The Art of Software Security Testing: Identifying Software Security Flaws

State-of-the-Art Software Security Testing: Expert, Up to Date, and Comprehensive

The Art of Software Security Testing delivers in-depth, up-to-date, battle-tested techniques for anticipating and identifying software security problems before the “bad guys” do.

Drawing on decades of experience in application and penetration testing, this book’s authors can help you transform your approach from mere “verification” to proactive “attack.” The authors begin by systematically reviewing the design and coding vulnerabilities that can arise in software, and offering realistic guidance in avoiding them. Next, they show you ways to customize software debugging tools to test the unique aspects of any program and then analyze the results to identify exploitable vulnerabilities.

Coverage includes
Tips on how to think the way software attackers think to strengthen your defense strategy
Cost-effectively integrating security testing into your development lifecycle
Using threat modeling to prioritize testing based on your top areas of risk
Building testing labs for performing white-, grey-, and black-box software testing
Choosing and using the right tools for each testing project
Executing today’s leading attacks, from fault injection to buffer overflows
Determining which flaws are most likely to be exploited by real-world attackers

This book is indispensable for every technical professional responsible for software security: testers, QA specialists, security professionals, developers, and more. For IT managers and leaders, it offers a proven blueprint for implementing effective security testing or strengthening existing processes.