WebApp Sec mailing list archives
RE: Any details on this book?
From: "Michael Howard" <mikehow () microsoft com>
Date: Thu, 8 Jul 2004 12:32:23 -0700
I just confirmed with friends in MSPress, the book is cancelled - bummer :( [Writing Secure Code 2nd Edition] http://www.microsoft.com/mspress/books/5957.asp [Protect Your PC] http://www.microsoft.com/protect [Blog] http://blogs.msdn.com/michael_howard [Annual Security Training] http://mste/training/offerings.asp?offeringid=7142 -----Original Message----- From: Mads Rasmussen [mailto:mads () opencs com br] Sent: Wednesday, July 07, 2004 10:28 AM To: Webappsec List Subject: Any details on this book? Maybe Michael Howard can shed more light on the contents of this upcoming (August according to Amazon) book: (the microsoft link for the book doesn't work though and searching for it at microsoft doesn't bring any meaningful results) http://cyberforge.com/weblog/aniltj/archive/2003/11/15/167.aspx Web Application Security Assessment http://www.microsoft.com/MSPress/books/7194.asp Examine Microsoft's structured methodology for reviewing Web applications for security bugs-from design to deployment-and apply proven practices and code to your own development efforts. Now you can benefit from the many lessons Microsoft has learned about testing Web applications for security bugs. A must-have reference for every Web developer and tester, this book presents a comprehensive, structured methodology for identifying and addressing the most common, real-world security issues for Web applications throughout the development process. Written by the principal, front-line Web security assessment team at Microsoft, this guide walks you through each of the critical stages for effective security testing, including designing for and assessing security features; identifying security vulnerabilities and executing the assessment; and enhancing infrastructure security before application deployment, including best practices for locking down Microsoft(r) Windows Server(tm) 2003, Microsoft Internet Information Services (IIS), and Microsoft SQL Server. Get the entire book's sample code via the Web-and easily apply this expert author team's techniques and tools to your own programs. -- Mads Rasmussen, M.Sc. Open Communications Security www.opencs.com.br +55 11 3345 2525
Current thread:
- Any details on this book? Mads Rasmussen (Jul 07)
- RE: Any details on this book? Eric Rachner (Aug 24)
- <Possible follow-ups>
- Re: Any details on this book? Mads Rasmussen (Jul 07)
- Re: Any details on this book? Mads Rasmussen (Jul 08)
- RE: Any details on this book? Michael Howard (Jul 08)