Re: [SC-L] Secure Coding Books

2008-03-12 Thread Bennett, Jason
Hi All, With all the questions about what are good books are there any views on actually implementing the principles i.e. using them on real programmes to drive security improvement. In particular the contrast between exisitng programmes and new programmes? Consider the environment before

Re: [SC-L] Secure Coding Books

2008-03-08 Thread Sebastien Deleersnyder
: vrijdag 7 maart 2008 16:40 To: Lawson, David L Cc: sc-l@securecoding.org Subject: Re: [SC-L] Secure Coding Books How to break web software is one of the best web security coder- centric books I have read. Its concise and useful. Sent from my iPhone On Mar 7, 2008, at 7:45 AM, Lawson, David L

Re: [SC-L] Secure Coding Books

2008-03-07 Thread Jim Manico
How to break web software is one of the best web security coder- centric books I have read. Its concise and useful. Sent from my iPhone On Mar 7, 2008, at 7:45 AM, Lawson, David L [EMAIL PROTECTED] wrote: I've read several secure coding books in the past, and was wondering if anyone has

Re: [SC-L] Secure Coding Books

2008-03-07 Thread Goertzel, Karen [USA]
-Mar-08 08:45 To: sc-l@securecoding.org Subject: [SC-L] Secure Coding Books I've read several secure coding books in the past, and was wondering if anyone has recommendations for secure coding books (preferably from the last year or two). Thanks, David Lawson

Re: [SC-L] Secure Coding Books

2008-03-07 Thread Neil Daswani
Hi David, There is a list of software security / secure coding books at: http://www.sans-ssi.org/references.php Gary McGraw has a blog post in which some of these references are chronologically ordered at:

Re: [SC-L] Secure Coding Books

2008-03-07 Thread Robert C. Seacord
David, I like Secure Coding in C and C++ (http://www.cert.org/books/secure-coding/) The guy who wrote it is a bit of a jerk, but it has a lot of good technical information. Another book I like is The Art of Software Security Assessment

Re: [SC-L] Secure Coding Books

2008-03-07 Thread Dean H. Saxe
I'd check out Security: What Every Programmer Needs to Know by Daswani, Kern and Kesavan. I haven't read it cover to cover yet, but it seems to cover the topics in a nice amount of detail. -dhs Dean H. Saxe, CISSP, CEH [EMAIL PROTECTED] Great spirits have often encountered violent