In todays market, secure software is a must for consumers. Many developers, however, are not familiar with the techniques needed to produce secure code or detect existing vulnerabilities. The Software Vulnerability Guide focuses on the origin of most software vulnerabilities, including the bugs in the underlying software used to develop IT infrastructures and the Internet. Most of these security bugs (and the viruses, worms, and exploits that derive from them) started out as programmer mistakes. With this easy-to-use guide, professional programmers and testers will learn how to recognize and prevent these vulnerabilities before their software reaches the market. For each of the 30 common software vulnerabilities featured the authors provide a summary, description of how the vulnerability occurs, and famous examples of how it has been used. Tips on how to find and fix the vulnerability in software are also provided along with source code snippets, commentary, tools, and techniques in easy-to-read sidebars. This guide is a must-have for todays software developers.
* Includes coding examples in a variety of languages, including C, C++, Java, VB, .NET, scripting languages, and more
* Provides tips for uncovering vulnerabilities in a diverse array of systems, including what it may look like in code, and how the offending code can be fixed
* Covers vulnerabilities such as permitting default or weak passwords, cookie poisoning, exchanging sensitive data in plain text, leaving things in memory, and format string attacks
* Includes a CD-ROM with all of the source code, as well as many freeware/shareware tools discussed in the book