What do you think?
Rate this book
Web Application Security, A Beginner's Guide
Security smarts for the self-guided IT professional! Learn how to secure Web applications from today's sneakiest hackers. True to the hallmarks of our Secure Beginner's Guides series, "Web Application Security, A Beginner's Guide" imparts the hard-learned lessons and experiences of top security professionals, and provides know-how that can otherwise take you years to learn. This book takes you from a professional beginner-level to an up-and-running level of proficiency through a complete overview of Web application security. Important tips and key techniques plus the most common terminology you must know are all clearly explained.
Hackers are smart but security professionals need to be smarter. This book provides you with an actionable, rock-solid foundation in Web application security -- from a thorough review of the tools and resources essential to Web application security to the trade's best practices for detecting vulnerabilities and protecting applications. The aim of this series is to help you work a bit more expertly than your actual years of hands-on experience.
"Web Application Security, A Beginner's Guide" features: Lingo--Concise definitions of frequently used security terms In Actual Practice--Real-world examples of security concepts in context Budget Note--Tips for optimizing security processes and technologies to align with an organization's budget IMHO--Cautionary advice on errors to avoid, based on the authors' life lessons Your Plan--Customizable, on-the-job planning checklists Into Action--Hands-on exercises that show how to apply new skills
Hackers are smart but security professionals need to be smarter. This book provides you with an actionable, rock-solid foundation in Web application security -- from a thorough review of the tools and resources essential to Web application security to the trade's best practices for detecting vulnerabilities and protecting applications. The aim of this series is to help you work a bit more expertly than your actual years of hands-on experience.
"Web Application Security, A Beginner's Guide" features: Lingo--Concise definitions of frequently used security terms In Actual Practice--Real-world examples of security concepts in context Budget Note--Tips for optimizing security processes and technologies to align with an organization's budget IMHO--Cautionary advice on errors to avoid, based on the authors' life lessons Your Plan--Customizable, on-the-job planning checklists Into Action--Hands-on exercises that show how to apply new skills
- GenresProgrammingTechnical
353 pages, Kindle Edition
First published December 2, 2011
21 people are currently reading
148 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 8 of 8 reviews
March 12, 2018
Really nice introduction for common web application security flaws. It explains the concepts not only for seasoned developers but also for beginners. There are also some extra information which is good since it is not easy to find such kind of combined info together.
Each web application developer either working in back-end or front-end should read this book, or at least should check XSS and SQL Injection part.
Only problem is that some examples seems to be a bit old like FxCop is already named as Code Analysis Tool in latest version of Visual Studio.
Each web application developer either working in back-end or front-end should read this book, or at least should check XSS and SQL Injection part.
Only problem is that some examples seems to be a bit old like FxCop is already named as Code Analysis Tool in latest version of Visual Studio.
March 24, 2023
Overall it's a good starting point for anyone new to the topic of web application security. While it may not be the most up-to-date resource available, it still has some valuable information that is worth knowing and remembering.
The best part is actually the saga about wizard and his trees ;)
Fun quote from the book: "We’ve worked with some teams who use agile development methodologies, and whose entire release lifecycle from the planning stage to deployment on the production server is only one week long. It’s tough to convince these kinds of hummingbird quick team."
Nowadays, we deploy daily, which shows how much things have changed since the book was published.
The best part is actually the saga about wizard and his trees ;)
Fun quote from the book: "We’ve worked with some teams who use agile development methodologies, and whose entire release lifecycle from the planning stage to deployment on the production server is only one week long. It’s tough to convince these kinds of hummingbird quick team."
Nowadays, we deploy daily, which shows how much things have changed since the book was published.
December 3, 2019
It is a really good book to give you a comprehensive understanding of what types of security considerations should be taken into account for web applications.
Very good explanation of vulnerabilities, what causes them and how to defend against them.
It presents some good tools, which may be out dated, but still gives some clues.
I can 100% suggest this book to absolutely beginners.
Very good explanation of vulnerabilities, what causes them and how to defend against them.
It presents some good tools, which may be out dated, but still gives some clues.
I can 100% suggest this book to absolutely beginners.
March 16, 2016
This is, in my opinion, the best book to get started into web application security both as a developer and as an attacker.
Although, the book speaks from a defender's perspective and focuses on how to improve your web application rather than hacking it, it can, however, also help you in your web application hacking journey.
The write up is absolutely brilliant with the best analogies to get you the core concept. If you're a beginner looking for a conceptual book then this is the ultimate book for you!
Although, the book speaks from a defender's perspective and focuses on how to improve your web application rather than hacking it, it can, however, also help you in your web application hacking journey.
The write up is absolutely brilliant with the best analogies to get you the core concept. If you're a beginner looking for a conceptual book then this is the ultimate book for you!
June 4, 2016
Wonderful presentation to explain XSS and SQL injection. This book has tips even for seasoned web developers. Must read for all professionals building public facing websites.
November 5, 2016
Good presentation about security issues involved with web application security approaching to teach "how to think like a defender" instead of "thinking like a "redhat".
January 25, 2017
This is a good intruduction to the subject. Well worth a read
April 8, 2017
Security is not the thing that you can do it right at the first time. If you get enough time and experience in software development field, then it's time for stepping into security aspect. Just as this name, this book provides concepts and fundamentals of web application security with good examples through each chapter.
Displaying 1 - 8 of 8 reviews