19 Deadly Sins of Software Security

 When we write any code or design any application. We want it will work properly without any kind of loophole. Also want to secure your software by eliminating code vulnerabilities. Keeping this in mind and to help us Michael Howard, David LeBlanc and John Viega trace out "19 Deadly Sins of Software Security". Here Michael Howard and David LeBlanc share the security secrete which they find while working as architect of the security process changes at Microsoft and Security Architect in the Office group at Microsoft respectively. John Viega is the man who defined the 19 deadly sins of software security. Really great work John...!!!

Book is not targeted on any specific programming language, development platform or group of people. It target on general framework of software security for all major languages, platform and user group. Every software developer faced those 19 Deadly Sins. For those who don’t know how to solve this book is good food. Book is very well structured. First of all author teach us how particular sine occur.  A way to spot out sine. Redemption Steps to solve it. Authors also explain targeted language by sine.

Book has lots of source code. And each and every code not get detail explain. So users must have self understanding. Appendix "Mapping the 19 Deadly Sins to the OWASP 'Top Ten'" and "Summary of Do’s and Don’ts" also very useful to recall all sine quickly.

For me every sine among the 19 plays an important role.  19 sine explain in “19 Deadly Sins of Software Security” are

• Buffer overruns
• Format string problems
• Integer overflows
• SQL injection
• Command injection
• Failure to handle errors
• Cross-site scripting
• Failure to protect network traffic
• Use of magic URLs and hidden forms
• Improper use of SSL
• Use of weak password-based systems
• Failure to store and protect data securely
• Information leakage
• Trusting network address resolution
• Improper file access
• Race conditions
• Unauthenticated key exchange
• Failure to use cryptographically strong random numbers
• Poor usability

I thing if you are a software developer than you MUST have this book. At list read it once… It will definitely explore the world of software security and you will be confident while coding against "19 Deadly Sins" cover by "19 Deadly Sins of Software Security (ISBN: 0072260858)", McGraw-Hill/Osborne.

Book Details

• Title: 19 Deadly Sins of Software Security
• Author: Michael Howard, David LeBlanc and John Viega
• Paperback: 304 pages
• Publisher: McGraw-Hill Osborne Media; 1 edition (July 26, 2005)
• Language: English
• ISBN-10: 0072260858
• ISBN-13: 978-0072260854
• Product Dimensions: 9.1 x 7.3 x 0.8 inches

Where to buy

---