July 2004: Book Review
Secure Coding: Principles & Practices
Author(s): Mark G. Graff, Kenneth R. van Wyk
Publisher: O'Reilly
ISBN: 0-596-00242-4
In this slim volume, Mark G. Graff and Kenneth R. van Wyk present the essential principles for developing secure software. Without getting into the nitty gritties of code, (the book has less than 7 pages of code), the book lays out the broad issues software developers need to understand. Using the Software Development Life Cycle as a frame of reference, the authors show how risks can be mitigated at each stage of a software’s life cycle. The section on constructing a mental model and a security metaphor for the product during the Design stage is one of my favourites. The advice is practical, and the prose lucid. If you’re in a hurry to understand the important issues in software security, then this book is worth the read.
Discuss this review —
there are no reader comments yet.
Add yours.