application security books

In the age of information and network, computers are playing an increasingly important role in our work and life. More and more users use computers to obtain and process information, and store their most important information in the form of data files. Some people describe that the Internet is like the most free world. Here you can use your imagination to create a small world of your own, but if we lack the minimum security means in our network, where

rigorous enough in the website architecture design process, and almost every website has vulnerabilities, there is a lack of effective monitoring measures, and there is a lack of necessary basic protection measures. Starting from the three aspects of security: security, reliability and availability requirements, as well as national and industry requirements, the following problems need to be solved: 1. Eff

Absrtact: This paper asp.net the concept of application security, introduces various secure communication technologies and compares them. Keywords: Secure communications SSL IPSec RPC asp.net web application 1. Foreword Any successful application security policy is based on

Some of our commonly used network applications, such as e-commerce, are implemented at the network application layer. So how can we ensure security in the application layer protocol? In this regard, we will mainly discuss the SET protocol. First, let's take a look at the security protocol environment on the Internet. I

Neusoft's new series of NISG security gateways integrate firewall, VPN, anti-virus, spam filtering, IPS intrusion defense, and WEB application filtering. The product model covers all users in the high school and low end. There are many technical highlights of the NISG series. This article only lists the nine most distinctive application skills that are most popul

brings a poor user experience, the replacement of IP is a frequent thing, such as work and home is 2 IP, So this approach is often not used. So cookie-based attack patterns are now very popular, and in some Web 2.0 sites it's easy to get an application's administrator status.How can we protect our sensitive cookies? Through the above analysis, the general cookie is obtained from the document object, we just let the sensitive cookie browser document is not visible on the line. Fortunately, now t

1. Introduction to the ASP. NET application Resource Access Security Model ASP.. net web applications generally belong to multi-layer architecture. Generally, they can be divided into presentation layer, business logic layer, and data access layer. The client needs to access application resources, its identity authentication and authorization must go beyond multi

Reading feeds By default, you can only use a native instance of Visual Studio 2005 to manage security credentials in a SQL Server database that is published with ASP.net 2.0. This article will show you how to use a Web service to wrap a asp.net 2.0 provider and expand this management capability by using a Windows Form application to manage the voucher store. Today, both the Internet and intranet programs g

Q: A colleague from an enterprise recently told me about their application testing process and how comprehensive the test was, they also conduct network penetration tests on application systems to ensure comprehensive security. I think it sounds like a waste of time and resources. Do you agree with me? Is network penetration testing good for

What is Application security? Application security is the security of network applications, these applications include: credit card number, confidential information, user files and other information. So what is the difficulty in protecting these applications from malicious a

Digital Certificate and Its Application in Security Testing0x00 background To perform security tests on the Web layer, it is inevitable that a man-in-the-middle proxy will be used to capture packets for analysis. Common tools include BurpSuit, Fiddker, and Charles. The usage of these tools has been described on the Internet. I will not go into details here. Howev

Springcloud security settings for application Configuration Center ConfigIn Springcloud application development, in order to facilitate the online management of our configuration files, usually with a configuration center config-server, which hosts some of the application's configuration files, these profiles are configured with many of our account information: M

We know that unlike traditional Web applications, Web 2.0 applications are typically built on Ajax and interactive Web services, a technology that transforms security professionals into new security challenges. First, Introduction This article provides security professionals with a detailed description of the methods, tools, and techniques used to analyze Web2.

For Web application developers, performance and security are like two swords in their hearts. Web applications are particularly vulnerable to attacks because of the specificity of their users. The author takes Asp.net+visualstudio as an example to discuss how to effectively deal with Web application security threats.

level, or the full certification level, then vote in favor.If there is a security object attribute that requires anonymous authentication and is currently in an anonymous authentication level, or if you remember my authentication level, or the full certification level, then vote in favor.If the polling device supports at least one securable object property, and the current security level does not meet the

Mobile app security threats are mainly local security, such as remote control, application cracking, information theft, and so on, most people have not paid attention to the security issues of the app server, but there are many security vulnerabilities in this block.mobile a

I believe we all have heard more or less about various Web application security vulnerabilities, such as: Cross-site scripting attacks (XSS), SQL injection, uploading vulnerabilities ... Various. Here I do not deny all kinds of naming and classification methods, also do not evaluate the rationality of its naming or not, I want to tell you that all kinds of security