Suitable for software developers regardless of platform, language, or type of application, this work outlines the "19 deadly sins" of software security and shows how to fix each one. It covers topics such as: Windows, UNIX, Linux, and Mac OS X C, C++, C#, Java, PHP, Perl, and Visual Basic Web, small client, and smart-client applications.

This essential book for all software developers - regardless of platform, language, or type of application - outlines the "19 deadly sins" of software security and shows how to fix each one. Best-selling authors Michael Howard and David LeBlanc, who teach Microsoft employees how to secure code, have partnered with John Viega, the man who uncovered the 19 deadly programming sins to write this much-needed book. The coverage includes: Windows, UNIX, Linux, and Mac OS X C, C++, C#, Java, PHP, Perl, and Visual Basic Web, small client, and smart-client applications.

Chapter 1: Buffer Overflows
Chapter 2: Format String Problems
Chapter 3: SQL Injection
Chapter 4: Command Injection
Chapter 5: Failure to Handle Errors
Chapter 6: Cross-Site Scripting
Chapter 7: Failing to Protect Network Traffic
Chapter 8: Use of "Magic" URLs and Hidden Forms
Chapter 9: Improper Use of SSL
Chapter 10: Use of Weak Password-Based Systems
Chapter 11: Failing to Store Data Securely
Chapter 12: Hard Coding Secrets
Chapter 13: Improper File Access
Chapter 14: Integer Range Errors
Chapter 15: Trusting Network Address Information
Chapter 16: Signal Race Conditions
Chapter 17: Unauthenticated Key Exchange
Chapter 18: Failing to Use Cryptographically Strong Random Numbers
Chapter 19: Poor Usability.