- Full Description
The Manager's Guide to Web Application Security is a concise, information packed guide to application security risks every organization faces, written in plain language, with guidance on how to deal with those issues quickly and effectively. Often, security vulnerabilities are difficult to understand and quantify because they are the result of intricate programming deficiencies and highly technical issues. Author and noted industry expert Ron Lepofsky breaks down the technical barrier and identifies many real life examples of security vulnerabilities commonly found by IT security auditors, translates them into business risks with identifiable consequences, and provides practical guidance about mitigating them.
The book describes how to fix and prevent these vulnerabilities in a chart format. The book is current, concise, and to the point and helps separate technical jargon from the decisions required to find, fix, and prevent serious vulnerabilities.
• Identifies in crystal clear chart form current vulnerabilities, how to fix them, and their risk.
• Explains how to prevent vulnerabilities from occurring in the first place.
• Glossary translates technical jargon into real-world business impacts and explains the relevance.
What youll learn
- Executives - Quickly comprehend what the application security team is saying in terms of risk and remediation.
- Security experts – understand how to express threats in terms of business risk to executives.
- Immediately see what vulnerabilities are currently relevant, by vulnerability class and by risk.
- Decide what type of security audit is required for your environment since there are several choices.
- Start the planning and budgeting process for preventing future vulnerabilities.
- Get at half-hour consultation at a significantly discounted rate of $30 from the author, ASAP, as a purchaser of the book (normally $250).
Who this book is for
The Manager's Guide to Web Application Security is written for senior executives who have to make business decisions about managing the risk of web applications.
- Table of Contents
Table of Contents1. Understanding IT Security Risks2. Types of Web Application Security Audits
3. Web Application Vulnerabilities and the Damage They Can Cause
4. Web Application Vulnerabilities and Their Remediation
5. Summary of Vulnerability Classes and Remediation Table
6. How to Prevent Web Application Vulnerabilities
7. How to Manage Application Security Written by Third Parties
8. Integrating Compliance with Web Application Security
9. How to Create a Business Case Cost Justifying Web Application Security
10. Parting Thoughts
A. COBIT5 IT Security
B. Experian EI3PA Security Audit Standard
C. ISO 17799:2005 and ISO / IEC 27000 Series
D. NERC CIP North American Energy Council Security Standard for Critical Infrastructure Protection (CIP)
E. NIST 800 Guidelines
F. PCI DSS by PCI Standards Organization
G. Sarbanes-Oxley Security Requirements
H. Sources of Information
Please Login to submit errata.No errata are currently published