RE: Inspecting Code for Security

From: Aleksander P. Czarnowski (alekc_at_avet.com.pl)
Date: 09/23/04

  • Next message: Richard Rager: ""Selling" a code-audit and politics"
    To: "Yvan Boily" <yboily@seccuris.com>
    Date: Thu, 23 Sep 2004 18:38:48 +0200
    
    

    > -----Original Message-----
    > From: Yvan Boily [mailto:yboily@seccuris.com]
    > Pick up John Viega and Gary Mcgraw's Building Secure Software..
    While this is great book it is very unix-centric which might be an important drawback in case on application based on Microsoft technologies (on the other hand many MS technologies related issues had been addressed in Writing Secure Code). You can see it best in chapters that describe exploitation of buffer overflow. Nevertheless together with Secure Coding this is great book.
    Just my 2 cents,
    Best Regards,
    Aleksander Czarnowski
    AVET INS


  • Next message: Richard Rager: ""Selling" a code-audit and politics"