OWASP Testing Guide Appendix B: Suggested Reading

asia company paper pulp australian innovation centre gay asian men videos antivirus+avg clubasian superannuation australian government asian school girl movie 1992 events australia download antivirus for free windows 2000 server antivirus free uninstall norton antivirus corporate auto meter.com dura automotive webmap thermal bath south africa homan auto kaspersky antivirus cracks timber framing code of australia australia tourist visa uk site automated fingerprint identification excerpta medica asia boatbuilders australia african american in black history url auction auto garden state australian plant pond colonial rule of africa automated link program reciprocal relevant links asian ladyboy movie gallery norton antivirus 2003 software eaton vance asian small companies asia carrera pic tgp.glamourmodelsgonebad.com aprenticeships australia http mccaffrey antivirus cyberscrub antivirus review african wildlife fund inpress magazine australia automatic best coffee maker what is hip dysplasia in dogs african hand drumming index poem written by african american auto sales winnies sitemap commonweath bank of australia antivirus scanner free download embajada de australia en colombia

Whitepapers

 * The OWASP Guide to Building Secure Web Applications


 * The Economic Impacts of Inadequate Infrastructure for Software Testing - http://www.nist.gov/director/prog-ofc/report02-3.pdf


 * Threats and Countermeasures: Improving Web Application Security - http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/threatcounter.asp


 * Use Cases: Just the FAQs and Answers - http://www-106.ibm.com/developerworks/rational/library/content/RationalEdge/jan03/UseCaseFAQS_TheRationalEdge_Jan2003.pdf

[[Category:FIXME|broken link


 * Security in the SDLC (NIST) - http://csrc.nist.gov/publications/nistpubs/800-64/NIST-SP800-64.pdf
 * Web Application Security is Not an Oxy-Moron, by Mark Curphey - http://www.sbq.com/sbq/app_security/index.html
 * The Security of Applications: Not All Are Created Equal - http://www.atstake.com/research/reports/acrobat/atstake_app_unequal.pdf
 * The Security of Applications Reloaded - http://www.atstake.com/research/reports/acrobat/atstake_app_reloaded.pdf

]]

Books

 * James S. Tiller: "The Ethical Hack: A Framework for Business Value Penetration Testing", Auerbach, ISBN: 084931609X


 * Susan Young, Dave Aitel: "The Hacker's Handbook: The Strategy behind Breaking into and Defending Networks", Auerbach, ISBN: 0849308887


 * Secure Coding, by Mark Graff and Ken Van Wyk, published by OâReilly, ISBN 0596002424(2003) - http://www.securecoding.org


 * Building Secure Software: How to Avoid Security Problems the Right Way, by Gary McGraw and John Viega, published by Addison-Wesley Pub Co, ISBN 020172152X (2002) - http://www.buildingsecuresoftware.com


 * Writing Secure Code, by Mike Howard and David LeBlanc, published by Microsoft Press, ISBN 0735617228 (2003) http://www.microsoft.com/mspress/books/5957.asp


 * Innocent Code: A Security Wake-Up Call for Web Programmers, by Sverre Huseby, published by John Wiley & Sons, ISBN 0470857447(2004) - http://innocentcode.thathost.com


 * Exploiting Software: How to Break Code, by Gary McGraw and Greg Hoglund, published by Addison-Wesley Pub Co, ISBN 0201786958 (2004) -http://www.exploitingsoftware.com


 * Secure Programming for Linux and Unix HOWTO, David Wheeler (2004) - http://www.dwheeler.com/secure-programs


 * Mastering the Requirements Process, by Suzanne Robertson and James Robertsonn, published by Addison-Wesley Professional, ISBN 0201360462 - http://www.systemsguild.com/GuildSite/Robs/RMPBookPage.html


 * The Unified Modeling Language â A User Guide - http://www.awprofessional.com/catalog/product.asp?product_id=%7B9A2EC551-6B8D-4EBC-A67E-84B883C6119F%7D


 * Web Applications (Hacking Exposed) by Joel Scambray and Mike Shema, published by McGraw-Hill Osborne Media, ISBN 007222438X


 * Software Testing In The Real World (Acm Press Books) by Edward Kit, published by Addison-Wesley Professional, ISBN 0201877562 (1995)


 * Securing Java, by Gary McGraw, Edward W. Felten, published by Wiley, ISBN 047131952X (1999) - http://www.securingjava.com


 * Beizer, Boris, Software Testing Techniques, 2nd Edition, Â© 1990 International Thomson Computer Press, ISBN 0442206720

[[Category:FIXME|broken links, I left them above


 * Building Secure Software: How to Avoid Security Problems the Right Way, by Gary McGraw and John Viega, published by Addison-Wesley Pub Co, ISBN 020172152X (2002) - http://www.buildingsecuresoftware.com


 * Writing Secure Code, by Mike Howard and David LeBlanc, published by Microsoft Press, ISBN 0735617228 (2003) http://www.microsoft.com/mspress/books/5957.asp


 * The Unified Modeling Language â A User Guide - http://www.awprofessional.com/catalog/product.asp?product_id=%7B9A2EC551-6B8D-4EBC-A67E-84B883C6119F%7D

]]

Useful Websites

 * OWASP â http://www.owasp.org


 * SANS - http://www.sans.org


 * Secure Coding â http://www.securecoding.org


 * Secure Coding Guidelines for the .NET Framework  - http://msdn.microsoft.com/security/securecode/bestpractices/default.aspx?pull=/library/en-us/dnnetsec/html/seccodeguide.asp


 * Security in the Java platform â  http://java.sun.com/security


 * OASIS WAS XML â http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=was