Lessons Learned in Implementing and Deploying Crypto Software
Proceedings of the 11th USENIX Security Symposium
DPS: An Architectural Style for Development of Secure Software
InfraSec '02 Proceedings of the International Conference on Infrastructure Security
Reflections on Industry Trends and Experimental Research in Dependability
IEEE Transactions on Dependable and Secure Computing
Building security requirements with CLASP
SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
A software flaw taxonomy: aiming tools at security
SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
Matching attack patterns to security vulnerabilities in software-intensive system designs
SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
Combining static analysis and runtime monitoring to counter SQL-injection attacks
WODA '05 Proceedings of the third international workshop on Dynamic analysis
Information assurance in the undergraduate curriculum
Proceedings of the 43rd annual Southeast regional conference - Volume 1
On the design of more secure software-intensive systems by use of attack patterns
Information and Software Technology
Model-based security analysis in seven steps --- a guided tour to the CORAS method
BT Technology Journal
Finding security vulnerabilities in java applications with static analysis
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
IEEE Internet Computing
IEEE Security and Privacy
Code quality tools: learning from our experience
ACM SIGSOFT Software Engineering Notes
Checking threat modeling data flow diagrams for implementation conformance and security
Proceedings of the twenty-second IEEE/ACM international conference on Automated software engineering
Security Strength Measurement for Dongle-Protected Software
IEEE Security and Privacy
Study on applying ISO/DIS 27799 to medical industry's ISMS
ACOS'07 Proceedings of the 6th Conference on WSEAS International Conference on Applied Computer Science - Volume 6
Moving beyond security tracks: integrating security in cs0 and cs1
Proceedings of the 39th SIGCSE technical symposium on Computer science education
Security education: a roadmap to the future
Proceedings of the 39th SIGCSE technical symposium on Computer science education
Aspect-oriented specification of threat-driven security requirements
International Journal of Computer Applications in Technology
Companion of the 30th international conference on Software engineering
Static analysis tools for security checking in code at Motorola
ACM SIGAda Ada Letters
Assessing the risk of intercepting VoIP calls
Computer Networks: The International Journal of Computer and Telecommunications Networking
Securing Java code: heuristics and an evaluation of static analysis tools
Proceedings of the 2008 workshop on Static analysis
Risk assessment in practice: A real case study
Computer Communications
Towards more secure systems: how to combine expert evaluations
Proceedings of the 4th international conference on Security and privacy in communication netowrks
On automated prepared statement generation to remove SQL injection vulnerabilities
Information and Software Technology
Secure compilation of a multi-tier web language
Proceedings of the 4th international workshop on Types in language design and implementation
Database and database application security
ITiCSE '09 Proceedings of the 14th annual ACM SIGCSE conference on Innovation and technology in computer science education
Enhancing research into usable privacy and security
Proceedings of the 27th ACM international conference on Design of communication
Avoiding Threats Using Multi Agent System Planning for Web Based Systems
ICCCI '09 Proceedings of the 1st International Conference on Computational Collective Intelligence. Semantic Web, Social Networks and Multiagent Systems
Simple and safe SQL queries with C++ templates
Science of Computer Programming
Tampering in RFID: A Survey on Risks and Defenses
Mobile Networks and Applications
A framework for specifying and managing security requirements in collaborative systems
ATC'06 Proceedings of the Third international conference on Autonomic and Trusted Computing
Automatically preparing safe SQL queries
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
Runtime countermeasures for code injection attacks against C and C++ programs
ACM Computing Surveys (CSUR)
Secure Software Education: A Contextual Model-Based Approach
International Journal of Secure Software Engineering
| Hi-index | 0.01 |
From the Publisher:Security mistakes by software architects, designers, and developers contribute to an ongoing plague that costs businesses millions of dollars every year when malicious intruders attack interconnected applications, steal credit-card numbers, and deface Web sites. Writing Secure Code offers a ready cure. This fact-filled, eye-opening title covers the major aspects of creating secure applications through the entire development process, from secure design, to writing robust code that can easily withstand an attack, to testing applications for security vulnerabilities. Writing Secure Code provides software designers, architects, developers, and testers the training, theory, and techniques they need to ensure security. Topics covered include security principles, how to design, code, and test for security, how to write secure code for Microsoft® .NET APIs, why companies neglect security, the 10 immutable laws of security and security administration, and more. Developers who read this title will have the peace of mind that comes from knowing that the code they develop is not only fast, but secure. Both authors are top security experts at Microsoft who have helped solve some of the toughest security problems in the computing industry. No more malicious attacks! Learn the best practices for writing secure code, with samples in Microsoft Visual Basic®.NET, Visual C++®, Perl, and Visual C#®. This is the first book that focuses on programming secure applications in general instead of covering security for just the Web developer, network administrator, or IT professional. Key Book Benefits: * Demonstrates the best practices for creating secure codethrough the entire development processfrom design to programming to testing * Includes code samples in Visual Basic .NET, Visual C++, Perl, and Visual C#. * Focuses on programming secure applications in general instead of covering security for the Web developer, network administrator, or IT professional