Where to get good security advice?

Thread view:

Enable EMail Alerts

Start New Thread

Thread rating:

Mad_Gerbil - 06 Jan 2006 21:23 GMT

I'm reading O'Reilly's .NET Security right now and it is very informative.
The book is filling me in on the various classes in the Security namespace
and teaching me the very basics on how to use it.

Once I'm done with that book; however, I'd like to read something a bit more
along the lines of applying the knowledge I've gained.

Right now I'm looking for a book that describes an attack someone might
perform on a .NET program (particularly a desktop application) and then the
sort of code I'd use to protect against the described attack. I see in
various threads and literature where attacks are mentioned by name but nobody
describes how they are accomplished and what the appropriate counter would be.

Any suggested books or papers that address this along the lines of:

1: Here is the attack.
2: Here is how it works.
3: Here is how to program to avoid it.

Thanks in advance,
MG

Reply to this Message

Jas - 08 Jan 2006 04:35 GMT

I don't know of one specifically for rich application written in .NET. But
for the most part the attacks which apply to such apps is a subset of the
attacks that apply to any rich application. There are a bunch of books in
that space: Writing Secure Code, The 19 Deadly Sins of Software Security,
Exploiting Software: How to Break Code...

That's just a short list to get you started. You can probably find reviews
for them online.

jas

> I'm reading O'Reilly's .NET Security right now and it is very informative.
> The book is filling me in on the various classes in the Security namespace
[quoted text clipped - 17 lines]
> Thanks in advance,
> MG

Reply to this Message

Where to get good security advice?

Free Magazines