|| ||"Kathryn Barrett" <syngresspr-AT-oreilly.com>|
|| ||"Programmer's Ultimate Security DeskRef" Released by Syngress|
|| ||Tue, 09 Nov 2004 13:37:22 -0800|
Syngress Publishing Announces Publication of
"Programmer's Ultimate Security DeskRef"
Programming Security Encyclopedia Provides Easy Look Up for Top Languages
Contact: Amy Pedersen
Rockland, MA - Syngress Publishing, Inc., today announced the publication
of "Programmer's Ultimate Security DeskRef" (ISBN: 1-932266-72-0), by
James C. Foster, a comprehensive guide to the security flaws in the top 13
Amorette Pedersen, Vice President of Syngress Publishing, said, "With the
help of the 'Programmer's Ultimate Security DeskRef' programmers can be
sure the code they write is truly secure. This book covers the most
popular programming languages, including ASP, C, C++, C#, ColdFusion,
function or method documented in this book is followed by a series of
elements created to help programmers program responsibly by calling
awareness to each function's purpose, risk, origin, resources, and more.
It's a great tool."
The book makes a great companion to other best practices coding books and
is unique in that it is the only book that provides by function/by
language lookup. Each function or method documented in this book is
followed by a series of elements created to help programmers program
responsibly by calling awareness to each function's purpose, risk, origin,
resources, and more. Each function is organized in the following way:
-Prototype: This is where you will find the function's prototype or the
method's proper implementation usage.
-Summary: Describes the function or method and its intended use.
-Description: Contains a detailed explanation of how the function should
be used and when it should not be used. It also has explanations for any
parameters the function or method may accept as input, in addition to
providing detail on returned values.
-Risk: Informs the readers of the particular security threat posed when
implementing the function or method. It recommends more secure
alternatives, secure usage, bolt-on alternatives, and other types of
clear, developer-focused solutions.
-Note: Any additional comments that pertain to the function.
-Additional Resources: These resources are included for additional
information on the programmatic particulars of the language, function, or
method. All resources consist of web links to educational websites,
Microsoft, or other commercial powerhouses.
-Impact: The impact will be High, Medium or Low, signifying a potential
high-level result that a poorly implemented function or method may have on
-Cross Reference: Cross references are similar functions and methods that
are available for use in the language. For example, the C language printf
may have cross references of sprintf and snprintf.
Author James Foster added, "This book is the first of its kind--written to
educate programmers about coding security specifics at the source level.
Like writers turn to the dictionary, programmers will turn to the
'DeskRef' to check themselves."
Perl, PHP, Python, VBA, and VBscript.
Programmer's Ultimate Security DeskRef
PRICE: $49.95 U.S.
PAGE COUNT: 496 PP
About the Author
James C. Foster is the Deputy Director of Global Security Solution
Development for Computer Sciences Corporation, where he is responsible for
the vision and development of physical, personnel, and data security
solutions. Prior to CSC, Foster was the Director of Research and
Development for Foundstone, Inc. (acquired by McAfee) and was responsible
for all aspects of product, consulting, and corporate R&D initiatives.
Prior to joining Foundstone, Foster was an Executive Advisor and Research
Scientist with Guardent, Inc. (acquired by Verisign) and an adjunct author
at Information Security Magazine (acquired by TechTarget), subsequent to
working as Security Research Specialist for the Department of Defense.
With his core competencies residing in high-tech remote management,
international expansion, application security, protocol analysis, and
search algorithm technology, Foster has conducted numerous code reviews
for commercial OS components, Win32 application assessments, and reviews
on commercial-grade cryptography implementations.
Foster is a seasoned speaker and has presented throughout North America at
conferences, technology forums, security summits, and research symposiums
with highlights at the Microsoft Security Summit, Black Hat USA, Black Hat
Windows, MIT Wireless Research Forum, SANS, MilCon, TechGov, InfoSec World
2001, and the Thomson Security Conference. He also is commonly asked to
comment on pertinent security issues and has been cited in USAToday,
Information Security Magazine, Baseline, Computer World, Secure Computing,
and the MIT Technologist. Foster holds an A.S., B.S., MBA and numerous
technology and management certifications and has attended or conducted
research at the Yale School of Business, Harvard University, the
University of Maryland, and is currently a Fellow at University of
Pennsylvania's Wharton School of Business.
Foster is also a well published author with multiple commercial and
educational papers; and has authored, contributed, or edited for major
publications including "Snort 2.1 Intrusion Detection" (Syngress
Publishing, ISBN: 1-931836-04-3), "Hacking Exposed, Fourth Edition,"
"Anti-Hacker Toolkit, Second Edition," "Advanced Intrusion Detection,"
"Hacking the Code: ASP.NET Web Application Security" (Syngress, ISBN:
1-932266-65-8), "Anti-Spam Toolkit," and the forthcoming "Google Hacking
for Penetration Techniques" (Syngress, ISBN: 1-931836-36-1) .
Syngress Publishing (www.syngress.com), headquartered in Rockland,
Massachusetts, is an independent publisher of print and electronic
reference materials for Information Technology professionals seeking skill
enhancement and career advancement. Distributed throughout Europe, Asia,
and the U.S. and Canada, Syngress titles have been translated into twenty
languages. The company's pioneering customer support program,
email@example.com, extends the value of every Syngress title with
regular information updates and customer-driven author forums. For more
information on Syngress products, contact Amy Pedersen at 781-681-5151 or
email firstname.lastname@example.org. Syngress books are distributed in the United
States and Canada by O'Reilly Media, Inc.
to post comments)