Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Any details on this book?

from [Eric Rachner] Network Security [Permanent Link]
Subject: RE: Any details on this book?
Date: Mon, 23 Aug 2004 11:34:56 -0700 
The book project is temporarily on ice, basically because all of its
authors (myself included) are too busy assessing applications to also
produce a high-quality book on a concurrent, controlled schedule.

Of course, it's in the career interests of the authors to get published,
so it's only a matter of time before the project is thawed out.

In the mean time, some of the material originally intended for the book
has been published in this month's issue of aspnetPRO magazine:
www.aspnetpro.com (see the article about the "One-Click Attack")

- Eric

-----Original Message-----
From: Mads Rasmussen [mailto:mads@opencs.com.br] 
Sent: Wednesday, July 07, 2004 10:28 AM
To: Webappsec List
Subject: Any details on this book?


Maybe Michael Howard can shed more light on the contents of this 
upcoming (August according to Amazon) book:

(the microsoft link for the book doesn't work though and searching for 
it at microsoft doesn't bring any meaningful results)

http://cyberforge.com/weblog/aniltj/archive/2003/11/15/167.aspx

Web Application Security Assessment
http://www.microsoft.com/MSPress/books/7194.asp

Examine Microsoft's structured methodology for reviewing Web 
applications for security bugs-from design to deployment-and apply 
proven practices and code to your own development efforts. Now you can 
benefit from the many lessons Microsoft has learned about testing Web 
applications for security bugs. A must-have reference for every Web 
developer and tester, this book presents a comprehensive, structured 
methodology for identifying and addressing the most common, real-world 
security issues for Web applications throughout the development process.

Written by the principal, front-line Web security assessment team at 
Microsoft, this guide walks you through each of the critical stages for 
effective security testing, including designing for and assessing 
security features; identifying security vulnerabilities and executing 
the assessment; and enhancing infrastructure security before application

deployment, including best practices for locking down MicrosoftR Windows

ServerT 2003, Microsoft Internet Information Services (IIS), and 
Microsoft SQL Server. Get the entire book's sample code via the Web-and 
easily apply this expert author team's techniques and tools to your own 
programs.


-- 
Mads Rasmussen, M.Sc.
Open Communications Security
www.opencs.com.br
+55 11 3345 2525
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • RE: Any details on this book?, Eric Rachner <=
Previous by Date:  RE: mutual SSL proxy, Parity
Next by Date:  Re: App Firewalls and Secure Libraries, Mark Curphey
Previous by Thread:  query: switching b/n secure and non-secure mode, Rufoo
Next by Thread:  RE: Finally - Curphey award 2004 to SPI Dynamics, Sebastien Deleersnyder
Indexes:  [Date] [Thread] [Top] [All Lists]