Building secure software : how to avoid security problems the right way / John Viega, Gary McGraw ; foreword by Bruce Schneier.

It's All about the Software -- Dealing with Widespread Security Failures -- Bugtraq -- CERT Advisories -- RISKS Digest -- Technical Trends Affecting Software Security -- The 'ilities -- What Is Security? -- Isn't That Just Reliability? -- Penetrate and Patch Is Bad -- On Art and Engineering -- Security Goals -- Prevention -- Traceability and Auditing -- Monitoring -- Privacy and Confidentiality -- Multilevel Security -- Anonymity -- Authentication -- Integrity -- Know Your Enemy: Common Software Security Pitfalls -- Software Project Goals -- Managing Software Security Risk -- An Overview of Software Risk Management for Security -- The Role of Security Personnel -- Software Security Personnel in the Life Cycle -- Deriving Requirements -- Risk Assessment -- Design for Security -- Implementation -- Security Testing -- A Dose of Reality -- Getting People to Think about Security -- Software Risk Management in Practice -- When Development Goes Astray -- When Security Analysis Goes Astray -- The Common Criteria -- Selecting Technologies -- Choosing a Language -- Choosing a Distributed Object Platform -- CORBA -- DCOM -- EJB and RMI -- Choosing an Operating System -- Authentication Technologies -- Host-Based Authentication -- Physical Tokens -- Biometric Authentication -- Cryptographic Authentication -- Defense in Depth and Authentication -- On Open Source and Closed Source -- Security by Obscurity -- Reverse Engineering -- Code Obfuscation -- Security for Shrink-Wrapped Software -- Security by Obscurity Is No Panacea

Donated by Kemal Bıçakcı