Items related to The CERT C Secure Coding Standard (SEI Series in Software...
Synopsis
“I’m an enthusiastic supporter of the CERT Secure Coding Initiative. Programmers have lots of sources of advice on correctness, clarity, maintainability, performance, and even safety. Advice on how specific language features affect security has been missing. The CERT® C Secure Coding Standard fills this need.”
–Randy Meyers, Chairman of ANSI C
“For years we have relied upon the CERT/CC to publish advisories documenting an endless stream of security problems. Now CERT has embodied the advice of leading technical experts to give programmers and managers the practical guidance needed to avoid those problems in new applications and to help secure legacy systems. Well done!”
–Dr. Thomas Plum, founder of Plum Hall, Inc.
“Connectivity has sharply increased the need for secure, hacker-safe applications. By combining this CERT standard with other safety guidelines, customers gain all-round protection and approach the goal of zero-defect software.”
–Chris Tapp, Field Applications Engineer, LDRA Ltd.
“I’ve found this standard to be an indispensable collection of expert information on exactly how modern software systems fail in practice. It is the perfect place to start for establishing internal secure coding guidelines. You won’t find this information elsewhere, and, when it comes to software security, what you don’t know is often exactly what hurts you.”
–John McDonald, coauthor of The Art of Software Security Assessment
Software security has major implications for the operations and assets of organizations, as well as for the welfare of individuals. To create secure software, developers must know where the dangers lie. Secure programming in C can be more difficult than even many experienced programmers believe.
This book is an essential desktop reference documenting the first official release of The CERT® C Secure Coding Standard. The standard itemizes those coding errors that are the root causes of software vulnerabilities in C and prioritizes them by severity, likelihood of exploitation, and remediation costs. Each guideline provides examples of insecure code as well as secure, alternative implementations. If uniformly applied, these guidelines will eliminate the critical coding errors that lead to buffer overflows, format string vulnerabilities, integer overflow, and other common software vulnerabilities.
"synopsis" may belong to another edition of this title.
About the Author
Robert C. Seacord leads the Secure Coding Initiative at the CERT at the Software Engineering Institute (SEI) in Pittsburgh, Pennsylvania. The CERT, among other security-related activities, regularly analyzes software vulnerability reports and assesses the risk to the Internet and other critical infrastructure. Robert is an adjunct professor in the Carnegie Mellon University School of Computer Science and in the Information Networking Institute and part-time faculty at the University of Pittsburgh. An eclectic technologist, Robert is author of three previous books, Secure Coding in C and C++ (Addison- Wesley, 2005), Building Systems from Commercial Components (Addison-Wesley, 2002), and Modernizing Legacy Systems (Addison-Wesley, 2003), as well as more than 40 papers on software security, componentbased software engineering, Web-based system design, legacy-system modernization, component repositories and search engines, and user interface design and development. Robert started programming professionally for IBM in 1982, working in communications and operating system software, processor development, and software engineering. Robert also has worked at the X Consortium, where he developed and maintained code for the Common Desktop Environment and the X Window System. He represents Carnegie Mellon at PL22. 11 (ANSI “C”) and is a technical expert for the JTC1/SC22/WG14 international standardization working group for the C programming language.
From the Back Cover
“I’m an enthusiastic supporter of the CERT Secure Coding Initiative. Programmers have lots of sources of advice on correctness, clarity, maintainability, performance, and even safety. Advice on how specific language features affect security has been missing. The CERT® C Secure
Coding Standardfills this need.”
―Randy Meyers, Chairman of ANSI C
“For years we have relied upon the CERT/CC to publish advisories documenting an endless stream of security problems. Now CERT has embodied the advice of leading technical experts to give programmers and managers the practical guidance needed to avoid those problems in new applications and to help secure legacy systems. Well done!”
―Dr. Thomas Plum, founder of Plum Hall, Inc.
“Connectivity has sharply increased the need for secure, hacker-safe applications. By combining this CERT standard with other safety guidelines, customers gain all-round protection and approach the goal of zero-defect software.”
―Chris Tapp, Field Applications Engineer, LDRA Ltd.
“I’ve found this standard to be an indispensable collection of expert information on exactly how modern software systems fail in practice. It is the perfect place to start for establishing internal secure coding guidelines. You won’t find this information elsewhere, and, when it comes to software security, what you don’t know is often exactly what hurts you.”
―John McDonald, coauthor of The Art of Software Security Assessment
Software security has major implications for the operations and assets of organizations, as well as for the welfare of individuals. To create secure software, developers must know where the dangers lie. Secure programming in C can be more difficult than even many experienced programmers believe.
This book is an essential desktop reference documenting the first official release of The CERT® C Secure Coding Standard. The standard itemizes those coding errors that are the root causes of software vulnerabilities in C and prioritizes them by severity, likelihood of exploitation, and remediation costs. Each guideline provides examples of insecure code as well as secure, alternative implementations. If uniformly applied, these guidelines will eliminate the critical coding errors that lead to buffer overflows, format string vulnerabilities, integer overflow, and other common software vulnerabilities.
"About this title" may belong to another edition of this title.
- PublisherAddisonWesley Professional
- Publication date2008
- ISBN 10 0321563212
- ISBN 13 9780321563217
- BindingPaperback
- LanguageEnglish
- Edition number1
- Number of pages720
Buy New
View this item
£ 33.01
£ 22.18 shipping from U.S.A. to United Kingdom
Destination, rates & speedsSearch results for The CERT C Secure Coding Standard (SEI Series in Software...
Stock Image
The CERT C Secure Coding Standard (SEI Series in Software Engineering (Paperback))
Published by
AddisonWesley Professional, 2008
ISBN 10: 0321563212
ISBN 13: 9780321563217
Used
paperback
Seller: AwesomeBooks, Wallingford, United Kingdom
Seller rating 5 out of 5 stars
paperback. Condition: Very Good. The CERT C Secure Coding Standard (SEI Series in Software Engineering (Paperback)) This book is in very good condition and will be shipped within 24 hours of ordering. The cover may have some limited signs of wear but the pages are clean, intact and the spine remains undamaged. This book has clearly been well maintained and looked after thus far. Money back guarantee if you are not satisfied. See all our books here, order more than 1 book and get discounted shipping. . Seller Inventory # 7719-9780321563217
Quantity: 1 available
Stock Image
The CERT C Secure Coding Standard
Published by
AddisonWesley Professional, 2008
ISBN 10: 0321563212
ISBN 13: 9780321563217
Used
Softcover
Seller: St Vincent de Paul of Lane County, Eugene, OR, U.S.A.
Seller rating 5 out of 5 stars
Condition: Acceptable. Paperback 100% of proceeds go to charity! Acceptable reading copy with obvious signs of use, wear, and/or cosmetic issues. Item is complete and remains readable despite notable condition issues. Seller Inventory # U-03-4611
Quantity: 1 available
Stock Image
The CERT C Secure Coding Standard
Published by
AddisonWesley Professional, 2008
ISBN 10: 0321563212
ISBN 13: 9780321563217
Used
Softcover
Seller: SecondSale, Montgomery, IL, U.S.A.
Seller rating 4 out of 5 stars
Condition: Very Good. Item in very good condition! Textbooks may not include supplemental items i.e. CDs, access codes etc. Seller Inventory # 00087677603
Quantity: 1 available
Stock Image
The CERT C Secure Coding Standard
Published by
Addison-Wesley Professional, 2008
ISBN 10: 0321563212
ISBN 13: 9780321563217
Used
Soft Cover
Seller: BookOrders, Russell, IA, U.S.A.
Seller rating 4 out of 5 stars
Soft Cover. Condition: Good. Ex-library with the usual features. The interior is clean and tight. Binding and cover are good. Ex-Library. Seller Inventory # 033228so
Quantity: 1 available
Stock Image
The CERT C Secure Coding Standard (Sei Series in Software Engineering)
Published by
AddisonWesley Professional, 2008
ISBN 10: 0321563212
ISBN 13: 9780321563217
Used
paperback
Seller: Studibuch, Stuttgart, Germany
Seller rating 5 out of 5 stars
paperback. Condition: Sehr gut. 720 Seiten; 9780321563217.2 Gewicht in Gramm: 2. Seller Inventory # 871264
Quantity: 1 available
Stock Image
The CERT C Secure Coding Standard
Published by
AddisonWesley Professional, 2008
ISBN 10: 0321563212
ISBN 13: 9780321563217
New
Paperback
Seller: Toscana Books, AUSTIN, TX, U.S.A.
Seller rating 5 out of 5 stars
Paperback. Condition: new. Excellent Condition.Excels in customer satisfaction, prompt replies, and quality checks. Seller Inventory # Scanned0321563212
Quantity: 1 available