[Book-Review] The Myths of Security: What the Computer Security Industry Doesn't Want You to Know

This book written by John Viega is meant mainly for non-security IT professionals and technical savvy people. The author highlighted his thoughts on - why AV fails, why we might get 0wned though we make safe caution against threat, why https fails, why IDS sucks, why CaptCha sucks, why responsible disclosure isn't responsible, why application security hasn't been achieved or won't be achieved  for always.

With the price of used book at $7.36~, it's worth to learn ideas from someone who have been in IT Security for many years and have written several security books (Building security softwares, Secure Programming Cookboook, 19 deadly sins of software,...etc). 


Popular posts from this blog

XSS: Gaining access to HttpOnly Cookie in 2012

secure configurations for Laravel - The PHP Framework

HttpOnly Session ID in URL and Page Body | Cross Site Scripting