Re: [SC-L] Secure Coding Books

2008-03-12 Thread Bennett, Jason
Hi All, With all the questions about what are good books are there any views on actually implementing the principles i.e. using them on real programmes to drive security improvement. In particular the contrast between exisitng programmes and new programmes? Consider the environment before printin

Re: [SC-L] Secure Coding Books

2008-03-10 Thread Gary McGraw
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jim Manico Sent: vrijdag 7 maart 2008 16:40 To: Lawson, David L Cc: sc-l@securecoding.org Subject: Re: [SC-L] Secure Coding Books "How to break web software" is one of the best web security coder- centric books I have read. Its conc

Re: [SC-L] Secure Coding Books

2008-03-08 Thread Sebastien Deleersnyder
anico Sent: vrijdag 7 maart 2008 16:40 To: Lawson, David L Cc: sc-l@securecoding.org Subject: Re: [SC-L] Secure Coding Books "How to break web software" is one of the best web security coder- centric books I have read. Its concise and useful. Sent from my iPhone On Mar 7, 2008, at 7:45

Re: [SC-L] Secure Coding Books

2008-03-07 Thread Dean H. Saxe
I'd check out "Security: What Every Programmer Needs to Know" by Daswani, Kern and Kesavan. I haven't read it cover to cover yet, but it seems to cover the topics in a nice amount of detail. -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] "Great spirits have often encountered violent opposi

Re: [SC-L] Secure Coding Books

2008-03-07 Thread Neil Daswani
Hi David, There is a list of software security / secure coding books at: http://www.sans-ssi.org/references.php Gary McGraw has a blog post in which some of these references are chronologically ordered at: http://www.cigital.com/justiceleague/2007/04/23/software-security-now-2006-shows-impressi

Re: [SC-L] Secure Coding Books

2008-03-07 Thread Robert C. Seacord
David, I like "Secure Coding in C and C++" (http://www.cert.org/books/secure-coding/) The guy who wrote it is a bit of a jerk, but it has a lot of good technical information. Another book I like is The Art of Software Security Assessment

Re: [SC-L] Secure Coding Books

2008-03-07 Thread Goertzel, Karen [USA]
Do you really mean "secure coding" only, or are you looking for books on "secure software development" more generally? -- Karen Mercedes Goertzel, CISSP Booz Allen Hamilton 703.902.6981 [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] on behalf of Lawson, David L Sent: Fri

Re: [SC-L] Secure Coding Books

2008-03-07 Thread Jim Manico
"How to break web software" is one of the best web security coder- centric books I have read. Its concise and useful. Sent from my iPhone On Mar 7, 2008, at 7:45 AM, "Lawson, David L" <[EMAIL PROTECTED]> wrote: > I've read several secure coding books in the past, and was wondering > if > an