Developer's Guide to Web Application Security

Developer's Guide to Web Application Security, 1st Edition

Developer's Guide to Web Application Security, 1st Edition,Michael Cross,ISBN9781597490610






229 X 178

Print Book + eBook

USD 64.14
USD 106.90

Buy both together and save 40%

Print Book


In Stock

Estimated Delivery Time
USD 54.95

eBook Overview

VST (VitalSource Bookshelf) format

DRM-free included formats : PDF

USD 51.95
Add to Cart

Key Features

* The Yankee Group estimates the market for Web application-security products and services will grow to $1.74 billion by 2007 from $140 million in 2002

* Author Michael Cross is a highly sought after speaker who regularly delivers Web Application presentations at leading conferences including: Black Hat, TechnoSecurity, CanSec West, Shmoo Con, Information Security, RSA Conferences, and more

* The Companion Web site will have downloadable code and scripts presented in the book (http://www.elsevierdirect.com/v2/companion.jsp?ISBN=9781597490610)


Over 75% of network attacks are targeted at the web application layer. This book provides explicit hacks, tutorials, penetration tests, and step-by-step demonstrations for security professionals and Web application developers to defend their most vulnerable applications.

This book defines Web application security, why it should be addressed earlier in the lifecycle in development and quality assurance, and how it differs from other types of Internet security. Additionally, the book examines the procedures and technologies that are essential to developing, penetration testing and releasing a secure Web application. Through a review of recent Web application breaches, the book will expose the prolific methods hackers use to execute Web attacks using common vulnerabilities such as SQL Injection, Cross-Site Scripting and Buffer Overflows in the application layer. By taking an in-depth look at the techniques hackers use to exploit Web applications, readers will be better equipped to protect confidential.


Network Security administrators, Developers, Penetration testers, Enterprise administrators, web developers and security experts

Michael Cross

Michael Cross (MCSE, MCP+I, CNA, Network+) is an Internet Specialist/Computer Forensic Analyst with the Niagara Regional Police Service (NRPS). He performs computer forensic examinations on computers involved in criminal investigation. He also has consulted and assisted in cases dealing with computer-related/Internet crimes. In addition to designing and maintaining the NRPS Web site at www.nrps.com and the NRPS intranet, he has provided support in the areas of programming, hardware, and network administration. As part of an information technology team that provides support to a user base of more than 800 civilian and uniform users, he has a theory that when the users carry guns, you tend to be more motivated in solving their problems. Michael also owns KnightWare (www.knightware.ca), which provides computer-related services such as Web page design, and Bookworms (www.bookworms.ca), where you can purchase collectibles and other interesting items online. He has been a freelance writer for several years, and he has been published more than three dozen times in numerous books and anthologies. He currently resides in St. Catharines, Ontario, Canada, with his lovely wife, Jennifer, his darling daughter, Sara, and charming son, Jason.

Affiliations and Expertise

Computer Forensic Analyst with the Niagara Regional Police Service, Canada

View additional works by Michael Cross

Developer's Guide to Web Application Security, 1st Edition

1: Hacking Methodology
2: How to Avoid Becoming a Code Grinder
3: Understanding the Risk Associated with Mobile Code
4: Vulnerable CGI Scripts
5: Hacking Techniques and Tools
6: Code Auditing and Reverse Engineering
7: Securing Your Java Code
8: Securing XML
9: Building Safe ActiveX Internet Controls
10: Securing ColdFusion
11: Developing Security-Enabled Applications
12: Cradle to Grave: Working with a Security Plan
Free Shipping
Shop with Confidence

Free Shipping around the world
▪ Broad range of products
▪ 30 days return policy

Contact Us