Аннотация
Application security encompasses measures taken throughout the application's life-cycle to prevent exceptions in the security policy of an application or the underlying system (vulnerabilities) through flaws in the design, development, deployment, upgrade, or maintenance of the application. This book is your ultimate resource for Application Security. Here you will find the most up-to-date information, analysis, background and everything you need to know. In easy to read chapters, with extensive references and links to get you to know all there is to know about Application Security right away, covering: Application security, Computer security, Portal:Computer security, 2009 Sidekick data loss, AAFID, Absolute Manage, Accelops, Acceptable use policy, Access token, Advanced Persistent Threat, Air gap (networking), Ambient authority, Anomaly-based intrusion detection system, Application firewall, Asset (computer security), Attack (computer), AutoRun, Blacklist (computing), Blue Cube Security, BlueHat, Centurion guard, Client honeypot, Cloud computing security, Collaboration-oriented architecture, Committee on National Security Systems, Computer Law and Security Report, Computer security compromised by hardware failure, Computer security incident management, Computer security model, Computer surveillance, Confused deputy problem, Countermeasure (computer), CPU modes, Crackme, Cross-site printing, CryptoRights Foundation, CVSS, Control system security, Cyber security standards, Cyber spying, Cyber Storm Exercise, Cyber Storm II, Cyberheist, Dancing pigs, Data breach, Data loss prevention software, Data validation, Digital self-defense, Dolev-Yao model, DREAD: Risk assessment model, Dynamic SSL, Economics of security, Enterprise information security architecture, Entrust, Evasion (network security), Event data, Federal Desktop Core Configuration, Federal Information Security Management Act of 2002, Flaw hypothesis methodology, Footprinting, Forward anonymity, Four Horsemen of the Infocalypse, Fragmented distribution attack, Higgins project, High Assurance Guard, Host Based Security System, Human-computer interaction (security), Inference attack, Information assurance, Information Assurance Vulnerability Alert, Information security, Information Security Automation Program, Information Security Forum, Information sensitivity, Inter-Control Center Communications Protocol, Inter-protocol communication, Inter-protocol exploitation, International Journal of Critical Computer-Based Systems, Internet leak, Internet Security Awareness Training, Intrusion detection system evasion techniques, Intrusion prevention system, Intrusion tolerance, IT baseline protection, IT Baseline Protection Catalogs, IT risk, IT risk management, ITHC, Joe-E, Kill Pill, LAIM Working Group, Layered security, Likejacking, Linked Timestamping, Lock-Keeper, MAGEN (security), Mandatory Integrity Control, Mayfield's Paradox, National Cyber Security Awareness Month, National Vulnerability Database, Neurosecurity, Nobody (username), Non-repudiation, Novell Cloud Security Service, One-time authorization code, Opal Storage Specification, Open security, Outbound content security, Parasitic computing, Parkerian Hexad, Phoraging, Physical access, Polyinstantiation, Portable Executable Automatic Protection, Pre-boot authentication, Presumed security, Principle of least privilege, Privilege Management Infrastructure, Privileged Identity Management, Proof-carrying code, Public computer, Pwnie award, Real-time adaptive security, RED/BLACK concept, Reverse engineering, RFPolicy, Risk factor (computing), Rootkit, S/MIME, Seccomp, Secure coding, Secure environment...and much moreThis book explains in-depth the real drivers and workings of Application Security. It reduces the risk of your technology, time and resources investment decisions by enabling you to compare your understanding of Application Security with the objectivity of experienced professionals.
Отзывы