Author Spotlight
The OWASP Foundation Book Store
OWASP Testing Guide By OWASP Foundation
Paperback: $14.85
Ships in 3-5 business days
(2 Ratings)
The OWASP Testing Guide (2009 Version 3.0) includes a "best practice" penetration testing framework which users can implement in their own organizations and a "low level"... More > penetration testing guide that describes techniques for testing most common web application and web service security issues. OWASP Testing Guide v3 is a 349 page book; we have split the set of active tests in 9 sub-categories for a total of 66 controls to test during the Web Application Testing activity. For more information, please check out the project home page at OWASP Testing Guide V3.0 Project.< Less
OWASP Top 10 2013 By OWASP Foundation
Paperback: $9.70
Ships in 3-5 business days
(1 Ratings)
2013 revision of the OWASP Top 10 book. Please visit our website, www.owasp.org for details on this and other OWASP projects
Securing WebGoat using ModSecurity By OWASP Foundation
Paperback: $8.75
Ships in 3-5 business days
(1 Ratings)
The purpose of this project is to create custom Modsecurity rulesets that, in addition to the Core Set, will protect WebGoat 5.1 from as many of its vulnerabilities as possible (the goal is 90%)... More > without changing one line of source code. To ensure that it will be a complete 'no touch' on WebGoat and its environment, ModSecurity will be configured on Apache server as a remote proxy server. For those vulnerabilities that cannot be prevented (partially or not at all), I will document my efforts in attempting to protect them. Business logic vulnerabilities will be particularly challenging to solve. For more information, please check out the project home page at OWASP Securing WebGoat using ModSecurity Project.< Less
OWASP Backend Security By OWASP Foundation
Paperback: $10.45
Ships in 3-5 business days
(1 Ratings)
This project aims to improve and to collect the existent information about the backend security. The project is composed by three sections (security development, security hardening and security... More > testing). The aim is to define the guidelines for the companies and IT professionals working in the security field into processes development and back-end components management/testing in the enterprise architecture. For more information, please check out the project home page at OWASP Backend Security Project.< Less
AppSensor Guide By OWASP Foundation
Paperback: List Price: $14.16 $8.50 | You Save: 40%
Ships in 3-5 business days
(3 Ratings)
The AppSensor Project defines a conceptual technology-agnostic framework and methodology that offers guidance to implement intrusion detection and automated response into software applications. This... More > OWASP guide describes the concept, how to make it happen, and includes illustrative case studies, demonstration implementations and full reference materials.< Less
OWASP Codes of Conduct By OWASP Foundation
Paperback: $11.22
Ships in 3-5 business days
(1 Ratings)
The OWASP Application Security Codes of Conduct set out to define a set of minimal requirements for other organizations specifying the most effective ways they could support OWASP's mission. There... More > are six codes - for Government Bodies, for Educational Institutions, for Standards Groups, for Trade Organizations, for Certifying Bodies and for Development Organizations.< Less
OWASP Code Review By OWASP Foundation
Paperback: $11.35
Ships in 3-5 business days
(7 Ratings)
The Code Review Guide is currently at release version 1.1 and the second best selling OWASP book in 2008. Many positive comments have been feedback regarding this initial version and believe... More > it’s a key enabler for the OWASP fight against software insecurity. It has even inspired individuals to build tools based on its information. The combination of a book on secure code review and tools to support such an activity is very powerful as it gives the developer community a place to start regarding secure application development. Going forward I hope to further integrate with the ASVS and other guides such as the testing and ASDR guides shall be perfromed for version 2.0. For more information, please check out the project home page at OWASP Code Review Guide V1.1.< Less
OWASP CLASP v1.2 By OWASP
Paperback: $20.61
Ships in 3-5 business days
(1 Ratings)
No description supplied
Software Assurance Maturity Model (SAMM) By OpenSAMM Project
Paperback: $24.70
Ships in 3-5 business days
(2 Ratings)
Full color version. The Software Assurance Maturity Model (SAMM) is an open framework to help organizations formulate and implement a strategy for software security that is tailored to the specific... More > risks facing the organization. The resources provided by SAMM will aid in: (1) Evaluating an organization’s existing software security practices, (2) Building a balanced software security program in well-defined iterations, (3) Demonstrating concrete improvements to a security assurance program, and (4) Defining and measuring security-related activities within an organization. SAMM was defined with flexibility in mind such that it can be utilized by small, medium, and large organizations using any style of development. Additionally, this model can be applied organization-wide, for a single line-of-business, or even for an individual project.< Less
Software Assurance Maturity Model (SAMM) [B&W] By OpenSAMM Project
Paperback: $7.90
Ships in 3-5 business days
(1 Ratings)
Monochrome page content only. The Software Assurance Maturity Model (SAMM) is an open framework to help organizations formulate and implement a strategy for software security that is tailored to the... More > specific risks facing the organization. The resources provided by SAMM will aid in: (1) Evaluating an organization’s existing software security practices, (2) Building a balanced software security program in well-defined iterations, (3) Demonstrating concrete improvements to a security assurance program, and (4) Defining and measuring security-related activities within an organization. SAMM was defined with flexibility in mind such that it can be utilized by small, medium, and large organizations using any style of development. Additionally, this model can be applied organization-wide, for a single line-of-business, or even for an individual project. NB Also available in full color (recommended).< Less