Select delivery location
See All Buying Options
Kindle app logo image

Download the free Kindle app and start reading Kindle books instantly on your smartphone, tablet, or computer - no Kindle device required.

Read instantly on your browser with Kindle for Web.

Using your mobile phone camera - scan the code below and download the Kindle app.

QR code to download the Kindle App

Follow the authors

Mark Dowd
Follow
Justin Schuh
Follow
Something went wrong. Please try your request again later.

The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities (Volume 1 of 2) 1st Edition

by Mark Dowd (Author), John McDonald (Author), Justin Schuh (Author)
4.4 4.4 out of 5 stars 61 ratings
See all formats and editions

“There are a number of secure programming books on the market, but none that go as deep as this one. The depth and detail exceeds all books that I know about by an order of magnitude.”

–Halvar Flake, CEO and head of research, SABRE Security GmbH

 

Note: This is now a 2 volume set which is shrink wrapped. 

 

The Definitive Insider’s Guide to Auditing Software Security

 

This is one of the most detailed, sophisticated, and useful guides to software security auditing ever written. The authors are leading security consultants and researchers who have personally uncovered vulnerabilities in applications ranging from sendmail to Microsoft Exchange, Check Point VPN to Internet Explorer. Drawing on their extraordinary experience, they introduce a start-to-finish methodology for “ripping apart” applications to reveal even the most subtle and well-hidden security flaws.

 

The Art of Software Security Assessment covers the full spectrum of software vulnerabilities in both UNIX/Linux and Windows environments. It demonstrates how to audit security in applications of all sizes and functions, including network and Web software. Moreover, it teaches using extensive examples of real code drawn from past flaws in many of the industry's highest-profile applications.

 

Coverage includes

 

• Code auditing: theory, practice, proven methodologies, and secrets of the trade

• Bridging the gap between secure software design and post-implementation review

• Performing architectural assessment: design review, threat modeling, and operational review

• Identifying vulnerabilities related to memory management, data types, and malformed data

• UNIX/Linux assessment: privileges, files, and processes

• Windows-specific issues, including objects and the filesystem

• Auditing interprocess communication, synchronization, and state

• Evaluating network software: IP stacks, firewalls, and common application protocols

• Auditing Web applications and technologies

 

This book is an unprecedented resource for everyone who must deliver secure software or assure the safety of existing software: consultants, security specialists, developers, QA staff, testers, and administrators alike.

 

Contents

ABOUT THE AUTHORS     xv

PREFACE     xvii

ACKNOWLEDGMENTS    xxi

I Introduction to Software Security Assessment

1 SOFTWARE VULNERABILITY FUNDAMENTALS    3

2 DESIGN REVIEW     25

3 OPERATIONAL REVIEW    67

4 APPLICATION REVIEW PROCESS    91

II Software Vulnerabilities

5 MEMORY CORRUPTION    167

6 C LANGUAGE ISSUES     203

7 PROGRAM BUILDING BLOCKS     297

Note: This is now a 2 volume set which is shrink wrapped. 

 

Computer software is an integral part of modern society. Companies rely on applications to manage client information, payment data, and inventory tracking. Consumers use software for a variety of different reasons as well--to manage their daily lives, to communicate with friends and family, and to browse resources made available on the internet, to name a few. With such a heavy reliance on software in our society, questions surrounding the security of the pieces of software performing these various tasks begin to arise. Is the software we are using really secure? How can we verify that it is? And what are the implications of a particular application being compromised? These are some of the questions that this book attempts to address. This book sheds light on the theory and practice of code auditing--how to rip apart an application and discover security vulnerabilities.

Note: This is now a 2 volume set which is shrink wrapped. 

 

Computer software is an integral part of modern society. Companies rely on applications to manage client information, payment data, and inventory tracking. Consumers use software for a variety of different reasons as well--to manage their daily lives, to communicate with friends and family, and to browse resources made available on the internet, to name a few. With such a heavy reliance on software in our society, questions surrounding the security of the pieces of software performing these various tasks begin to arise. Is the software we are using really secure? How can we verify that it is? And what are the implications of a particular application being compromised? These are some of the questions that this book attempts to address. This book sheds light on the theory and practice of code auditing--how to rip apart an application and discover security vulnerabilities.

Previous slide of product details
  1. ISBN-10
    0321444426
  2. ISBN-13
    978-0321444424
  3. Edition
    1st
  4. Publisher
    Addison-Wesley Professional
  5. Publication date
    January 1, 2006
  6. Language
    English
  7. Dimensions
    7 x 2 x 9 inches
  8. Print length
    1174 pages
  9. See all details
Next slide of product details
Amazon First Reads | Editors' picks at exclusive prices

Editorial Reviews

From the Back Cover

There are a number of secure programming books on the market, but none that go as deep as this one. The depth and detail exceeds all books that I know about by an order of magnitude.

Halvar Flake, CEO and head of research, SABRE Security GmbH

 

The Definitive Insider s Guide to Auditing Software Security

 

This is one of the most detailed, sophisticated, and useful guides to software security auditing ever written. The authors are leading security consultants and researchers who have personally uncovered vulnerabilities in applications ranging from sendmail to Microsoft Exchange, Check Point VPN to Internet Explorer. Drawing on their extraordinary experience, they introduce a start-to-finish methodology for ripping apart applications to reveal even the most subtle and well-hidden security flaws.

 

The Art of Software Security Assessment covers the full spectrum of software vulnerabilities in both UNIX/Linux and Windows environments. It demonstrates how to audit security in applications of all sizes and functions, including network and Web software. Moreover, it teaches using extensive examples of real code drawn from past flaws in many of the industry's highest-profile applications.

 

Coverage includes

 

Code auditing: theory, practice, proven methodologies, and secrets of the trade

Bridging the gap between secure software design and post-implementation review

Performing architectural assessment: design review, threat modeling, and operational review

Identifying vulnerabilities related to memory management, data types, and malformed data

UNIX/Linux assessment: privileges, files, and processes

Windows-specific issues, including objects and the filesystem

Auditing interprocess communication, synchronization, and state

Evaluating network software: IP stacks, firewalls, and common application protocols

Auditing Web applications and technologies

 

This book is an unprecedented resource for everyone who must deliver secure software or assure the safety of existing software: consultants, security specialists, developers, QA staff, testers, and administrators alike.

 

Contents

ABOUT THE AUTHORS     xv

PREFACE     xvii

ACKNOWLEDGMENTS    xxi

I Introduction to Software Security Assessment

1 SOFTWARE VULNERABILITY FUNDAMENTALS    3

2 DESIGN REVIEW     25

3 OPERATIONAL REVIEW    67

4 APPLICATION REVIEW PROCESS    91

II Software Vulnerabilities

5 MEMORY CORRUPTION    167

6 C LANGUAGE ISSUES     203

7 PROGRAM BUILDING BLOCKS     297

8 STRINGS ANDMETACHARACTERS    387

9 UNIX I: PRIVILEGES AND FILES     459

10 UNIX II: PROCESSES     559

11 WINDOW

About the Author

Mark Dowd is a principal security architect at McAfee, Inc. and an established expert in the field of application security. His professional experience includes several years as a senior researcher at Internet Security Systems (ISS) X-Force, and the discovery of a number of high-profile vulnerabilities in ubiquitous Internet software. He is responsible for identifying and helping to address critical flaws in Sendmail, Microsoft Exchange Server, OpenSSH, Internet Explorer, Mozilla (Firefox), Checkpoint VPN, and Microsoft’s SSL implementation. In addition to his research work, Mark presents at industry conferences, including Black Hat and RUXCON.

 

John McDonald is a senior consultant with Neohapsis, where he specializes in advanced application security assessment across a broad range of technologies and platforms. He has an established reputation in software security, including work in security architecture and vulnerability research for NAI (now McAfee), Data Protect GmbH, and Citibank. As a vulnerability researcher, John has identified and helped resolve numerous critical vulnerabilities, including issues in Solaris, BSD, Checkpoint FireWall-1, OpenSSL, and BIND.

 

Justin Schuh is a senior consultant with Neohapsis, where he leads the Application Security Practice. As a senior consultant and practice lead, he performs software security assessments across a range of systems, from embedded device firmware to distributed enterprise web applications. Prior to his employment with Neohapsis, Justin spent nearly a decade in computer security activities at the Department of Defense (DoD) and related agencies. His government service includes a role as a lead researcher with the National Security Agency (NSA) penetration testing team–the Red Team.

Product details

  • Publisher ‏ : ‎ Addison-Wesley Professional; 1st edition (January 1, 2006)
  • Language ‏ : ‎ English
  • Paperback ‏ : ‎ 1174 pages
  • ISBN-10 ‏ : ‎ 0321444426
  • ISBN-13 ‏ : ‎ 978-0321444424
  • Item Weight ‏ : ‎ 2 pounds
  • Dimensions ‏ : ‎ 7 x 2 x 9 inches
  • Customer Reviews:
    4.4 4.4 out of 5 stars 61 ratings

About the authors

Follow authors to get new release updates, plus improved recommendations.
Previous page
  1. Mark Dowd

    Mark Dowd

    Brief content visible, double tap to read full content.
    Full content visible, double tap to read brief content.

    Discover more of the author’s books, see similar authors, read author blogs and more

    See more on the author's page
  2. Justin Schuh

    Justin Schuh

    Brief content visible, double tap to read full content.
    Full content visible, double tap to read brief content.

    Discover more of the author’s books, see similar authors, read author blogs and more

    See more on the author's page
Next page

Customer reviews

4.4 out of 5 stars
61 global ratings

Top reviews from the United States

Amazon Customer
5.0 out of 5 stars Excellent, the perfect Soft Sec Assessment's beginner book.
Reviewed in the United States on July 4, 2016
Verified Purchase
This book is by far the most detailed and example heavy book on the topic I've read. The main book is about 1123 pages, but once go get into the meat of the book, there's examples and diagrams on almost every other page, sometimes even every page. The great thing about this is if you're impatient, you could skip examples. However, I wouldn't recommend this because every example goes into some new level of depth, and they often come from real software. The only thing you need to be aware of is you should have moderate understanding of C programming, and basic knowledge of ASM. If you don't, they do a good job to explain it, but it might be difficult to follow.
8 people found this helpful
Helpful
 Report
John P
5.0 out of 5 stars Great book for the right audience
Reviewed in the United States on September 29, 2016
Verified Purchase
Very interesting text that works through the steps in software vulnerability analysis. Not good for a beginner as it assumes proficiency with programming, but that's to be expected for the subject matter. Having developed code for in-house use, I haven't been too concerned with secure coding in the past. This was very interesting reading, IMO. By the way, I ordered it from Amazon directly first. The recent version is broken up into two volumes of about 600 pages each. I received only volume 2 first round and was told my best option was to return it and buy from another seller as they couldn't ship me just the first volume. Good luck.
2 people found this helpful
Helpful
 Report
Gaggleframpf
5.0 out of 5 stars Great book. Bad binding
Reviewed in the United States on September 9, 2018
Verified Purchase
The book is without a doubt crucial for anyone doing software security audits. The binding was horrible and started falling apart on the bottom 2 inches of both books. I used glue to fix it. But seriously fix your binding. There's no good reason for bad binding like this coming from a major publisher like AW.
One person found this helpful
Helpful
 Report
X. Liu
4.0 out of 5 stars Great book, but make sure you receive the complete book all 1200 pages. Received only volume 1 of 2.
Reviewed in the United States on May 10, 2016
Verified Purchase
The book itself is great. However, when I ordered this book on amazon, I only received 1 of 2 volumes. In addition, the cover suggested it was the first volume but the book was actually volume 2. Appears that the publisher messed up when they printed the book leading to overall chaos and confusion.
7 people found this helpful
Helpful
 Report
Zach R
5.0 out of 5 stars Buy the paper version
Reviewed in the United States on August 28, 2013
Verified Purchase
I bought the Kindle version of this so that I could read on-the-go, and I have to say that in some places the formatting makes it hard to follow in the examples. The hard copy is much better, although significantly less portable. I'd recommend the hard copy, given the choice between the two.
9 people found this helpful
Helpful
 Report
Carlos Santiviago
5.0 out of 5 stars Still one of the best books on the subject
Reviewed in the United States on June 29, 2012
Verified Purchase
This book is still one of the best books on the subject, and you won't regret buying it if you work with information security or cares about secure development.
Helpful
 Report
Odysseus Simpson
1.0 out of 5 stars Incomplete order - only 1 of 2 volumes received
Reviewed in the United States on August 9, 2017
Verified Purchase
I also only received the 1st volume. I am super disappointed because the book is great but it seems the publisher really messed up on a recent publication.
3 people found this helpful
Helpful
 Report
Leo Kool
5.0 out of 5 stars seems to be complete
Reviewed in the United States on April 19, 2013
Verified Purchase
The book this big and the texts are clear. There are good reviews about this book and was recommended in the Blackhat course.
Helpful
 Report

Top reviews from other countries

Translate all reviews to English
Rick T
5.0 out of 5 stars Great
Reviewed in Canada on September 4, 2018
Verified Purchase
Great
Report
Jack OATMON
5.0 out of 5 stars Très bon livre, mais édition étrange
Reviewed in France on May 8, 2019
Verified Purchase
Je ne vais pas commenter le contenu du livre qui est au demeurant une référence dans le contenu pour le public cible, mais cette édition. Le livre a été découpé en 2 volumes par Addison-Wesley, mais il semblerait que certains livres estampillés "Volume 1 of 2" soit en fait... complet.
Pour preuve, j'en ai fait la commande, j'ai reçu le "Volume 2 of 2" qui commence à la page 559 (chapitre 10), puis après un retour et une nouvelle commande, j'ai cette fois reçu le "Volume 1 of 2", qui commence bien par le début et qui contient l'intégralité du contenu (donc environ 1200 pages). Les 2 volumes ont le même ISBN.
Le problème a bien été remonté à Amazon. Donc attention !
Customer image
Jack OATMON
5.0 out of 5 stars Très bon livre, mais édition étrange
Reviewed in France on May 8, 2019
Je ne vais pas commenter le contenu du livre qui est au demeurant une référence dans le contenu pour le public cible, mais cette édition. Le livre a été découpé en 2 volumes par Addison-Wesley, mais il semblerait que certains livres estampillés "Volume 1 of 2" soit en fait... complet.
Pour preuve, j'en ai fait la commande, j'ai reçu le "Volume 2 of 2" qui commence à la page 559 (chapitre 10), puis après un retour et une nouvelle commande, j'ai cette fois reçu le "Volume 1 of 2", qui commence bien par le début et qui contient l'intégralité du contenu (donc environ 1200 pages). Les 2 volumes ont le même ISBN.
Le problème a bien été remonté à Amazon. Donc attention !
Images in this review
Customer image Customer image Customer image Customer image
Customer imageCustomer imageCustomer imageCustomer image
Report
Sachin
4.0 out of 5 stars Great Book! Great service by amazon.
Reviewed in India on May 6, 2017
Verified Purchase
Great content consolidated together in two volumes.
Examples are based on conventional technologies which are easy to relate with. I liked the Threat Modelling section particularly.
Report
Felipe M. Lalli
3.0 out of 5 stars Too long and wide
Reviewed in Brazil on July 18, 2015
Verified Purchase
Not so objective, too open, wide, slow, big, confuse, repetitive etc, do you know what am I saying? Oh Yes?
Report
Russell Willis
5.0 out of 5 stars "THE" secure software book!
Reviewed in the United Kingdom on March 31, 2016
Verified Purchase
As I work in the software security industry I took it upon myself to get this book and go through it thoroughly, what an experience. This book will both scare you and reassure you. Scare you with just how insecure software can be and the ramifications of such software. Reassure you that it is indeed possible to build robust and secure software, or more secure software :)
If you are in any way linked to the software security industry, i.e. work in it or just have an interest, then I can't recommend this book highly enough, I could go into details of each chapter, but you're better getting it and reading it for yourself. Be warned though, it is a mighty tome and requires time and effort, but you will be richly rewarded and much better off for the experience.
One person found this helpful
 Report