[linuxtechbiz] [WEB SECURITY] Web application security book excerpts

[Soi, Dhruv]

Title: Message

SearchAppSecurity.com has posted chapters from a couple Web application security books, courtesy of Addison Wesley Professional:   How to Break Web Software: Functional and Security Testing of Web Applications and Web Services -- Chapter 4: State-Based Attacks http://searchappsecurity.techtarget.com/tip/1,289483,sid92_gci1163781,00.html Web application developers must take it upon themselves to code state information so they can enforce rules about page access and session management. This chapter contains a series of attacks that will help determine if your Web application does this important task correctly and securely.     Software Security: Building Security In -- Chapter 5: Architectural Risk Analysis http://searchappsecurity.techtarget.com/tip/1,289483,sid92_gci1163715,00.html Architectural risk analysis plays an essential role in any solid software security program. By explicitly identifying risk, you can create a good general-purpose measure of software security, especially if you track risk over time. How do you do that? This chapter explains.   Check out all the book excerpts on SearchAppSecurity.com: http://searchappsecurity.techtarget.com/tipsIndex/0,289482,sid92_tax302609,00.html     Michelle         Michelle Davidson Editor SearchAppSecurity.com TechTarget   4025 Sea Grape Circle Delray Beach, FL  33445   Phone: 561-302-1120 Fax: 561-496-1860 AIM: MicheDav910   TechTarget The Most Targeted IT Media www.techtarget.com   SPONSORED LINKS Computer security Communication and networking Computer memory Computer training YAHOO! GROUPS LINKS  Visit your group "linuxtechbiz" on the web.    To unsubscribe from this group, send an email to:  [EMAIL PROTECTED]    Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.