Web Application Defender's Cookbook

Купить бумажную книгу и читать

Название: Web Application Defender's Cookbook

Издательство:Wiley;

Автор: Ryan C. Barnett

Год: (December 10, 2012

Количество страниц:552

Язык:English

Формат: pdf

Размер:14,6 Mb

Web Application Defender’s Cookbook: Battling Hackers and Protecting Users

Provides practical tactics for detecting web attacks and malicious behavior and defending against them

Written by a preeminent authority on web application firewall technology and web application defense tactics

Offers a series of “recipes” that include working code examples for the open-source ModSecurity web application firewall module

Defending your web applications against hackers and attackers

The top-selling book Web Application Hacker’s Handbook showed how attackers and hackers identify and attack vulnerable live web applications. This new Web Application Defender’s Cookbook: Battling Hackers and Protecting Users is the perfect counterpoint to that book: it shows you how to defend. Authored by a highly credentialed defensive security expert, this new book details defensive security methods and can be used as courseware for training network security personnel, web server administrators, and security consultants.

Find the tools, techniques, and expert information you need to detect and respond to web application attacks with Web Application Defender’s Cookbook: Battling Hackers and Protecting Users.

Each “recipe” shows you a way to detect and defend against malicious behavior and provides working code examples for the ModSecurity web application firewall module. Topics include identifying vulnerabilities, setting hacker traps, defending different access points, enforcing application flows, and much more.

Provides practical tactics for detecting web attacks and malicious behavior and defending against them

Written by a preeminent authority on web application firewall technology and web application defense tactics

Offers a series of “recipes” that include working code examples for the open-source ModSecurity web application firewall module

Find the tools, techniques, and expert information you need to detect and respond to web application attacks with Web Application Defender’s Cookbook: Battling Hackers and Protecting Users.

From the Back Cover

100+ recipes to improve your defenses

Are your web applications secure? Do you know how to lock down new web applications when they are placed into production? Do you know if attackers are trying to break into your site and steal data or cause other harm? The solutions in this book provide answers to these critical questions and increase your ability to thwart malicious activity within your web applications.

Each recipe includes background data explaining how the attack works, an ingredients list, and step-by-step directions. You’ll learn how to prepare for attacks, analyze web transactions for malicious activity, and respond with the best solutions. ModSecurity, a versatile, open source web application firewall module for Apache, Microsoft IIS, and Nginx web server platforms, is used to demonstrate each defensive technique.

Learn to:

Implement full HTTP auditing for incident response

Utilize virtual patching processes to remediate identified vulnerabilities

Deploy web tripwires (honeytraps) to identify malicious users

Detect when users are acting abnormally

Analyze uploaded files and web content for malware

Recognize when web applications leak sensitive user or technical data

Respond to attacks with varying levels of force

Defending your web applications against hackers and attackers

The top-selling book Web Application Hacker’s Handbook showed how attackers and hackers identify and attack vulnerable live web applications. This new Web Application Defender’s Cookbook: Battling Hackers and Protecting Users is the perfect counterpoint to that book: it shows you how to defend. Authored by a highly credentialed defensive security expert, this new book details defensive security methods and can be used as courseware for training network security personnel, web server administrators, and security consultants.