The manager's guide to web application security : a concise guide to the weaker side of the web / Ron Lepofsky.
Material type:
TextSeries: Expert's voice in securityPublisher: [New York, N ] : Apress, [2014]Distributor: New York, NY : Springer Science+Business MediaDescription: xxiv, 204 pages ; 23 cmContent type: - text
- unmediated
- volume
- 9781484201497
- 1484201493
- 9781484201480
- 006.78 LEP 23
- QA76.76.A65 L463 2014
| Item type | Current library | Collection | Call number | Status | Notes | Date due | Barcode | |
|---|---|---|---|---|---|---|---|---|
| Reference Book | VIT-AP Reference | Reference | 006.78 LEP (Browse shelf(Opens below)) | Not For Loan | CSE | 023335 |
The Manager's Guide to Web Application Security is a concise, information-packed guide to application security risks every organization faces, written in plain language, with guidance on how to deal with those issues quickly and effectively. Often, security vulnerabilities are difficult to understand and quantify because they are the result of intricate programming deficiencies and highly technical issues. Author and noted industry expert Ron Lepofsky breaks down the technical barrier and identifies many real-world examples of security vulnerabilities commonly found by IT security auditors, translates them into business risks with identifiable consequences, and provides practical guidance about mitigating them.
The Manager's Guide to Web Application Security describes how to fix and prevent these vulnerabilities in easy-to-understand discussions of vulnerability classes and their remediation. For easy reference, the information is also presented schematically in Excel spreadsheets available to readers for free download from the publisher’s digital annex. The book is current, concise, and to the point—which is to help managers cut through the technical jargon and make the business decisions required to find, fix, and prevent serious vulnerabilities.
Includes bibliographical references and index.
Table of contents (17 chapters)
Front Matter
Pages i-xxiv
Download chapter PDF
Understanding IT Security Risks
Ron Lepofsky
Pages 1-11
Types of Web Application Security Testing
Ron Lepofsky
Pages 13-20
Web Application Vulnerabilities and the Damage They Can Cause
Ron Lepofsky
Pages 21-46
Web Application Vulnerabilities and Countermeasures
Ron Lepofsky
Pages 47-79
How to Build Preventative Countermeasures for Web Application Vulnerabilities
Ron Lepofsky
Pages 81-94
How to Manage Security on Applications Written by Third Parties
Ron Lepofsky
Pages 95-98
Integrating Compliance with Web Application Security
Ron Lepofsky
Pages 99-110
How to Create a Business Case for Web Application Security
Ron Lepofsky
Pages 111-130
Parting Thoughts
Ron Lepofsky
Pages 131-132
COBIT® 5 for Information Security
Ron Lepofsky
Pages 133-145
Experian EI3PA Security Assessment
Ron Lepofsky
Pages 147-159
ISO/IEC 17799:2005 and the ISO/IEC 27000:2014 Series
Ron Lepofsky
Pages 161-163
North American Energy Council Security Standard for Critical Infrastructure Protection (NERC CIP)
Ron Lepofsky
Pages 165-176
NIST 800 Guidelines
Ron Lepofsky
Pages 177-178
Payment Card Industry (PCI) Data Security Standard Template for Report on Compliance for use with PCI DSS v3.0
Ron Lepofsky
Pages 179-196
Sarbanes-Oxley Security Compliance Requirements
Ron Lepofsky
Pages 197-198
Sources of Information
Ron Lepofsky
Pages 199-200
Back Matter
Pages 201-204
There are no comments on this title.