Testing Web Security: Assessing the Security of Web Sites and Applications
Résumé
Protect your company's Web site from hack attacks with this guide to proven security-testing techniques
It's only a matter of time before an unscrupulous would-be intruder decides to attack your organization's Web site. If they're successful, you could lose confidential customer information, intellectual property, or e-commerce revenue. Fortunately, this unique book describes a set of security tests that you can perform to ensure your Web site is hack-resistant. Web testing expert Steven Splaine offers a straightforward, easy-to-follow approach to security testing that can be used to check your Web site's vulnerabilities. Through examples and dozens of testing checklists, you'll learn how to develop and document a test plan to test the security of a Web site and conduct a risk analysis to help determine which tests should be given the highest priority.
Following a straightforward, accessible approach, this book will take you step-by-step through the process of testing the security of your Web sites and applications. Whether you're a software tester, system administrator, developer, manager, Web master, or security engineer, you'll find valuable information on how to use testing as a security measure. In this informative book, Steven Splaine covers:
- Planning the security testing effort: strategies, teams, and tools
- How to define the scope of the project
- Testing network security and system software configurations
- Checking for security vulnerabilities in Web applications
- Evaluating how well-prepared an organization is against assailants who use social engineering, dumpster diving, inside accomplices, or physical methods of attack
- The unique challenges of testing defenses designed to confuse an intruder
- Using a risk analysis to focus the testing effort on the areas that present the greatest threats to the organization
Contents
Part One An Introduction to the Book- Introduction
- Test Planning
- Network Security
- System Software Security
- Client-Side Application Security
- Sneak Attacks: Guarding against the Less-Thought-of Security Threats
- Intruder Confusion, Detection, and Response
- Assessment and Penetration Options
- Risk Analysis
- Epilogue
- Appendix A An Overview of Network Protocols, Addresses, and Devices
- Appendix B SANS Institute Top 20 Critical Internet Security Vulnerabilities
- Appendix C Test-Deliverable Templates
L'auteur - Steven Splaine
STEVEN SPLAINE is a chartered software engineer with
more than twenty years of experience in project management,
software testing, and product development. He is a regular
speaker at software testing conferences and lead author of
The Web Testing Handbook.
Caractéristiques techniques
| PAPIER | |
| Éditeur(s) | Wiley |
| Auteur(s) | Steven Splaine |
| Parution | 16/12/2002 |
| Nb. de pages | 360 |
| Format | 19 x 23,5 |
| Couverture | Broché |
| Poids | 628g |
| Intérieur | Noir et Blanc |
| EAN13 | 9780471232810 |
| ISBN13 | 978-0-471-23281-0 |
Avantages Eyrolles.com
Nouveautés "Sécurité internet"
Consultez aussi
- Les meilleures ventes en Graphisme & Photo
- Les meilleures ventes en Informatique
- Les meilleures ventes en Construction
- Les meilleures ventes en Entreprise & Droit
- Les meilleures ventes en Sciences
- Les meilleures ventes en Littérature
- Les meilleures ventes en Arts & Loisirs
- Les meilleures ventes en Vie pratique
- Les meilleures ventes en Voyage et Tourisme
- Les meilleures ventes en BD et Jeunesse
- Informatique Informatique d'entreprise Sécurité
- Informatique Réseaux et télecommunications Ouvrages généraux
- Informatique Réseaux et télecommunications Protocoles et standards
- Informatique Réseaux et télecommunications Administration réseau
- Informatique Réseaux et télecommunications Sécurité réseau Sécurité internet
