<< 1 >>
Rating: 
Summary: neat little book
Review: Just as the network security Hacknote (the first in the series), this one delivers what is promises. The book provides a nice well-written, fairly comprehensive review of web application security. It also manages to balance attacks and defenses, technology and methodology, tools and concepts, breadth and depth (as appropriate for the 180 page book). The book is very useful as a refresher or to move one step further in web security for a busy security professional who already knows the basics. The book obviously won't make you an expert (as likely no book will) and likely won't reveal any novel attacks to "hardened" web security types. I liked the book, since it came handy when I needed to look up some web security items. The information is available elsewhere, but it was present in this book in a well-packaged form. Hacknotes also contains a nice "reference center" with the summary of web hacking methodology as well as some tricks to try while doing the testing/attacking. Anton Chuvakin, Ph.D., GCIA, GCIH is a Senior Security Analyst with a major information security company. His areas of infosec expertise include intrusion detection, UNIX security, forensics, honeypots, etc. In his spare time, he maintains his security portal info-secure.org
<< 1 >>
| 
