Security Basics mailing list archives
Re: Question about a book
From: "Sheldon Malm" <smalm () ncircle com>
Date: Fri, 4 Jan 2008 14:19:31 -0800
SANS has excellent course ware and I would recommend "How to break web software" -------------------------- Sheldon Malm Director Security Research and Development nCircle VERT Sent from my BlackBerry Wireless Handheld ----- Original Message ----- From: listbounce () securityfocus com <listbounce () securityfocus com> To: Worrell, Brian <BWorrell () isdh IN gov> Cc: security-basics () securityfocus com <security-basics () securityfocus com> Sent: Fri Jan 04 09:25:11 2008 Subject: Re: Question about a book I would skip the book if you are going to do risk assessment instead of application assessments... A better guide would likely be the high level OWASP stuff at http://www.owasp.org. --- Brent Huston, CHS-III Security Evangelist & CEO http://www.microsolved.com Assessments, Application/Device Security & HoneyPoint On Jan 4, 2008, at 8:24 AM, Worrell, Brian wrote:
Has anyone read the book "The Web Application Hacker's Handbook Discovering and Exploiting Security Flaws"? If so, what do you think about it? Soon I will have to do Risk Assessments of our Web Applications that we are going to deploy, and need something that would help me when it comes to the most common tests or vulnerabilities. Knowing that there are many options, if this book is not very good, does anyone else know of a resource for Web App assessments? Thank you, Brian Worrell Information Security Manager and Security Officer Office of HIPAA Compliance Indiana State Department of Health 2 North Meridian Street Indianapolis, IN 46204 o: (317) 233-4945
Current thread:
- Question about a book Worrell, Brian (Jan 04)
- Re: Question about a book Brent Huston (Jan 04)
- Re: Question about a book Bipin Upadhyay (Jan 07)
- <Possible follow-ups>
- Re: Question about a book Sheldon Malm (Jan 04)
- Re: Question about a book Brent Huston (Jan 04)