ABSTRACT

The huge proliferation of security vulnerability exploits, worms, and viruses place an incredible drain on both cost and confidence for manufacturers and consumers. The release of trustworthy code requires a specific set of skills and techniques, but this information is often dispersed and decentralized, encrypted in its own jargon and terminology,

chapter 1|6 pages

Introduction

chapter 2|4 pages

Security Vocabulary

chapter 4|4 pages

All Trust Is Misplaced

chapter 5|46 pages

Security Testing Considerations

chapter 7|8 pages

Personas and Testing

chapter 8|18 pages

Security Test Planning

chapter 9|14 pages

Sample Security Considerations

chapter 11|12 pages

Vulnerability Case Study: Buffer Overruns

chapter 12|8 pages

Vulnerability Case Study: Cookie Tampering

chapter 20|4 pages

Vulnerability Case Study: Spoofing Attacks

chapter 21|8 pages

Vulnerability Case Study: SQL Injection

chapter 22|8 pages

Fuzz Testing

chapter 23|8 pages

Background: Cryptography

chapter 24|6 pages

Background: Firewalls

chapter 25|6 pages

Background:OSI Network Model

chapter 26|6 pages

Background: Proxy Servers

chapter 28|12 pages

Background: Test Case Outlining (TCO)