Angebote zu "Assessment" (26 Treffer)

Kategorien

Shops

The Art of Software Security Assessment
€ 50.99 *
ggf. zzgl. Versand

Computer Software is an integral part of modern society. Companies rely on applications to manage client information, payment data, and inventory tracking. Consumers use software for a variety of different reasons as well--to manage their daily lives, to communicate with friends and family, and to browse resources made available on the internet, to name a few. With such a heavy reliance on software in our society, questions surrounding the security of the pieces of software performing these various tasks begin to arise. Is the software we are using really secure? How can we verify that it is? And what are the implications of a particular application being compromised? These are some of the questions that this book attempts to address. This book sheds light on the theory and practice of code auditing--how to rip apart an application and discover security vulnerabilities, whether they be simple or subtle, and how to assess the danger that each vulnerability represents. Product Description ´´There are a number of secure programming books on the market, but none that go as deep as this one. The depth and detail exceeds all books that I know about by an order of magnitude.´´ -Halvar Flake, CEO and head of research, SABRE Security GmbH The Definitive Insider´s Guide to Auditing Software Security This is one of the most detailed, sophisticated, and useful guides to software security auditing ever written. The authors are leading security consultants and researchers who have personally uncovered vulnerabilities in applications ranging from sendmail to Microsoft Exchange, Check Point VPN to Internet Explorer. Drawing on their extraordinary experience, they introduce a start-to-finish methodology for ´´ripping apart´´ applications to reveal even the most subtle and well-hidden security flaws. The Art of Software Security Assessment covers the full spectrum of software vulnerabilities in both UNIX/Linux and Windows environments. It demonstrates how to audit security in applications of all sizes and functions, including network and Web software. Moreover, it teaches using extensive examples of real code drawn from past flaws in many of the industry´s highest-profile applications . Coverage includes . Code auditing: theory, practice, proven methodologies, and secrets of the trade . Bridging the gap between secure software design and post-implementation review . Performing architectural assessment: design review, threat modeling, and operational review . Identifying vulnerabilities related to memory management, data types, and malformed data . UNIX/Linux assessment: privileges, files, and processes . Windows-specific issues, including objects and the filesystem . Auditing interprocess communication, synchronization, and state . Evaluating network software: IP stacks, firewalls, and common application protocols . Auditing Web applications and technologies This book is an unprecedented resource for everyone who must deliver secure software or assure the safety of existing software: consultants, security specialists, developers, QA staff, testers, and administrators alike. Contents ABOUT THE AUTHORS xv PREFACE xvii ACKNOWLEDGMENTS xxi I Introduction to Software Security Assessment 1 SOFTWARE VULNERABILITY FUNDAMENTALS 3 2 DESIGN REVIEW 25 3 OPERATIONAL REVIEW 67 4 APPLICATION REVIEW PROCESS 91 II Software Vulnerabilities 5 MEMORY CORRUPTION 167 6 C LANGUAGE ISSUES 203 7 PROGRAM BUILDING BLOCKS 297 8 STRINGS ANDMETACHARACTERS 387 9 UNIX I: PRIVILEGES AND FILES 459 10 UNIX II: PROCESSES 559 11 WINDOWS I: OBJECTS AND THE FILE SYSTEM 625 12 WINDOWS II: INTERPROCESS COMMUNICATION 685 13 SYNCHRONIZATION AND STATE 755 III Software Vulnerabilities in Practice 14 NETWORK PROTOCOLS 829 15 FIREWALLS 891 16 NETWORK APPLICATION PROTOCOLS 921 17 WEB APPLICATIONS 1007 18 WEB TECHNOLOGIES 1083 BIBLIOGRAPHY 1125 INDEX 1129 Backcover ´´There are a number of secure programming books on the market, but none that go as deep as this one. The depth and detail exceeds all books that I know about by an order of magnitude.´´ -Halvar Flake, CEO and head of research, SABRE Security GmbH The Definitive Insider´s Guide to Auditing Software Security This is one of the most detailed, sophisticated, and useful guides to software security auditing ever written. The authors are leading security consultants and researchers who have personally uncovered vulnerabilities in applications ranging from sendmail to Microsoft Exchange, Check Point VPN to Internet Explorer.

Anbieter: buecher.de
Stand: Oct 13, 2018
Zum Angebot
Data Analytics in Professional Soccer
€ 48.99 *
ggf. zzgl. Versand

Daniel Link explores how data analytics can be used for studying performance in soccer. Based on spatiotemporal data from the German Bundesliga, the six individual studies in this book present innovative mathematical approaches for game analysis and player assessment. The findings can support coaches and analysts to improve performance of their athletes and inspire other researchers to advance the research field of sports analytics.

Anbieter: buecher.de
Stand: Sep 25, 2018
Zum Angebot
Security and Trust Management
€ 46.99 *
ggf. zzgl. Versand

This book constitutes the proceedings of the 14th International Workshop on Security and Trust Management, STM 2018, held in Barcelona, Spain, in September 2018, and co-located with the 23rd European Symposium Research in Computer Security, ESORICS 2018. The 8 full papers were carefully reviewed and selected from 28 submissions. The focus of the workshop was on the following topics: cryptosystems and applied cryptography; modeling and risk assessment; and trust computing.

Anbieter: buecher.de
Stand: Oct 7, 2018
Zum Angebot
Exam 65 Official Cert Guide Library
€ 37.99 *
ggf. zzgl. Versand

The new edition of bestselling CCNA Cert Library by Wendell Odom is a comprehensive review and practice package for the latest CCNA exams. The two books contained in this package, CCENT/CCNA ICND1 Official Cert Guide, and CCNA ICND2 Official Cert Guide, present complete reviews and a more challenging and realistic preparation experience. The books will be fully updated to cover the latest CCNA exam topics. The companion DVDs contains the powerful Pearson IT Certification Practice Test engine, complete with hundreds of well-reviewed, exam-realistic questions. The assessment engine offers you a wealth of customization options and reporting features, laying out a complete assessment of your knowledge to help you focus your study where it is needed most. This new edition also includes a free copy of the CCNA Network Simulator Lite edition complete with meaningful lab exercises, which help you hone your hands-on skills with the Cisco user interface for routers and switches. The DVDs also contain more than 60 minutes of personal video mentoring from the author focused on subnetting. Well-regarded for its level of detail, assessment features, and challenging review questions and exercises, these official study guides help you master the concepts and techniques that will enable you to succeed on the exam the first time. This package includes the following two products: 1. CCENT/CCNA ICND1 Official Cert Guide 2. CCNA ICND2 Official Cert Guide

Anbieter: buecher.de
Stand: Oct 16, 2018
Zum Angebot
Automotive SPICE(TM) in der Praxis
€ 46.90 *
ggf. zzgl. Versand

Automotive SPICE ist ein ISO/IEC-15504-kompatibles, speziell auf die Automobilbranche zugeschnittenes Assessmentmodell. Die Herausforderung bei der Einführung und Umsetzung von Automotive SPICE besteht darin, die Norm richtig zu interpretieren und auf eine konkrete Problemstellung anzupassen. Dieses Buch gibt die dafür notwendigen Interpretationshilfen und unterstützt dabei, Prozessverbesserung Automotive-SPICE-konform zu betreiben. Es liefert einheitliche Beurteilungsmaßstäbe. Der Buchaufbau entspricht der Struktur der Norm. Die 2. Auflage wurde auf Automotive SPICE 3.0 aktualisiert und ergänzt um aktuelle Themen wie praxistaugliche Assessments gemäß intacs(TM)- und VDA-Anforderungen, Herausforderungen bei Prozessverbesserungen, agile Entwicklung und funktionale Sicherheit nach ISO 26262.

Anbieter: buecher.de
Stand: Sep 25, 2018
Zum Angebot
CCNP Routing and Switching v2.0 Official Cert G...
€ 166.99 *
ggf. zzgl. Versand

The new edition of bestselling CCNP Routing and Switching Official Cert Library is a comprehensive review and practice package for the latest CCNP Routing and Switching exams. The three books contained in this package, CCNP ROUTE Official Cert Guide, CCNP SWITCH Official Cert Guide, and CCNP TSHOOT Official Cert Guide, present complete reviews and a more challenging and realistic preparation experience. The books will be fully updated to cover the latest CCNP exam topics. Product Description The new edition of bestselling CCNP Routing and Switching Official Cert Library is a comprehensive review and practice package for the latest CCNP Routing and Switching exams. The three books contained in this package, CCNP Routing and Switching ROUTE 300-101 Official Cert Guide, CCNP Routing and Switching SWITCH 300-115 Official Cert Guide , and CCNP Routing and Switching TSHOOT 300-135 Official Cert Guide , present complete reviews and a more challenging and realistic preparation experience. The books will be fully updated to cover the latest CCNP exam topics. The companion DVDs contains the powerful Pearson IT Certification Practice Test engine, complete with hundreds of well-reviewed, exam-realistic questions. The assessment engine offers you a wealth of customization options and reporting features, laying out a complete assessment of your knowledge to help you focus your study where it is needed most. The DVDs also each contain more than 60 minutes of personal video mentoring from the author. Well-regarded for their level of detail, assessment features, and challenging review questions and exercises, these official study guides help you master the concepts and techniques that will enable you to succeed on the exam the first time. Features + Benefits Revised editions of the #1 selling CCNP preparation self-study guides in a value-priced bundle Book content is fully updated to align to the new CCNP exam objectives Books and CDs are packed with features to help candidates master more difficult testing methods on the actual exams Practice tests contain exam-realistic questions that closely mimic the difficulty of the actual exam. Includes supplemental video training In-depth expert explanations of all protocols, commands, and technologies on the CCNP exams The new edition of bestselling CCNP Routing and Switching Official Cert Library is a comprehensive review and practice package for the latest CCNP Routing and Switching exams. The three books contained in this package, CCNP ROUTE Official Cert Guide, CCNP SWITCH Official Cert Guide, and CCNP TSHOOT Official Cert Guide, present complete reviews and a more challenging and realistic preparation experience. The books will be fully updated to cover the latest CCNP exam topics.

Anbieter: buecher.de
Stand: Oct 18, 2018
Zum Angebot
Resilience of Cyber-Physical Systems
€ 107.99 *
ggf. zzgl. Versand

This book addresses the latest approaches to holistic Cyber-Physical System (CPS) resilience in real-world industrial applications. Ensuring the resilience of CPSs requires cross-discipline analysis and involves many challenges and open issues, including how to address evolving cyber-security threats. The book describes emerging paradigms and techniques from two main viewpoints: CPSs´ exposure to new threats, and CPSs´ potential to counteract them. Further, the chapters address topics ranging from risk modeling to threat management and mitigation. The book offers a clearly structured, highly accessible resource for a diverse readership, including graduate students, researchers and industry practitioners who are interested in evaluating and ensuring the resilience of CPSs in both the development and assessment stages. Foreword by Prof. Shiyan Hu, Chair of Cyber-Physical Systems at Linnaeus University, Sweden.

Anbieter: buecher.de
Stand: Oct 13, 2018
Zum Angebot
Testen in Scrum-Projekten
€ 34.90 *
ggf. zzgl. Versand

Softwareentwicklung wird heute mit agilen Methoden durchgeführt. Dass ein Team, eine Softwareabteilung oder ein ganzes Unternehmen agiles Entwickeln langfristig erfolgreich realisiert und damit die erhofften Vorteile erzielt, daran haben Softwaretests und agile Softwarequalitätssicherung einen entscheidenden Anteil. Dieses Buch gibt einen praxisorientierten Überblick über die am weitesten verbreiteten Testmethoden und -praktiken sowie Managementinstrumente in agilen Projekten. Entwicklungsleiter, Projektleiter, Testmanager und Qualitätsmanager erhalten Hinweise und Tipps, wie Testen und Qualitätssicherung organisiert werden müssen, damit sie auch in agilen Projekten nicht an Schlagkraft verlieren. Professionelle Tester und Experten für Softwarequalität erfahren, wie sie in agilen Teams erfolgreich mitarbeiten und ihre spezielle Expertise optimal einbringen können. Aus dem Inhalt: - Agile und klassische Vorgehensmodelle - Planung im agilen Projekt - Unit Tests, Test First- Integrationstests, Continuous Integration - Systemtests, Test nonstop - Qualitätsmanagement, Qualitätssicherung Fallstudien, ein durchgängiges Fallbeispiel sowie Übungsaufgaben und Checkfragen zum Self-Assessment runden den Inhalt ab. Das Buch orientiert sich am ISTQB® Certified Tester - Foundation Level Extension Syllabus ´´Agile Tester´´. Es eignet sich gleichermaßen für das Selbststudium wie als Begleitliteratur zu den entsprechenden Schulungen. Die 2. Auflage wurde komplett überarbeitet und ist konform zum ISTQB®-Lehrplan Version 2014. ´´Das Buch ist sehr zu empfehlen.´´ Harry Sneed zur 1. Auflage

Anbieter: buecher.de
Stand: Sep 25, 2018
Zum Angebot
The Shellcoder´s Handbook
€ 28.99 *
ggf. zzgl. Versand

- This much-anticipated revision, written by the ultimate group of top security experts in the world, features 40 percent new content on how to find security holes in any operating system or application - New material addresses the many new exploitation techniques that have been discovered since the first edition, including attacking ´´unbreakable´´ software packages such as McAfee´s Entercept, Mac OS X, XP, Office 2003, and Vista - Also features the first-ever published information on exploiting Cisco´s IOS, with content that has never before been explored - The companion Web site features downloadable code files The black hats have kept up with security enhancements. Have you? In the technological arena, three years is a lifetime. Since the first edition of this book was published in 2004, built-in security measures on compilers and operating systems have become commonplace, but are still far from perfect. Arbitrary-code execution vulnerabilities still allow attackers to run code of their choice on your system--with disastrous results. In a nutshell, this book is about code and data and what happens when the two become confused. You´ll work with the basic building blocks of security bugs--assembler, source code, the stack, the heap, and so on. You´ll experiment, explore, and understand the systems you´re running--and how to better protect them. * Become familiar with security holes in Windows, Linux, Solaris, Mac OS X, and Cisco´s IOS * Learn how to write customized tools to protect your systems, not just how to use ready-made ones * Use a working exploit to verify your assessment when auditing a network * Use proof-of-concept exploits to rate the significance of bugs in software you´re developing * Assess the quality of purchased security products by performing penetration tests based on the information in this book * Understand how bugs are found and how exploits work at the lowest level

Anbieter: buecher.de
Stand: Oct 4, 2018
Zum Angebot
SafeScrum® - Agile Development of Safety-Critic...
€ 53.99 *
ggf. zzgl. Versand

This book addresses the development of safety-critical software and to this end proposes the SafeScrum® methodology. SafeScrum® was inspired by the agile method Scrum, which is extensively used in many areas of the software industry. Scrum is, however, not intended or designed for use with safety-critical systems; hence the authors propose guidelines and additions to make it both practically useful and compliant with the additional requirements found in safety standards. The book provides an overview of agile software development and how it can be linked to safety and relevant safety standards. SafeScrum® is described in detail as a useful approach for reaping the benefits of agile methods, and is intended as a set of ideas and a basis for adaptation in industry projects. The book covers roles, processes and practices, and documentation. It also includes tips on how standard software process tools can be employed. Lastly, some insights into relevant research in this new and emerging field are provided, and selected real-world examples are presented. The ideas and descriptions in this book are based on collaboration with the industry, in the form of discussions with assessment organizations, general discussions within the research fields of safety and software, and last but not least, the authors´ own experiences and ideas. It was mainly written for practitioners in industry who know a great deal about how to produce safety-critical software but less about agile development in general and Scrum in particular.

Anbieter: buecher.de
Stand: Oct 2, 2018
Zum Angebot