Abstract::Developers guide to web application security is a must read book for software developers of web applications, be it e-Marketing, e-Business , e-Healthcare ,e-Banking e-Trading. It is well established that most of the cyber attacks / crimes targeted against specific systems are aimed against the web application itself, and not towards Operating System or Computer Network. However , traditionally most of the security technologies and practices are aimed towards operating system and network. It gives lesser focus towards custom-developed software which runs the web application is most vulnerable to undesirable act / crime by the intruder.
The author has laid emphasis why web application security should be addressed earlier in the Software Development Life Cycle ( SDLC).. The book also touches upon how quality assurance differs from other types of Internet security issues. The author has also examined the procedures and technologies that are essential to developing, penetration testing. This book thus provides a path way to develop and deliver/ release a well secured Web application.
The author explains the prolific methods used by the hackers to carry out cyber attacks They use common vulnerabilities such as SQL Injection, Cross-Site Scripting and Buffer Overflows in the application layer. You should read this book twice to get the right motivation and roadmap for developing and delivering secure web application software.
Contact : Dr Sarbjit Singh, PhD