资源描述:
《Secure Programming with Static__ Analysis》由会员上传分享,免费在线阅读,更多相关内容在教育资源-天天文库。
1、PraiseforSecureProgrammingwithStaticAnalysis“WedesignedJavasothatitcouldbeanalyzedstatically.Thisbookshowsyouhowtoapplyadvancedstaticanalysistechniquestocreatemoresecure,morereliablesoftware.”—BillJoyCo-founderofSunMicrosystems,co-inventoroftheJavaprog
2、ramminglanguage“Ifyouwanttolearnhowpromisingnewcode-scanningtoolscanimprovethesecurityofyoursoftware,thenthisisthebookforyou.Thefirstofitskind,SecureProgram-mingwithStaticAnalysisiswellwrittenandtellsyouwhatyouneedtoknowwithoutgettingtooboggeddownindeta
3、ils.Thisbooksetsthestandard.”—DavidWagnerAssociateProfessor,UniversityofCalifornia,Berkeley“BrianandJacobcanwriteaboutsoftwaresecurityfromthe‘beenthere.donethat.’perspective.Readwhatthey’vewritten-it’schockfullofgoodadvice.”—MarcusRanumInventorofthefire
4、wall,ChiefScientist,TenableSecurity“Overthepastfewyears,we’veseenseveralbooksonsoftwaresecurityhittingthebookstores,includingmyown.Whilethey’veallprovidedtheirownviewsofgoodsoftwaresecuritypractices,thisbookfillsavoidthatnoneoftheothershavecovered.Theau
5、thorshavedoneamagnificentjobatdescribingindetailhowtodostaticsourcecodeanalysisusingallthetoolsandtechnologiesavailabletoday.Kudosforarmingthedeveloperwithaclearunderstandingofthetopicaswellasawealthofpracticalguid-anceonhowtoputthatunderstandingintopra
6、ctice.Itshouldbeontherequiredread-inglistforanyoneandeveryonedevelopingsoftwaretoday.”—KennethR.vanWykPresidentandPrincipalConsultant,KRvWAssociates,LLC.“Softwaredevelopersarethefirstandbestlineofdefenseforthesecurityoftheircode.Thisbookgivesthemthesecu
7、ritydevelopmentknowledgeandthetoolstheyneedinordertoeliminatevulnerabilitiesbeforetheymoveintothefinalproductsthatcanbeexploited.”—HowardA.SchmidtFormerWhiteHouseCyberSecurityAdvisor“Modernartifactsarebuiltwithcomputerassistance.Youwouldneverthinktobuil
8、dbridges,tunnels,orairplaneswithoutthemostsophisticated,stateofthearttools.Andyet,forsomereason,manyprogrammersdeveloptheirsoftwarewithouttheaidofthebeststaticanalysistools.Thisistheprimaryreasonthatsomanysoftwaresystemsarerepletewithbu