RE: My review of 19 Sins

["Michael Howard" <mikehow () microsoft com>]

I'm still awaiting my copies :(

[19 Deadly Sins]
http://books.mcgraw-hill.com/getbook.php?isbn=0072260858
[Writing Secure Code] http://www.microsoft.com/mspress/books/5957.asp 
[Blog] http://blogs.msdn.com/michael_howard
[SDL] http://msdn.microsoft.com/security/sdl 

-----Original Message-----
From: Andrew van der Stock [mailto:vanderaj () greebo net] 
Sent: Thursday, July 28, 2005 3:49 PM
To: webappsec () securityfocus com
Subject: My review of 19 Sins

Hi there,

Here's my review of the 19 Sins.

http://www.greebo.net/review_19sins.html

I was expecting Writing Secure Code++, and instead we got (in my  
view) the Top 19 of circa 2004.

Please take this on board when you read my review - it's a great book  
for PHP, Java and .NET programmers who want to reduce the risk of  
their application generally, or if you need to explain why you want  
to fix something to your boss (the book is clear and well written),  
but it's no Writing Secure Code.

Does anyone else have any reviews? I am distinctly biased (although I  
tried to be objective), so I'd love to hear about other reviews as well.

thanks,
Andrew