AnyBook4Less.com	Find the Best Price on the Web Order from a Major Online Bookstore
Home  |  Store List  |  FAQ  |  Contact Us  |
Ultimate Book Price Comparison Engine Save Your Time And Money Keyword AuthorISBN

Title: Secure Coding: Principles and Practices by Mark G. Graff, Kenneth R. Van Wyk ISBN: 0-596-00242-4 Publisher: O'Reilly & Associates Pub. Date: July, 2003 Format: Paperback Volumes: 1 List Price(USD): $29.95

Your Country USA Canada United Kingdom Australia Austria Belgium France Germany Italy Netherlands Switzerland Currency AutoUSD CAD GBP EUR AUD CHF Delivery Only cheapest delivery All delivery options Include Used Books Are you a club member of: Barnes and Noble Books A Million Chapters.Indigo.ca

Average Customer Rating: 4.42 (12 reviews)

Rating: 4
Summary: Required reading for programmers serious about security
Comment: In the movie Seabiscuit, the titular racehorse doesn't appear on screen until almost an hour into the movie. Nevertheless, the wait is worth it, and the movie was a blockbuster. While no one would confuse this uplifting Depression-era tale with a book on computer code, Secure Coding shares a basic similarity with Seabiscuit: The former doesn't trot out its subject--an actual piece of software code--until page 76, and the result is outstanding nonetheless.

The similarity ends there. While moviegoers eagerly awaited Seabiscuit's appearance, security professionals might well dread the first appearance of code. Refreshingly, the book contains only seven pages of software code.

Similarly themed books spend most of their time in the nitty-gritty of actual code. This one is a horse of a different color, dealing with what needs to be done before the first line of software code is actually written. With the goal of helping developers create applications that are resilient against attacks, the authors develop the book around three categories of software development: architecture and design, implementation, and operations.

Above and beyond technical aspects of software development, the authors describe how serious security vulnerabilities leak into the software-development process. These include ignorance, psychological issues, and the short time spans allotted to the development process.

This book is a sure bet to help developers and project managers create secure software applications without bogging down in specific code.

Rating: 5
Summary: Van Wyk and Graff deliver the playbook for Security
Comment: Ken and Mark have written the playbook for writing secure code. The book focuses on security principles and doesn't use complicated code-based examples to explain these essential security practices. The authors use very easy-to-understand examples that help to illustrate the security principles they discuss.

Step-by-step, they take readers through the levels of security from the initial architecture right through to the QA process. These practices and examples are not the product of reading what someone else wrote and regurgitating it in another form (as so often security publications are these days) but rather the product of experience, and mistakes. That is truly where this book's value rests.

This book is truly a triumph in security. With a combination of good examples and well thought-out text, this book is a must read.

My only criticism of the book is that people might dismiss it as a coder's guide books by the title. The book is not just for coders, its for anyone involved in anyway with computer security.

Rating: 5
Summary: much-needed and indispensable
Comment: This is an excellent book that should be read by all software developers, script writers, system administrators, application designers, and system maintainers. The book is short, to-the-point, and hits the important points as well as giving numerous real-world examples. It is easy to read, and not dependent on any specific software life cycle model or methodology--though it brings home the point that if you aren't following such a process, you'd do well to implement one. This is a must-read and must-refer-to book that no organization that uses customized software or develops software in-house should be
without.

Similar Books:

	Title: Secure Programming Cookbook for C and C++ by John Viega, Matt Messier ISBN: 0596003943 Publisher: O'Reilly & Associates Pub. Date: 14 July, 2003 List Price(USD): $49.95
	Title: Writing Secure Code, Second Edition by Michael Howard, David C. LeBlanc ISBN: 0735617228 Publisher: Microsoft Press Pub. Date: 04 December, 2002 List Price(USD): $49.99
	Title: Building Secure Software: How to Avoid Security Problems the Right Way by John Viega, Gary McGraw ISBN: 020172152X Publisher: Addison-Wesley Pub Co Pub. Date: 24 September, 2001 List Price(USD): $54.99
	Title: Security Warrior by Cyrus Peikari, Anton Chuvakin ISBN: 0596005458 Publisher: O'Reilly & Associates Pub. Date: 01 February, 2004 List Price(USD): $44.95
	Title: Beyond Fear: Thinking Sensibly About Security in an Uncertain World by Bruce Schneier ISBN: 0387026207 Publisher: Copernicus Books Pub. Date: September, 2003 List Price(USD): $25.00