Secure Coding Books
From SecurityForest
| Table of contents |
Writing Secure Code
Name: Writing Secure Code
Authors: Michael Howard, David C. LeBlanc
Publisher: Microsoft Press; 2 edition (December 4, 2002)
Pages: 650
ISBN: 0735617228
Description: Keep black-hat hackers at bay with the tips and techniques in this entertaining, eye-opening book! Developers will learn how to padlock their applications throughout the entire development process—from designing secure applications to writing robust code that can withstand repeated attacks to testing applications for security flaws. Easily digested chapters reveal proven principles, strategies, and coding techniques. The authors—two battle-scarred veterans who have solved some of the industry’s toughest security problems—provide sample code in several languages. This edition includes updated information about threat modeling, designing a security process, international issues, file-system issues, adding privacy to applications, and performing security code reviews. It also includes enhanced coverage of buffer overruns, Microsoft® .NET security, and Microsoft ActiveX® development, plus practical checklists for developers, testers, and program managers.
Ranking: 
For more information or to buy this book from Amazon (http://www.amazon.com/exec/obidos/ASIN/0735617228/securityfores-20?dev-t=mason-wrapper%26camp=2025%26link_code=xm2)
Secure Coding
Name: Secure Coding : Principles and Practices
Authors: Mark G. Graff, Kenneth R. Van Wyk
Publisher: O'Reilly; 1 edition (July, 2003)
Pages: 200
ISBN: 0596002424
Description: Despite their myriad manifestations and different targets, nearly all attacks on computer systems have one fundamental cause: the code used to run far too many systems today is not secure. Flaws in its design, implementation, testing, and operations allow attackers all-too-easy access. Secure Coding, by Mark G. Graff and Ken vanWyk, looks at the problem of bad code in a new way. Packed with advice based on the authors' decades of experience in the computer security field, this concise and highly readable book explains why so much code today is filled with vulnerabilities, and tells readers what they must do to avoid writing code that can be exploited by attackers. Beyond the technical, Secure Coding sheds new light on the economic, psychological, and sheer practical reasons why security vulnerabilities are so ubiquitous today. It presents a new way of thinking about these vulnerabilities and ways that developers can compensate for the factors that have produced such unsecured software in the past. It issues a challenge to all those concerned about computer security to finally make a commitment to building code the right way.
Ranking: 
For more information or to buy this book from Amazon (http://www.amazon.com/exec/obidos/ASIN/0596002424/securityfores-20?dev-t=mason-wrapper%26camp=2025%26link_code=xm2)
Secure Programming Cookbook for C and C++
Name: Secure Programming Cookbook for C and Cpp
Authors: John Viega, Matt Messier
Publisher: O'Reilly; 1 edition (July 14, 2003)
Pages: 790
ISBN: 0596003943
Description: Secure Programming Cookbook for C and C++ is an important new resource for developers serious about writing secure code. It contains a wealth of solutions to problems faced by those who care about the security of their applications. It covers a wide range of topics, including safe initialization, access control, input validation, symmetric and public key cryptography, cryptographic hashes and MACs, authentication and key exchange, PKI, random numbers, and anti-tampering. The rich set of code samples provided in the book's more than 200 recipes will help programmers secure the C and C++ programs they write for both Unix® (including Linux®) and Windows® environments. The book's web site supplements the book by providing a place to post new recipes, including those written in additional languages like Perl, Java, and Python. Monthly prizes will reward the best recipes submitted by readers. The Secure Programming Cookbook for C and C++ is destined to become an essential part of any developer's library, a code companion developers will turn to again and again as they seek to protect their systems from attackers and reduce the risks they face in today's dangerous world.
Ranking:
For more information or to buy this book from Amazon (http://www.amazon.com/exec/obidos/ASIN/0596003943/securityfores-20?dev-t=mason-wrapper%26camp=2025%26link_code=xm2)
Building Secure Software
Name: Building Secure Software : How to Avoid Security Problems the Right Way
Authors: John Viega, Gary McGraw
Publisher: Addison-Wesley Pub Co; 1st edition (September 24, 2001)
Pages: 528
ISBN: 020172152X
Description: Though they include low-level detail that is most applicable to programmers, Viega and McGraw address anyone involved in software development from managers to coders. They explain how to build security into software at its very beginning. They refer readers to the many other appropriate works for information on how to implement security measures on software and systems that already exist.
Ranking:
For more information or to buy this book from Amazon (http://www.amazon.com/exec/obidos/ASIN/020172152X/securityfores-20?dev-t=mason-wrapper%26camp=2025%26link_code=xm2)
