Syngress Publishing Announces Publication of "Programmer's Ultimate Security DeskRef"
Posted on 10 November 2004.
Rockland, MA - Syngress Publishing, Inc., today announced the publication of "Programmer's Ultimate Security DeskRef" (ISBN: 1-932266-72-0), by James C. Foster, a comprehensive guide to the security flaws in the top 13 programming languages.

Amorette Pedersen, Vice President of Syngress Publishing, said, "With the help of the 'Programmer's Ultimate Security DeskRef' programmers can be sure the code they write is truly secure. This book covers the most popular programming languages, including ASP, C, C++, C#, ColdFusion, Javascript, Jscript, Lisp, Perl, PHP, Python, VBA, and VBscript. Each function or method documented in this book is followed by a series of elements created to help programmers program responsibly by calling awareness to each function's purpose, risk, origin, resources, and more. It's a great tool."

The book makes a great companion to other best practices coding books and is unique in that it is the only book that provides by function/by language lookup. Each function or method documented in this book is followed by a series of elements created to help programmers program responsibly by calling awareness to each function's purpose, risk, origin, resources, and more. Each function is organized in the following way:

-Prototype: This is where you will find the function's prototype or the method's proper implementation usage.
-Summary: Describes the function or method and its intended use.
-Description: Contains a detailed explanation of how the function should be used and when it should not be used. It also has explanations for any parameters the function or method may accept as input, in addition to providing detail on returned values.
-Risk: Informs the readers of the particular security threat posed when implementing the function or method. It recommends more secure alternatives, secure usage, bolt-on alternatives, and other types of clear, developer-focused solutions.
-Note: Any additional comments that pertain to the function.
-Additional Resources: These resources are included for additional information on the programmatic particulars of the language, function, or method. All resources consist of web links to educational websites, Microsoft, or other commercial powerhouses.
-Impact: The impact will be High, Medium or Low, signifying a potential high-level result that a poorly implemented function or method may have on the application.
-Cross Reference: Cross references are similar functions and methods that are available for use in the language. For example, the C language printf may have cross references of sprintf and snprintf.

Author James Foster added, "This book is the first of its kind--written to educate programmers about coding security specifics at the source level. Like writers turn to the dictionary, programmers will turn to the 'DeskRef' to check themselves."

Languages covered: ASP, C, C++, C#, ColdFusion, JavaScript, Jscript, LISP, Perl, PHP, Python, VBA, and VBscript.

BOOK DETAILS
Programmer's Ultimate Security DeskRef
ISBN: 1-932266-72-0
PRICE: $49.95 U.S.
PAGE COUNT: 496 PP

About the Author
James C. Foster is the Deputy Director of Global Security Solution Development for Computer Sciences Corporation, where he is responsible for the vision and development of physical, personnel, and data security solutions. Prior to CSC, Foster was the Director of Research and Development for Foundstone, Inc. (acquired by McAfee) and was responsible for all aspects of product, consulting, and corporate R&D initiatives. Prior to joining Foundstone, Foster was an Executive Advisor and Research Scientist with Guardent, Inc. (acquired by Verisign) and an adjunct author at Information Security Magazine (acquired by TechTarget), subsequent to working as Security Research Specialist for the Department of Defense. With his core competencies residing in high-tech remote management, international expansion, application security, protocol analysis, and search algorithm technology, Foster has conducted numerous code reviews for commercial OS components, Win32 application assessments, and reviews on commercial-grade cryptography implementations.

Foster is a seasoned speaker and has presented throughout North America at conferences, technology forums, security summits, and research symposiums with highlights at the Microsoft Security Summit, Black Hat USA, Black Hat Windows, MIT Wireless Research Forum, SANS, MilCon, TechGov, InfoSec World 2001, and the Thomson Security Conference. He also is commonly asked to comment on pertinent security issues and has been cited in USAToday, Information Security Magazine, Baseline, Computer World, Secure Computing, and the MIT Technologist. Foster holds an A.S., B.S., MBA and numerous technology and management certifications and has attended or conducted research at the Yale School of Business, Harvard University, the University of Maryland, and is currently a Fellow at University of Pennsylvania's Wharton School of Business.

Foster is also a well published author with multiple commercial and educational papers; and has authored, contributed, or edited for major publications including "Snort 2.1 Intrusion Detection" (Syngress Publishing, ISBN: 1-931836-04-3), "Hacking Exposed, Fourth Edition," "Anti-Hacker Toolkit, Second Edition," "Advanced Intrusion Detection," "Hacking the Code: ASP.NET Web Application Security" (Syngress, ISBN: 1-932266-65-8), "Anti-Spam Toolkit," and the forthcoming "Google Hacking for Penetration Techniques" (Syngress, ISBN: 1-931836-36-1) .

Background Information
Syngress Publishing (www.syngress.com), headquartered in Rockland, Massachusetts, is an independent publisher of print and electronic reference materials for Information Technology professionals seeking skill enhancement and career advancement. Distributed throughout Europe, Asia, and the U.S. and Canada, Syngress titles have been translated into twenty languages. The company's pioneering customer support program, solutions@syngress.com, extends the value of every Syngress title with regular information updates and customer-driven author forums. For more information on Syngress products, contact Amy Pedersen at 781-681-5151 or email amy@syngress.com. Syngress books are distributed in the United States and Canada by O'Reilly Media, Inc.





Spotlight

Fighting malware, emerging threats and AI

Posted on 24 November 2014.  |  Liran Tancman is the CEO of CyActive, a predictive cyber security company. In this interview he talks about fighting malware, emerging threats, artificial intelligence and the cloud.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Nov 25th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //