Building Secure Software: How to Avoid Security Problems the Right Way

The first 6 chapters can be read and understood by programmers and managment alike. The first 6 chapters should be required reading for any security professional or manager. They discuss software engineering and how vulnerabilities creep into the software. The remainder of the book is geared towards secure coding technques. The techniques discussed can be applied to most languages and many languages are discussed, however, the slant here is towards C.

All of the helpful code samples are available at the book's web site. This 2-year old text will be relevant for years to come. It's easy to read overall, but I found it a bit dry in a couple of spots. This book deserves 5 stars for relevance and author knowledge and 3 for price. I read it cover to cover and enjoyed it. I've found it useful as a reference on occasion after the read.

Rating:
Summary: The definitive book on writing secure code
Review: Twenty years into the client-server revolution and seven years into the Internet revolution, we are just now seeing a book on how to write secure software. That's astounding given the number of computer security books in (and out of) print and the importance of secure software--the foundation of information technology. In fact, poorly written software causes the bulk of computer problems today.

This fine work captures the essence of that problem. The authors emphasize that software written without security in mind will always be insecure. Security is often brought into the development process too late in the game, and systems are becoming increasingly complex and therefore commensurately difficult to secure.

Because this book is filled with practical matters such as choice of technology, open source versus closed source, and client-side security, companies with software developers on their staff will find this seminal work to be indispensable.

Rating:
Summary: It's about time!
Review: Viega and McGraw have finally written the book that the technical
community has been clamoring for. This is a refershing view of how to
build secure systems from two of the world's leading experts. Their risk
management approach to security is a central theme throughout the book.
Whether it's avoiding buffer overflows in your code, or understanding
component integration and interaction, this book offers readers a
comprehensive, hype-free guide. The authors demonstrate that
understanding and managing risks is an important component to any
systems project. This well written book is a must read for anyone
interested in designing, building, or managing systems.

Rating:
Summary: Exposes top problems and gives a framework for closing them
Review: What makes this book so important is that the authors provide an analysis of the major problems with all software, and give a collection of techniques with which to address the recurring problems, such as buffer overflows, access control exposures, randomness flaws and other security-related defects. They do not attempt to provide specific solutions. Instead they raise an awareness of the common problems, discuss the underlying causes, and give a framework with which developers can use as the basis for developing secure software.

Key points of this book that I found especially useful include:
(1) Even treatment of commercial and open source software. I found this refreshing because there are two camps, Microsoft developers and open source advocates, each of which criticize the other. Yes, Microsoft has a bad reputation for security, but the open source faction has its own challenges, and the authors show the strengths and weaknesses of each in an objective manner.
(2)Surprises, such as documented cases of peer reviews that failed. I am an advocate of this technique, yet a case where a flawed, two-line piece of code that was extensively reviewed by literally thousands of reviewers and readers of a technical publication slipped by without notice for a long time.
(3) The ten guiding principles for software security encapsulate the essence of building secure software. This list and the discussion of each principle should be required reading for every architect, developed and QA engineer.Chapter 1 (Introduction to Software Security) and Chapter 6 (Auditing Software) give a framework for security and a methodical approach to quality assurance. These, in my opinion, are the heart of the book.

In addition to software security from a developer's point of view, this book also addresses other areas that need to be closely examined in order to achieve a solid security posture. In particular I liked Chapter 14, which covers database security, especially the treatment of statistical attacks. If you're a DBA this alone will make the book worth buying because despite the most careful design of views and access controls you may still be vulnerable in surprising ways. The chapters on Client-side security and firewall issues are also filled with excellent information, as is Appendix A (Cryptography Basics).

The authors have imparted the sum of their extensive experience in this book. It's up to you to take that experience and apply it. The book's accompanying website adds further value. I also recommend Writing Secure Code by Michael Howard and David Leblanc, which was written after this book, and complements it well. Both books are much-needed additions to the body of knowledge for developing secure software.

Rating:
Summary: Response from an author
Review: While it may not be very cool to review your own book, this isn't really a review, it's a response to a negative criticism that got posted as a review. The main point of the review is that we don't discuss social engineering. That claim leads me to believe that the reviewer did not read the book, as we discuss social engineering to a fair bit of length, as a quick browse of the index would have shown.

A thesis of the book is that security should be about risk management. Social engineering is a risk. It's not the biggest risk; insider attacks usually are (but I'd say it's often second).

I'm sorry, but for the more technical audience we're trying to reach, they're not really interested in hearing endless horror stories about social engineering. The strategies for defending against them are relatively simple, and presented in our book. We don't need to devote an entire tome to it; there is lots of more technical material to discuss.

Most amusingly, you shrug off the book as worthless, then recommend a book by Bruce Schneier. Did you notice that he endorses the content of the book so much that he wrote the Foreword? I doubt you even picked the book off the shelf.

Reviewer, I assert you did not read the book; you simply have a grudge. I would ask you to actually read the book, be even-headed in doing so, and then ammend your review. At that point, I will remove mine.

If you still don't like it, but have honest, fair criticisms, that is okay by me. I'll still remove my review. However, I refuse to be bashed for not covering material that we cover, especially when a 30 second scan of the book would have shown your claims to be meritless.