Vous voulez voir cette page en français ? Cliquez ici.


or
Sign in to turn on 1-Click ordering.
More Buying Choices
Have one to sell? Sell yours here
How to Break Software Security
 
See larger image 
Share your own customer images
Publisher: learn how customers can search inside this book.

How to Break Software Security [Paperback]

James A. Whittaker (Author), Herbert H. Thompson (Author)
5.0 out of 5 stars  See all reviews (3 customer reviews)
List Price: CDN$ 48.70
Price: CDN$ 38.96 & this item ships for FREE with Super Saver Shipping. Details
You Save: CDN$ 9.74 (20%)
o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o
In Stock.
Ships from and sold by Amazon.ca. Gift-wrap available.
Only 1 left in stock--order soon (more on the way).
Want it delivered Monday, May 28? Choose One-Day Shipping at checkout.

Frequently Bought Together

How to Break Software Security + Testing Computer Software + How to Break Software: A Practical Guide to Testing
Price For All Three: CDN$ 130.20

Show availability and shipping details

Buy the selected items together

  • In Stock.
    Ships from and sold by Amazon.ca.
    This item ships for FREE with Super Saver Shipping. Details

  • Testing Computer Software by Cem Kaner Paperback CDN$ 52.28

    In Stock.
    Ships from and sold by Amazon.ca.
    This item ships for FREE with Super Saver Shipping. Details

  • How to Break Software: A Practical Guide to Testing by James A. Whittaker Paperback CDN$ 38.96

    In Stock.
    Ships from and sold by Amazon.ca.
    This item ships for FREE with Super Saver Shipping. Details

Customers Who Bought This Item Also Bought

Product Details

Product Description

Product Description

How to Break Software Security describes the general problem of software security in a practical perspective from a software tester's point of view. It defines prescriptive techniques (attacks that testers can use on their own software) that are designed to ferret out security vulnerabilities in software applications. The book's style is easy to read and provides readers with the techniques and advice to hunt down security bugs and see that they're destroyed before the software is released. Accompanying the book is a CD-ROM containing Holodeck, which tests for security vulnerabilities. There are also a number of bug-finding tools, freeware, and an easy-to-use port scanner included on the CD-ROM.

Tag this product

 (What's this?)
Think of a tag as a keyword or label you consider is strongly related to this product.
Tags will help all customers organize and find favorite items.
Your tags: Add your first tag
 
See most popular tags

What Other Items Do Customers Buy After Viewing This Item?

Explore similar items
 

Customer Reviews

3 Reviews
5 star:
 (3)
4 star:    (0)
3 star:    (0)
2 star:    (0)
1 star:    (0)
 
 
 
 
 
Average Customer Review
5.0 out of 5 stars (3 customer reviews)
 
 
 
 
Share your thoughts with other customers:
Most helpful customer reviews

5.0 out of 5 stars Whittaker strikes again!, May 30 2004
This review is from: How to Break Software Security (Paperback)
The software community has been awaiting for a book like this. It's a almost perfect intro to software security concepts. Again, Whittaker keeps it low in pages and words. In my opinion, the way books should be written (except ones purely theoretical).
Once again Whittaker approachs is hands-on examples. Even if some examples don't apply to modern software the idea behind you is to get you thinking. I've applied the techniques in this book with extremely great results. Thanks James!
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


5.0 out of 5 stars Excellent continuation or Whittaker's earlier book, Mar 7 2004
By 
Mike Tarrani "Jazz Drummer" (Deltona, FL USA) - See all my reviews
(REAL NAME)   
This review is from: How to Break Software Security (Paperback)
James Whittaker has taken the approach and the tools he introduced in "How to Break Software: A Practical Guide to Testing" (ISBN 0201796198), and has teamed with coauthor Herbert Thompson to adapt them to security testing. In this book the software under test (or attack, since that is the underlying approach) is primarily in the Microsoft environment. That the principles can be applied to any operating system or environment is evident in one scenario where Linux-based OpenOffice is attacked. The the fault model provided early in the book can form the basis for any software test strategy with a goal to uncover and exploit vulnerabilities.

The approach itself is to create a plan, then systematically attack. The areas of vulnerability covered include unanticipated input scenarios (which, even after decades, is still an exposure in too many applications and operating systems), find and attack design flaws and implementation anomalies, and leave no potential vulnerability untested. Among these are the usual exposed ports and default names; however, there are exploits based on data, time stamping and other less common areas that are overlooked by testing professionals - and that is one of the main audiences of this book.

While the techniques and the approach in this book are sound, I would have liked the attacks presented as formal test cases, which would be more meaningful to the testing professionals who will benefit the most from this book. However, the authors do introduce the concept of security testing as an element of QA, adding to the small (but hopefully growing) body of knowledge to be used by QA. I recommend this book, as well as "Exploiting Software: How to Break Code" (ISBN 0201786958) as two books that should be read and used by software testing practitioners. The information combined in these books will-if put into practice-significantly improve the quality and security of software that is released into production.

Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


5.0 out of 5 stars Required for those involved w/ software application security, Feb 3 2004
This review is from: How to Break Software Security (Paperback)
'How to Break Software Security' is a most unique book.

There are a lot of security books.
There are a growing number of books about writing secure code.

But 'How to Break Software Security' is the first on the topic of testing the software after the programmer has supposedly used secure programming techniques.

The problem is that even if a programmer reads all of the required texts on writing secure code, there are still a number of ways that the application can be broken. The book deals with 19 unique attacks that can be mounted against various software applications.

The book describes attacks that can come from all sides. From attacking the software dependencies, implementation, design, to bogus error messages, fake data sources and more.

Anyone involved with software application security testing should definitely read 'How to Break Software Security'.

Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No

Share your thoughts with other customers: Create your own review
Want to see more reviews on this item?
 Go to Amazon.com to see all 7 reviews  4.0 out of 5 stars 
 
 
Only search this product's reviews


Listmania!

Create a Listmania! list

Look for similar items by category

Look for similar items by subject























i.e., each book must be in subject 1 AND subject 2 AND ...

Feedback

Would you like to update product info or give feedback on images?

Amazon.ca Privacy Statement Amazon.ca Shipping Information Amazon.ca Returns & Exchanges