0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Secure Software Development

You're reading from Secure Software Development Learn to analyze and mitigate risks in your software projects

Product type Paperback

Published in Mar 2024

Publisher Packt

ISBN-13 9781835462836

Length 262 pages

Edition 1st Edition

Concepts

Application Development

Author (1):

Aspen Olmsted

View More author details

Table of Contents (20) Chapters

Preface

1. Part 1: Modeling a Secure Application FREE CHAPTER

2. Chapter 1: Security Principles

3. Chapter 2: Designing a Secure Functional Model

4. Chapter 3: Designing a Secure Object Model

5. Chapter 4: Designing a Secure Dynamic Model

6. Chapter 5: Designing a Secure System Model

7. Chapter 6: Threat Modeling

8. Part 2: Mitigating Risks in Implementation

9. Chapter 7: Authentication and Authorization

10. Chapter 8: Input Validation and Sanitization

11. Chapter 9: Standard Web Application Vulnerabilities

12. Chapter 10: Database Security

13. Part 3: Security Validation

14. Chapter 11: Unit Testing

15. Chapter 12: Regression Testing

16. Chapter 13: Integration, System, and Acceptance Testing

17. Chapter 14: Software Penetration Testing

18. Index

Why subscribe?

19. Other Books You May Enjoy

Request forgery

Cross-Site Request Forgery (CSRF), is a web security vulnerability that occurs when an attacker fools the browser into doing an unwanted action on a third-party trusted site. The user is authenticated on the third-party site, and the CSRF attack exploits that authentication. One of the most infamous CSRF attacks occurred in 2008 and targeted the WordPress blogging application. The attack is known as the “Samy Worm” because Samy Kamkar created it.

Here’s an overview of CSRF and preventive measures:

CSRF attack scenario:
- An attacker tricks a user into loading a page that contains a malicious request
- The malicious request is crafted to act on a target site where the user is authenticated (e.g., changing account settings or making a purchase)
- Since the user is authenticated on the target site, the browser includes the user’s session cookie in the request, making it appear legitimate to the target site
- The target site unknowingly processes...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at R$50/month. Cancel anytime

Authors (1)

Aspen Olmsted

Aspen Olmsted

Aspen Olmsted is an associate professor and program director at Wentworth Institute of Technology in the Computer Science department. He obtained a Ph.D. in Computer Science and Engineering from The University of South Carolina. Before his academic career, he was CEO of Alliance Software Corporation. Alliance Software developed N-Tier enterprise applications for the performing arts and humanities market. Dr Olmsted's research focus is on the development of algorithms and architectures for distributed enterprise solutions that can guarantee security and correctness while maintaining high-availability. In his Secure Data Engineering Lab, Aspen mentors over a dozen graduate and undergraduate students each year.

See other products by Aspen Olmsted

Personalised recommendations for you

Based on your interests and search pattern

Pragmatic Microservices with C# and Azure

Pragmatic Microservices with C# and Azure

This book empowers you with in-depth knowledge of microservices architecture using .NET and Azure. Through hands-on tutorials, you'll be able to build, deploy, and manage scalable applications, gaining crucial skills for modern software development.

May 2024 16h 56m

Pragmatic Microservices with C# and Azure

Pragmatic Microservices with C# and Azure

This book empowers you with in-depth knowledge of microservices architecture using .NET and Azure. Through hands-on tutorials, you'll be able to build, deploy, and manage scalable applications, gaining crucial skills for modern software development.

May 2024 16h 56m

Pragmatic Microservices with C# and Azure

Pragmatic Microservices with C# and Azure

This book empowers you with in-depth knowledge of microservices architecture using .NET and Azure. Through hands-on tutorials, you'll be able to build, deploy, and manage scalable applications, gaining crucial skills for modern software development.

May 2024 16h 56m

Pragmatic Microservices with C# and Azure

Pragmatic Microservices with C# and Azure

This book empowers you with in-depth knowledge of microservices architecture using .NET and Azure. Through hands-on tutorials, you'll be able to build, deploy, and manage scalable applications, gaining crucial skills for modern software development.

May 2024 16h 56m

Pragmatic Microservices with C# and Azure

Pragmatic Microservices with C# and Azure

This book empowers you with in-depth knowledge of microservices architecture using .NET and Azure. Through hands-on tutorials, you'll be able to build, deploy, and manage scalable applications, gaining crucial skills for modern software development.

May 2024 16h 56m

Pragmatic Microservices with C# and Azure

Pragmatic Microservices with C# and Azure

This book empowers you with in-depth knowledge of microservices architecture using .NET and Azure. Through hands-on tutorials, you'll be able to build, deploy, and manage scalable applications, gaining crucial skills for modern software development.

May 2024 16h 56m

Pragmatic Microservices with C# and Azure

Pragmatic Microservices with C# and Azure

This book empowers you with in-depth knowledge of microservices architecture using .NET and Azure. Through hands-on tutorials, you'll be able to build, deploy, and manage scalable applications, gaining crucial skills for modern software development.

May 2024 16h 56m

Pragmatic Microservices with C# and Azure

Pragmatic Microservices with C# and Azure

This book empowers you with in-depth knowledge of microservices architecture using .NET and Azure. Through hands-on tutorials, you'll be able to build, deploy, and manage scalable applications, gaining crucial skills for modern software development.

May 2024 16h 56m

Pragmatic Microservices with C# and Azure

Pragmatic Microservices with C# and Azure

This book empowers you with in-depth knowledge of microservices architecture using .NET and Azure. Through hands-on tutorials, you'll be able to build, deploy, and manage scalable applications, gaining crucial skills for modern software development.

May 2024 16h 56m

Pragmatic Microservices with C# and Azure

Pragmatic Microservices with C# and Azure

This book empowers you with in-depth knowledge of microservices architecture using .NET and Azure. Through hands-on tutorials, you'll be able to build, deploy, and manage scalable applications, gaining crucial skills for modern software development.

May 2024 16h 56m

Mastering Python Design Patterns

Mastering Python Design Patterns

Unlock the power of design patterns to build maintainable and scalable software and applications using Python. Authored by Python veterans, this book is your guide to mastering design patterns in Python.

May 2024 9h 52m

Mastering Python Design Patterns

Mastering Python Design Patterns

Unlock the power of design patterns to build maintainable and scalable software and applications using Python. Authored by Python veterans, this book is your guide to mastering design patterns in Python.

May 2024 9h 52m