Web Application Security

Andrew Hoffman works at Salesforce.com as a senior product security engineer, where he is in charge of the security of numerous JavaScript, NodeJS, and OSS teams. His specialization is in deep DOM and JavaScript security flaws.

While there are several resources on network and IT security, specific knowledge of modern web application security has been lacking—until now. Among the best books on cryptography, Web Application Security teaches software engineers both offensive and defensive security techniques that are simple to learn and practice.

Salesforce's Andrew Hoffman, a senior security engineer, outlines three pillars of online application security: recon, offense, and defense. You'll learn how to conduct successful research and analysis on modern web apps, particularly ones to which you don't have direct access. You'll also learn how to use cutting-edge hacking techniques to get access to web apps. Finally, you'll learn how to create mitigations for usage in your own online apps to keep hackers out.

• Investigate the most frequent vulnerabilities affecting today's online apps.
• Learn the main hacking techniques used by attackers to exploit apps.
• Document and map web applications to which you do not have direct access.
• Create and deploy bespoke exploits that can circumvent typical defenses.
• Create and implement mitigations to safeguard your applications from hackers.
• Integrate best practices for secure coding throughout your development lifecycle.
• Learn practical techniques for improving the overall security of your web apps.

Author: Andrew Hoffman

Link to buy: https://www.amazon.com/Web-Application-Security-Exploitation-Countermeasures/dp/1492053112/

Ratings: 4.4 out of 5 stars (from 103 reviews)

Best Sellers Rank: #71,902 in Books

#15 in Mobile App Development & Programming

#21 in Web Services

#31 in Web Encryption