View Larger Image	Gary McGraw, John Viega, Greg Hoglund Addison-Wesley, Published February 2006, 1392 pages, ISBN 0321418700
	List Price: $129.99 Our Price: $80.95 You Save: $49.04 (38% Off)
	Availability: Out-Of-Stock

People who purchase this book frequently purchase:

• How to Break Web Software: Functional and Security Testing of Web Applications and Web Services; Mike Andrews, et al, $22.50, 36% Off!
• Sams Teach Yourself MySQL in 10 Minutes; Chris Newman, $13.50, 32% Off!

• Enterprise Computing : Security

• Addison-Wesley

What is it about software that makes security such a problem? If you want to build secure software, how do you do it? These questions and the perseverance of three of the world's leading security experts, Gary McGraw, John Viega, and Greg Hoglund, led to the three books contained in this package.

Building Secure Software: How to Avoid Security Problems the Right Way, the white hat book, seems to have touched off a revolution. Security people who once relied solely on firewalls, intrusion detection, and anti-virus mechanisms came to understand and embrace the necessity of better software. This book provides a coherent and sensible philosophical foundation for the blossoming field of software security.

Exploiting Software: How to Break Code, the black hat book, provides a much needed balance, teaching how to break software and how malicious hackers write exploits. This book is meant as a reality check for software security, ensuring that the good guys address real attacks and invent and peddle solutions that actually work. Exploiting Software and Building Secure Software are in some senses mirror images.

Software Security: Building Security In unifies the two sides of software security--attack and defense, exploiting and designing, breaking and building--into a coherent whole. Like the yin and the yang, software security requires a careful balance.

About the Authors

Greg Hoglund has been a pioneer in the area of software security for ten years. He created and documented the first Windows NT-based rootkit, founding www.rootkit.com in the process.

Gary McGraw, Cigital's Vice President of Corporate Technology, researches software security and sets technical vision in the area of Software Risk Management. Dr. McGraw has written over sixty peer-reviewed technical publications and has functioned as principal investigator on grants from Air Force Research Labs, DARPA, National Science Foundation, and NIST's Advanced Technology Program. Dr. McGraw coauthored both Java Security and Securing Java with Professor Ed Felten of Princeton, and Software Fault Injection with Jeffrey Voas.

John Viega is the CTO of Secure Software Solutions (www.securesw.com) and a noted expert in the area of software security. He is responsible for numerous tools in this area, including code scanners (ITS4 and RATS), random number suites (EGADS), automated repair tools, and secure programming libraries. He is also the original author of Mailman, the GNU mailing list manager.

Forgot your password? FAQs Shipping Options Returns Your Orders Your Account