book takes a deeper look at big data in business, and shows you how to shift internal culture ahead of the curve. Understand the changes a data culture brings to companies Instrument your company for maximum benefit Utilize data to optimize every aspect of your business Improve decision making and transform business strategy Big data is becoming the number-one topic in business, yet no one is asking the right questions. Leveraging the full power of data requires more than good IT—organization-wide buy-in is essential for long-term success. Winning with Data is the expert guide to making data work for your business, and your needs.

    Because almost every aspect of an enterprise is now dependent on technology, the focus of IT security must shift from locking down assets to enabling the business while managing and surviving risk. This compact book discusses business risk from a broader perspective, including privacy and regulatory considerations. It describes the increasing number of threats and vulnerabilities, but also offers strategies for developing solutions. These include discussions of how enterprises can take advantage of new and emerging technologies—such as social media and the huge proliferation of Internet-enabled devices—while minimizing risk. With ApressOpen, content is freely available through multiple online distribution channels and electronic formats with the goal of disseminating professionally edited and technically reviewed content to the worldwide community. Here are some of the responses from reviewers of this exceptional work: “Managing Risk and Information Security is a perceptive, balanced, and often thought-provoking exploration of evolving information risk and security challenges within a business context.  Harkins clearly connects the needed, but often-overlooked linkage and dialog between the business and technical worlds and offers actionable strategies.   The book contains eye-opening security insights that are easily understood, even by the curious layman.” Fred Wettling, Bechtel Fellow, IS&T Ethics & Compliance Officer, Bechtel     “As disruptive technology innovations and escalating cyber threats continue to create enormous information security challenges, Managing Risk and Information Security: Protect to Enable provides a much-needed perspective. This book compels information security professionals to think differently about concepts of risk management in order to be more effective. The specific and practical guidance offers a fast-track formula for developing information security strategies which are lock-step with business priorities.” Laura Robinson, Principal, Robinson Insight Chair, Security for Business Innovation Council (SBIC) Program Director, Executive Security Action Forum (ESAF) “The mandate of the information security function is being completely rewritten. Unfortunately most heads of security haven’t picked up on the change, impeding their companies’ agility and ability to innovate. This book makes the case for why security needs to change, and shows how to get started. It will be regarded as marking the turning point in information security for years to come.” Dr. Jeremy Bergsman, Practice Manager, CEB     “The world we are responsible to protect is changing dramatically and at an accelerating pace. Technology is pervasive in virtually every aspect of our lives. Clouds, virtualization and mobile are redefining computing – and they are just the beginning of what is to come. Your security perimeter is defined by wherever your information and people happen to be.

    Advocates of NoSQL databases claim they can be used to build systems that are more performant, scale better, and are easier to program." ""NoSQL Distilled" is a concise but thorough introduction to this rapidly emerging technology. Pramod J. Sadalage and Martin Fowler explain how NoSQL databases work and the ways that they may be a superior alternative to a traditional RDBMS. The authors provide a fast-paced guide to the concepts you need to know in order to evaluate whether NoSQL databases are right for your needs and, if so, which technologies you should explore further. The first part of the book concentrates on core concepts, including schemaless data models, aggregates, new distribution models, the CAP theorem, and map-reduce. In the second part, the authors explore architectural and design issues associated with implementing NoSQL. They also present realistic use cases that demonstrate NoSQL databases at work and feature representative examples using Riak, MongoDB, Cassandra, and Neo4j. In addition, by drawing on Pramod Sadalage's pioneering work, "NoSQL Distilled" shows how to implement evolutionary design with schema migration: an essential technique for applying NoSQL databases. The book concludes by describing how NoSQL is ushering in a new age of Polyglot Persistence, where multiple data-storage worlds coexist, and architects can choose the technology best optimized for each type of data access.

    It used to be that to diagnose an illness, interpret legal documents, analyze foreign policy, or write a newspaper article you needed a human being with specific skills—and maybe an advanced degree or two. These days, high-level tasks are increasingly being handled by algorithms that can do precise work not only with speed but also with nuance. These “bots” started with human programming and logic, but now their reach extends beyond what their creators ever expected. In this fascinating, frightening book, Christopher Steiner tells the story of how algorithms took over—and shows why the “bot revolution” is about to spill into every aspect of our lives, often silently, without our knowledge. The May 2010 “Flash Crash” exposed Wall Street’s reliance on trading bots to the tune of a 998-point market drop and $1 trillion in vanished market value. But that was just the beginning. In Automate This, we meet bots that are driving cars, penning haiku, and writing music mistaken for Bach’s. They listen in on our customer service calls and figure out what Iran would do in the event of a nuclear standoff. There are algorithms that can pick out the most cohesive crew of astronauts for a space mission or identify the next Jeremy Lin. Some can even ingest statistics from baseball games and spit out pitch-perfect sports journalism indistinguishable from that produced by humans. The interaction of man and machine can make our lives easier. But what will the world look like when algorithms control our hospitals, our roads, our culture, and our national security? What hap­pens to businesses when we automate judgment and eliminate human instinct? And what role will be left for doctors, lawyers, writers, truck drivers, and many others?  Who knows—maybe there’s a bot learning to do your job this minute.

    

    More than three years in development and subjected to numerous industry reviews, the 85 patterns in this full-color book provide the most successful and proven design techniques to overcoming the most common and critical problems to achieving modern-day SOA. Through numerous examples, individually documented pattern profiles, and over 400 color illustrations, this book provides in-depth coverage of:• Patterns for the design, implementation, and governance of service inventories–collections of services representing individual service portfolios that can be independently modeled, designed, and evolved.• Patterns specific to service-level architecture which pertain to a wide range of design areas, including contract design, security, legacy encapsulation, reliability, scalability, and a variety of implementation and governance issues.• Service composition patterns that address the many aspects associated with combining services into aggregate distributed solutions, including topics such as runtime messaging and message design, inter-service security controls, and transformation.• Compound patterns (such as Enterprise Service Bus and Orchestration) and recommended pattern application sequences that establish foundational processes. The book begins by establishing SOA types that are referenced throughout the patterns and then form the basis of a final chapter that discusses the architectural impact of service-oriented computing in general. These chapters bookend the pattern catalog to provide a clear link between SOA design patterns, the strategic goals of service-oriented computing, different SOA types, and the service-orientation design paradigm.This book series is further supported by a series of resources sites, including soabooks.com, soaspecs.com, soapatterns.org, soamag.com, and soaposters.com.