Top 10 2007-References

Revision as of 08:18, 23 March 2009 by KirstenS (talk | contribs) (OWASP Projects)

Jump to: navigation, search
«««« Main

OWASP Projects

OWASP is the premier site for web application security. The OWASP site hosts many projects, forums, blogs, [[:Category:OWASP_Presentations|presentations], tools, and papers. OWASP hosts two major web application security conferences per year, and has over 80 local chapters.

The following OWASP projects are most likely to be useful:


By necessity, this is not an exhaustive list. Use these references to find the appropriate area in your local bookstore and pick a few titles (including potentially one or more of the following) that suit your needs:

  • [ALS1] Alshanetsky, I. “php|architect's Guide to PHP Security”, ISBN 0973862106
  • [BAI1] Baier, D., “Developing more secure ASP.NET 2.0 Applications”, ISBN 978-0-7356-2331-6
  • [GAL1] Gallagher T., Landauer L., Jeffries B., "Hunting Security Bugs", Microsoft Press, ISBN 073562187X
  • [GRO1] Fogie, Grossman, Hansen, Rager, “Cross Site Scripting Attacks: XSS Exploits and Defense”, ISBN 1597491543
  • [HOW1] Howard M., Lipner S., "The Security Development Lifecycle", Microsoft Press, ISBN 0735622140
  • [SCH1 Schneier B., “Practical Cryptography”, Wiley, ISBN 047122894X
  • [SHI1] Shiflett, C., “Essential PHP Security”, ISBN 059600656X
  • [WYS1] Wysopal et al, The Art of Software Security Testing: Identifying Software Security Flaws, ISBN 0321304861

Web Sites

«««« Main