Hacking Exposed Web Applications, Third Edition: Edition 3
About this ebook
Protect your Web applications from malicious attacks by mastering the weapons and thought processes of today's hacker. Written by recognized security practitioners and thought leaders, Hacking Exposed Web Applications, Third Edition is fully updated to cover new infiltration methods and countermeasures. Find out how to reinforce authentication and authorization, plug holes in Firefox and IE, reinforce against injection attacks, and secure Web 2.0 features. Integrating security into the Web development lifecycle (SDL) and into the broader enterprise information security program is also covered in this comprehensive resource.
- Get full details on the hacker's footprinting, scanning, and profiling tools, including SHODAN, Maltego, and OWASP DirBuster
- See new exploits of popular platforms like Sun Java System Web Server and Oracle WebLogic in operation
- Understand how attackers defeat commonly used Web authentication technologies
- See how real-world session attacks leak sensitive data and how to fortify your applications
- Learn the most devastating methods used in today's hacks, including SQL injection, XSS, XSRF, phishing, and XML injection techniques
- Find and fix vulnerabilities in ASP.NET, PHP, and J2EE execution environments
- Safety deploy XML, social networking, cloud computing, and Web 2.0 services
- Defend against RIA, Ajax, UGC, and browser-based, client-side exploits
- Implement scalable threat modeling, code review, application scanning, fuzzing, and security testing procedures
Ratings and reviews
- Flag inappropriate
- Flag inappropriate
- Flag inappropriate
About the author
Author Profile
Joel Scambray, CISSP, is co-founder and CEO of Consciere, provider of strategic security advisory services. He has assisted companies ranging from newly minted startups to members of the Fortune 50 address information security challenges and opportunities for over a dozen years. Joel's background includes roles as an executive, technical consultant, and entrepreneur. He has been a Senior Director at Microsoft Corporation, where he led Microsoft's online services security efforts for three years before joining the Windows platform and services division to focus on security technology architecture. Joel also co-founded security software and services startup Foundstone Inc. and helped lead it to acquisition by McAfee for $86M. In 2007, he helped lead US-based Leviathan Security from start-up to well-recognized boutique security consultancy. He previously held positions as a Manager for Ernst & Young, security columnist for Microsoft TechNet, Editor at Large for InfoWorld Magazine, and Director of IT for a major commercial real estate firm. Joel is widely recognized as co-author of Hacking Exposed: Network Security Secrets & Solutions, the international best-selling computer security book that first appeared in 1999. He is also lead author of the Hacking Exposed: Windows and Hacking Exposed: Web Applications series. Joel brings deep experience in technology, IT operations security, and consulting to clients ranging from small startups to the world’s largest enterprises. He has spoken widely on information security at forums including Black Hat, I-4, and The Asia Europe Meeting (ASEM), as well as organizations including IANS, CERT, The Computer Security Institute (CSI), ISSA, ISACA, SANS, private corporations, and government agencies such as the Korean Information Security Agency (KISA), FBI, and the RCMP. Joel holds a BS from the University of California at Davis, a MA from UCLA, and he is a Certified Information Systems Security Professional (CISSP).
