Re: [WEB SECURITY] Web Security Books URL's

[Régis Gabineski <gabineski@xxxxxxxxx>]

------=_Part_401_23511335.1124909609729
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

Hello guys
I'm brazilian developer and a I have some experience with programming, like=
=20
e-Recruitment application, InternetBank and Corporate Portal.
 For the people who work with Microsoft, I recommend the reading of this=20
book:

Writing Secure Code, Second Edition
Author : Michael Howard, David LeBlanc=20
 It's a good book, in the same way that the other books!!
 Thanks
R=E9gis
 On 8/24/05, Gavin, Michael <mgavin@forrester.com> wrote:=20
>=20
> While not specifically a "Web Application Security" book, I think that
> "How to Break Software Security" by James Whittaker and Herbert=20
> Thompson, Pearson Education/Addison-Wesley, 2004 should be added to the
> list.
>=20
> Likewise "Exploiting Software, How to Break Code" by Greg Hoglund and
> Gary McGraw, Addison-Wesley, 2004 is in the same category.=20
>=20
> Further, it seems to me that the "secure coding" and "how to write
> secure code" type books deserve a place on this list, since it is quite
> useful to know how to prevent web application security problems in the=20
> first place, not just know how to find existing web application security
> problems, which is what the majority of the books on the current list
> teach.
>=20
> Thanks,
>=20
> Michael
>=20
> -----Original Message-----=20
> From: Jeremiah Grossman [mailto:jeremiah@whitehatsec.com]
> Sent: Wednesday, August 24, 2005 1:21 PM
> To: websecurity@webappsec.org=20
> Subject: [WEB SECURITY] Web Security Books URL's
>=20
> Every so often someone asks what books are available for web
> application security. Web application security books are sometimes
> difficult to distinguish from other information security books. To=20
> assist we've been compiling a list. If we've missed some, please let
> us know' and we'll add it.
>=20
>=20
> Web Security Books:
> http://www.webappsec.org/web_security_books.shtml=20
>=20
> Regards,
>=20
> Jeremiah-
>=20
> ---------------------------------------------------------------------
> The Web Security Mailing List
> http://www.webappsec.org/lists/websecurity/=20
>=20
> The Web Security Mailing List Archives
> http://www.webappsec.org/lists/websecurity/archive/
>=20
>=20
> ---------------------------------------------------------------------=20
> The Web Security Mailing List
> http://www.webappsec.org/lists/websecurity/
>=20
> The Web Security Mailing List Archives
> http://www.webappsec.org/lists/websecurity/archive/
>=20
>

------=_Part_401_23511335.1124909609729
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

<div>Hello guys</div>
<div>I'm brazilian developer and a I have some experience with programming,=
 like e-Recruitment application, InternetBank and Corporate Portal.</div>
<div>&nbsp;</div>
<div>For the people who work with Microsoft, I recommend the reading of thi=
s book:<br><br>Writing Secure Code, Second Edition</div>
<div>Author&nbsp;: Michael Howard, David LeBlanc </div>
<div>&nbsp;</div>
<div>It's a good book, in the same way that the other books!!</div>
<div>&nbsp;</div>
<div>Thanks</div>
<div>R=E9gis</div>
<div>&nbsp;</div>
<div><span class=3D"gmail_quote">On 8/24/05, <b class=3D"gmail_sendername">=
Gavin, Michael</b> &lt;<a href=3D"mailto:mgavin@forrester.com";>mgavin@forre=
ster.com</a>&gt; wrote:</span>=20
<blockquote class=3D"gmail_quote" style=3D"PADDING-LEFT: 1ex; MARGIN: 0px 0=
px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">While not specifically a &quot;W=
eb Application Security&quot; book, I think that<br>&quot;How to Break Soft=
ware Security&quot; by James Whittaker and Herbert=20
<br>Thompson, Pearson Education/Addison-Wesley, 2004 should be added to the=
<br>list.<br><br>Likewise &quot;Exploiting Software, How to Break Code&quot=
; by Greg Hoglund and<br>Gary McGraw, Addison-Wesley, 2004 is in the same c=
ategory.=20
<br><br>Further, it seems to me that the &quot;secure coding&quot; and &quo=
t;how to write<br>secure code&quot; type books deserve a place on this list=
, since it is quite<br>useful to know how to prevent web application securi=
ty problems in the=20
<br>first place, not just know how to find existing web application securit=
y<br>problems, which is what the majority of the books on the current list<=
br>teach.<br><br>Thanks,<br><br>Michael<br><br>-----Original Message-----=
=20
<br>From: Jeremiah Grossman [mailto:<a href=3D"mailto:jeremiah@whitehatsec.=
com">jeremiah@whitehatsec.com</a>]<br>Sent: Wednesday, August 24, 2005 1:21=
 PM<br>To: <a href=3D"mailto:websecurity@webappsec.org";>websecurity@webapps=
ec.org=20
</a><br>Subject: [WEB SECURITY] Web Security Books URL's<br><br>Every so of=
ten someone asks what books are available for web<br>application security. =
Web application security books are sometimes<br>difficult to distinguish fr=
om other information security books. To=20
<br>assist we've been compiling a list. If we've missed some, please let<br=
>us know' and we'll add it.<br><br><br>Web Security Books:<br><a href=3D"ht=
tp://www.webappsec.org/web_security_books.shtml">http://www.webappsec.org/w=
eb_security_books.shtml=20
</a><br><br>Regards,<br><br>Jeremiah-<br><br>------------------------------=
---------------------------------------<br>The Web Security Mailing List<br=
><a href=3D"http://www.webappsec.org/lists/websecurity/";>http://www.webapps=
ec.org/lists/websecurity/=20
</a><br><br>The Web Security Mailing List Archives<br><a href=3D"http://www=
.webappsec.org/lists/websecurity/archive/">http://www.webappsec.org/lists/w=
ebsecurity/archive/</a><br><br><br>----------------------------------------=
-----------------------------=20
<br>The Web Security Mailing List<br><a href=3D"http://www.webappsec.org/li=
sts/websecurity/">http://www.webappsec.org/lists/websecurity/</a><br><br>Th=
e Web Security Mailing List Archives<br><a href=3D"http://www.webappsec.org=
/lists/websecurity/archive/">
http://www.webappsec.org/lists/websecurity/archive/</a><br><br></blockquote=
></div><br>

------=_Part_401_23511335.1124909609729--