Grokking Web Application Security
Grokking Web Application Security
-
9折 2538元
2820元
-
預計最高可得金幣125點
?
可100%折抵
活動加倍另計 -
HAPPY GO享100累1點 4點抵1元 折抵無上限
-
分類:英文書>自然科普>網路/網路安全追蹤? 追蹤分類後,您會在第一時間收到分類新品通知。
- 作者: Malcolm,McDonald 追蹤 ? 追蹤作者後,您會在第一時間收到作者新書通知。
- 出版社: Manning Publications 追蹤 ? 追蹤出版社後,您會在第一時間收到出版社新書通知。
- 出版日:2023/11/05
活動訊息
普發一萬放大術:滿千登記抽萬元好禮
全站滿$1000送100點金幣,可累送! 新會員直接領$500!
內容簡介
When you launch an application on the web, every hacker in the world has access to it. Are you sure your web apps can stand up to the most sophisticated attacks? Trying to teach yourself about web security from the internet can feel like walking into a huge disorganized library--one where you can never find what you need, and the wrong advice might endanger your application! You need a single, all-in-one guide to securing your apps against all the attacks they can and will face. You need Grokking Web Application Security. This brilliantly illustrated and clearly written guide delivers detailed coverage on: Browser security, including sandboxing, the same-origin policy, and cookie security Securing web servers with input validation, escaping of output, and defense in depth A development process that prevents security bugs Browser vulnerabilities, from cross-site scripting and cross-site request forgery, to clickjacking Network vulnerabilities, such as man-in-the-middle attacks, SSL-stripping, and DNS poisoning Authentication vulnerabilities, such as brute forcing of credentials with single sign-on or multi-factor authentication Authorization vulnerabilities, such as broken access control and session jacking How to use encryption in web applications Injection attacks, command execution attacks, and remote code execution attacks Malicious payloads that can be used to attack XML parsers and file upload functions
Grokking Web Application Security teaches you how to build web apps that are ready and resilient to any attack. It's laser-focused on what the working programmer needs to know about web security. In it, you'll find practical recommendations for both common and not-so-common vulnerabilities--everything from SQL injection to cross-site scripting inclusion attacks. You'll learn what motivates hackers, discover the latest tools for identifying issues, and set up a development lifecycle that catches problems early. Read it cover to cover for a comprehensive overview of web security, and dip in as a reference whenever you need to tackle a specific vulnerability. Purchase of the print book includes a free eBook in PDF and ePub formats from Manning Publications. About the technology Application security is a front-burner concern for web developers. Whether working on the UI with a frontend framework or building out the server side, it's up to you to understand the threats and know exactly how to keep the black hats from getting the upper hand. About the book Grokking Web Application Security covers everything a working developer needs to know about securing applications in the browser and on the server. The tested techniques apply to any stack and are illustrated with concrete examples plucked from author Malcolm McDonald's extensive career. You'll discover must-implement security principles and even learn the fascinating tools and techniques the bad guys use to crack systems. What's inside A security-first development process Encryption in web applications Supply-chain and API attacks What to do when a hacker gets in About the reader For readers who understand basic web application design and technologies. About the author Malcolm McDonald is a security engineer with 20 years of experience across investment banking, start-ups, and PayPal, and he is the creator of hacksplaining.com. The technical editor on this book was Rajvardhan Oak. Table of Contents PART 1
1 Know your enemy
2 Browser security
3 Encryption
4 Web server security
5 Security as a process
PART 2
6 Browser vulnerabilities
7 Network vulnerabilities
8 Authentication vulnerabilities
9 Session vulnerabilities
10 Authorization vulnerabilities
11 Payload vulnerabilities
12 Injection vulnerabilities
13 Vulnerabilities in third-party code
14 Being an unwitting accomplice
15 What to do when you get hackede
Grokking Web Application Security teaches you how to build web apps that are ready and resilient to any attack. It's laser-focused on what the working programmer needs to know about web security. In it, you'll find practical recommendations for both common and not-so-common vulnerabilities--everything from SQL injection to cross-site scripting inclusion attacks. You'll learn what motivates hackers, discover the latest tools for identifying issues, and set up a development lifecycle that catches problems early. Read it cover to cover for a comprehensive overview of web security, and dip in as a reference whenever you need to tackle a specific vulnerability. Purchase of the print book includes a free eBook in PDF and ePub formats from Manning Publications. About the technology Application security is a front-burner concern for web developers. Whether working on the UI with a frontend framework or building out the server side, it's up to you to understand the threats and know exactly how to keep the black hats from getting the upper hand. About the book Grokking Web Application Security covers everything a working developer needs to know about securing applications in the browser and on the server. The tested techniques apply to any stack and are illustrated with concrete examples plucked from author Malcolm McDonald's extensive career. You'll discover must-implement security principles and even learn the fascinating tools and techniques the bad guys use to crack systems. What's inside A security-first development process Encryption in web applications Supply-chain and API attacks What to do when a hacker gets in About the reader For readers who understand basic web application design and technologies. About the author Malcolm McDonald is a security engineer with 20 years of experience across investment banking, start-ups, and PayPal, and he is the creator of hacksplaining.com. The technical editor on this book was Rajvardhan Oak. Table of Contents PART 1
1 Know your enemy
2 Browser security
3 Encryption
4 Web server security
5 Security as a process
PART 2
6 Browser vulnerabilities
7 Network vulnerabilities
8 Authentication vulnerabilities
9 Session vulnerabilities
10 Authorization vulnerabilities
11 Payload vulnerabilities
12 Injection vulnerabilities
13 Vulnerabilities in third-party code
14 Being an unwitting accomplice
15 What to do when you get hackede
配送方式
-
台灣
- 國內宅配:本島、離島
-
到店取貨:
不限金額免運費
-
海外
- 國際快遞:全球
-
港澳店取:
訂購/退換貨須知
加入金石堂 LINE 官方帳號『完成綁定』,隨時掌握出貨動態:
商品運送說明:
- 本公司所提供的產品配送區域範圍目前僅限台灣本島。注意!收件地址請勿為郵政信箱。
- 商品將由廠商透過貨運或是郵局寄送。消費者訂購之商品若無法送達,經電話或 E-mail無法聯繫逾三天者,本公司將取消該筆訂單,並且全額退款。
- 當廠商出貨後,您會收到E-mail出貨通知,您也可透過【訂單查詢】確認出貨情況。
- 產品顏色可能會因網頁呈現與拍攝關係產生色差,圖片僅供參考,商品依實際供貨樣式為準。
- 如果是大型商品(如:傢俱、床墊、家電、運動器材等)及需安裝商品,請依商品頁面說明為主。訂單完成收款確認後,出貨廠商將會和您聯繫確認相關配送等細節。
- 偏遠地區、樓層費及其它加價費用,皆由廠商於約定配送時一併告知,廠商將保留出貨與否的權利。
提醒您!!
金石堂及銀行均不會請您操作ATM! 如接獲電話要求您前往ATM提款機,請不要聽從指示,以免受騙上當!
退換貨須知:
**提醒您,鑑賞期不等於試用期,退回商品須為全新狀態**
-
依據「消費者保護法」第19條及行政院消費者保護處公告之「通訊交易解除權合理例外情事適用準則」,以下商品購買後,除商品本身有瑕疵外,將不提供7天的猶豫期:
- 易於腐敗、保存期限較短或解約時即將逾期。(如:生鮮食品)
- 依消費者要求所為之客製化給付。(客製化商品)
- 報紙、期刊或雜誌。(含MOOK、外文雜誌)
- 經消費者拆封之影音商品或電腦軟體。
- 非以有形媒介提供之數位內容或一經提供即為完成之線上服務,經消費者事先同意始提供。(如:電子書、電子雜誌、下載版軟體、虛擬商品…等)
- 已拆封之個人衛生用品。(如:內衣褲、刮鬍刀、除毛刀…等)
- 若非上列種類商品,均享有到貨7天的猶豫期(含例假日)。
- 辦理退換貨時,商品(組合商品恕無法接受單獨退貨)必須是您收到商品時的原始狀態(包含商品本體、配件、贈品、保證書、所有附隨資料文件及原廠內外包裝…等),請勿直接使用原廠包裝寄送,或於原廠包裝上黏貼紙張或書寫文字。
- 退回商品若無法回復原狀,將請您負擔回復原狀所需費用,嚴重時將影響您的退貨權益。
商品評價