Skip to main content
SpringerLink
Log in
Apress
Book cover

The Manager's Guide to Web Application Security

A Concise Guide to the Weaker Side of the Web

  • Book
  • © 2014

Overview

Authors:
  1. Ron Lepofsky
    View author publications

    You can also search for this author in PubMed   Google Scholar

  • The Manager's Guide to Web Application Security is a concise, information-packed guide to application security risks every organization faces, written in plain language, with guidance on how to deal with those issues quickly and effectively.

This is a preview of subscription content, log in via an institution to check access.

Access this book

Log in via an institution
eBook USD 79.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book USD 99.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Other ways to access

Licence this eBook for your library

Institutional subscriptions

Table of contents (17 chapters)

  1. Front Matter

    Pages i-xxiv
    Download chapter PDF

  2. Understanding IT Security Risks

    • Ron Lepofsky
    Pages 1-11

  3. Types of Web Application Security Testing

    • Ron Lepofsky
    Pages 13-20

  4. Web Application Vulnerabilities and the Damage They Can Cause

    • Ron Lepofsky
    Pages 21-46

  5. Web Application Vulnerabilities and Countermeasures

    • Ron Lepofsky
    Pages 47-79

  6. How to Build Preventative Countermeasures for Web Application Vulnerabilities

    • Ron Lepofsky
    Pages 81-94

  7. How to Manage Security on Applications Written by Third Parties

    • Ron Lepofsky
    Pages 95-98

  8. Integrating Compliance with Web Application Security

    • Ron Lepofsky
    Pages 99-110

  9. How to Create a Business Case for Web Application Security

    • Ron Lepofsky
    Pages 111-130

  10. Parting Thoughts

    • Ron Lepofsky
    Pages 131-132

  11. COBIT® 5 for Information Security

    • Ron Lepofsky
    Pages 133-145

  12. Experian EI3PA Security Assessment

    • Ron Lepofsky
    Pages 147-159

  13. ISO/IEC 17799:2005 and the ISO/IEC 27000:2014 Series

    • Ron Lepofsky
    Pages 161-163

  14. North American Energy Council Security Standard for Critical Infrastructure Protection (NERC CIP)

    • Ron Lepofsky
    Pages 165-176

  15. NIST 800 Guidelines

    • Ron Lepofsky
    Pages 177-178

  16. Payment Card Industry (PCI) Data Security Standard Template for Report on Compliance for use with PCI DSS v3.0

    • Ron Lepofsky
    Pages 179-196

  17. Sarbanes-Oxley Security Compliance Requirements

    • Ron Lepofsky
    Pages 197-198

  18. Sources of Information

    • Ron Lepofsky
    Pages 199-200

  19. Back Matter

    Pages 201-204
    Download chapter PDF
Back to top

About this book

The Manager's Guide to Web Application Security is a concise, information-packed guide to application security risks every organization faces, written in plain language, with guidance on how to deal with those issues quickly and effectively. Often, security vulnerabilities are difficult to understand and quantify because they are the result of intricate programming deficiencies and highly technical issues. Author and noted industry expert Ron Lepofsky breaks down the technical barrier and identifies many real-world examples of security vulnerabilities commonly found by IT security auditors, translates them into business risks with identifiable consequences, and provides practical guidance about mitigating them.

The Manager's Guide to Web Application Security describes how to fix and prevent these vulnerabilities in easy-to-understand discussions of vulnerability classes and their remediation. For easy reference, the information is also presented schematically in Excel spreadsheets available to readers for free download from the publisher’s digital annex. The book is current, concise, and to the point—which is to help managers cut through the technical jargon and make the business decisions required to find, fix, and prevent serious vulnerabilities.

About the author

Ron Lepofsky is the president of ERE Information Security Auditors, which he founded in 2000. He holds the CISSP and CISM security certifications and a degree in mechanical engineering from the University of Toronto. He has extensive experience managing the web application security audit process, advising senior management on remediating security weaknesses, and translating the technical findings of his auditor teams into actionable terms for management.

Bibliographic Information

  • Book Title: The Manager's Guide to Web Application Security

  • Book Subtitle: A Concise Guide to the Weaker Side of the Web

  • Authors: Ron Lepofsky

  • DOI: https://doi.org/10.1007/978-1-4842-0148-0

  • Publisher: Apress Berkeley, CA

  • eBook Packages: Professional and Applied Computing, Apress Access Books, Professional and Applied Computing (R0)

  • Copyright Information: Ron Lepofsky 2014

  • Softcover ISBN: 978-1-4842-0149-7Published: 19 December 2014

  • eBook ISBN: 978-1-4842-0148-0Published: 26 December 2014

  • Edition Number: 1

  • Number of Pages: XX, 232

  • Number of Illustrations: 11 b/w illustrations

  • Topics: Web Development, Cryptology

Publish with us

Policies and ethics

Back to top

Search

Navigation