19 deadly sins of software security : programming flaws and how to fix them

This essential book for all software developers--regardless of platform, language, or type of application--outlines the "19 deadly sins" of software security and shows how to fix each one. Best-selling authors Michael Howard and David LeBlanc, who teach Microsoft employees how to secure code, have partnered with John Viega, the man who uncovered the 19 deadly programming sins to write this much-needed book. Coverage includes: Windows, UNIX, Linux, and Mac OS X C, C++, C#, Java, PHP, Perl, and Visual Basic Web, small client, and smart-client applications

Chapter 1: Buffer OverflowsChapter 2: Format String ProblemsChapter 3: SQL InjectionChapter 4: Command InjectionChapter 5: Failure to Handle ErrorsChapter 6: Cross-Site ScriptingChapter 7: Failing to Protect Network TrafficChapter 8: Use of "Magic" URLs and Hidden FormsChapter 9: Improper Use of SSLChapter 10: Use of Weak Password-Based SystemsChapter 11: Failing to Store Data SecurelyChapter 12: Hard Coding SecretsChapter 13: Improper File AccessChapter 14: Integer Range ErrorsChapter 15: Trusting Network Address InformationChapter 16: Signal Race ConditionsChapter 17: Unauthenticated Key ExchangeChapter 18: Failing to Use Cryptographically Strong Random NumbersChapter 19: Poor Usability