OWASP Testing Guide Appendix B: Suggested Reading

african american marriage counselor in new jersey lexis nexis butterworths south africa asian white love kit garages australia asian longhorned beatle antivirus software downloadable australian girls names links links poverty in african american communities norton antivirus and internet security and spyware top african gallery hair style african male lions south africa apartments for sale pygmy africa australian shepherd calendar pc cillin antivirus 11 webmap australian superannuation rules symantec antivirus download little asian boy endangered wildlife in africa crack for panda titanium antivirus 2005 history on africa vet+antivirus url asian food grocer electrol rolls australia autograph pittsburgh session steelers url chews asianbeaver arg antivirus software australian table tennis african ceramics and history african american chemist john r. cooper mcafee antivirus 2005 download karpasky antivirus asian bukkake facial kogal african american green movie pasture autographed pic australian currency climate maps of australia where is sydney located in australia nortan antivirus 2004 serial asian ts preview african orthodox church ifny africa

Whitepapers

 * The OWASP Guide to Building Secure Web Applications


 * The Economic Impacts of Inadequate Infrastructure for Software Testing - http://www.nist.gov/director/prog-ofc/report02-3.pdf


 * Threats and Countermeasures: Improving Web Application Security - http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/threatcounter.asp


 * Use Cases: Just the FAQs and Answers - http://www-106.ibm.com/developerworks/rational/library/content/RationalEdge/jan03/UseCaseFAQS_TheRationalEdge_Jan2003.pdf

[[Category:FIXME|broken link


 * Security in the SDLC (NIST) - http://csrc.nist.gov/publications/nistpubs/800-64/NIST-SP800-64.pdf
 * Web Application Security is Not an Oxy-Moron, by Mark Curphey - http://www.sbq.com/sbq/app_security/index.html
 * The Security of Applications: Not All Are Created Equal - http://www.atstake.com/research/reports/acrobat/atstake_app_unequal.pdf
 * The Security of Applications Reloaded - http://www.atstake.com/research/reports/acrobat/atstake_app_reloaded.pdf

]]

Books

 * James S. Tiller: "The Ethical Hack: A Framework for Business Value Penetration Testing", Auerbach, ISBN: 084931609X


 * Susan Young, Dave Aitel: "The Hacker's Handbook: The Strategy behind Breaking into and Defending Networks", Auerbach, ISBN: 0849308887


 * Secure Coding, by Mark Graff and Ken Van Wyk, published by OâReilly, ISBN 0596002424(2003) - http://www.securecoding.org


 * Building Secure Software: How to Avoid Security Problems the Right Way, by Gary McGraw and John Viega, published by Addison-Wesley Pub Co, ISBN 020172152X (2002) - http://www.buildingsecuresoftware.com


 * Writing Secure Code, by Mike Howard and David LeBlanc, published by Microsoft Press, ISBN 0735617228 (2003) http://www.microsoft.com/mspress/books/5957.asp


 * Innocent Code: A Security Wake-Up Call for Web Programmers, by Sverre Huseby, published by John Wiley & Sons, ISBN 0470857447(2004) - http://innocentcode.thathost.com


 * Exploiting Software: How to Break Code, by Gary McGraw and Greg Hoglund, published by Addison-Wesley Pub Co, ISBN 0201786958 (2004) -http://www.exploitingsoftware.com


 * Secure Programming for Linux and Unix HOWTO, David Wheeler (2004) - http://www.dwheeler.com/secure-programs


 * Mastering the Requirements Process, by Suzanne Robertson and James Robertsonn, published by Addison-Wesley Professional, ISBN 0201360462 - http://www.systemsguild.com/GuildSite/Robs/RMPBookPage.html


 * The Unified Modeling Language â A User Guide - http://www.awprofessional.com/catalog/product.asp?product_id=%7B9A2EC551-6B8D-4EBC-A67E-84B883C6119F%7D


 * Web Applications (Hacking Exposed) by Joel Scambray and Mike Shema, published by McGraw-Hill Osborne Media, ISBN 007222438X


 * Software Testing In The Real World (Acm Press Books) by Edward Kit, published by Addison-Wesley Professional, ISBN 0201877562 (1995)


 * Securing Java, by Gary McGraw, Edward W. Felten, published by Wiley, ISBN 047131952X (1999) - http://www.securingjava.com


 * Beizer, Boris, Software Testing Techniques, 2nd Edition, Â© 1990 International Thomson Computer Press, ISBN 0442206720

[[Category:FIXME|broken links, I left them above


 * Building Secure Software: How to Avoid Security Problems the Right Way, by Gary McGraw and John Viega, published by Addison-Wesley Pub Co, ISBN 020172152X (2002) - http://www.buildingsecuresoftware.com


 * Writing Secure Code, by Mike Howard and David LeBlanc, published by Microsoft Press, ISBN 0735617228 (2003) http://www.microsoft.com/mspress/books/5957.asp


 * The Unified Modeling Language â A User Guide - http://www.awprofessional.com/catalog/product.asp?product_id=%7B9A2EC551-6B8D-4EBC-A67E-84B883C6119F%7D

]]

Useful Websites

 * OWASP â http://www.owasp.org


 * SANS - http://www.sans.org


 * Secure Coding â http://www.securecoding.org


 * Secure Coding Guidelines for the .NET Framework  - http://msdn.microsoft.com/security/securecode/bestpractices/default.aspx?pull=/library/en-us/dnnetsec/html/seccodeguide.asp


 * Security in the Java platform â  http://java.sun.com/security


 * OASIS WAS XML â http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=was