Palisade Magazine

Review

If you have read a Head First book, you will be very comfortable with Head Rush Ajax. Visual metaphors, humor and surprise in these books engage the reader thoroughly. Having heard the buzzword called AJAX, you may be eager to learn it quickly. This unpretentious book is just right for you. … more →

Book: Wireless Hacks, 2nd Edition

in May 2006

This time, we are departing from our tradition of doing software book reviews. ‘Wireless Hacks’ doesn’t focus on security either. But we want you to read some of the most interesting books we have flipped through.… more →

Tool: Source Code Analysis Suite

in April 2006

We are seeing a lot of application attacks recently. Most of the vulnerabilities being exploited are a result of insecure coding. The need of the hour is secure code in applications. For applications still in the design or coding stage, developers can follow secure coding guidelines. But what about applications those are already in use? Time to call in the source code detective.… more →

Book: Software Security : Building Security In

in February 2006

We discuss Gary McGraw’s excellent book on the philosophy of software security and how it is present in all stages of the software development lifecycle. A must read for software managers.… more →

Book: Programming .NET Components, 2nd Edition

in January 2006

Its component based approach is one reason Microsoft .NET is so widely used - and there are a number of books on this topic. But none explain the concepts in such easy and clear language as Juval Lowy’s Programming .Net Components. Now in its second edition, this book has earned the reputation of a classic.… more →

Book: Essential PHP Security

in December 2005

Due to its simplicity and ease of deployment, the popularity of the PHP programming language in web development has soared in the last few years. But PHP developers, for long, have overlooked security issues when creating PHP web applications. This book by Chris Shiflett explains the essential techiniques in coding for a PHP web application.… more →

Book: Inside the Spam Cartel

in September 2005

This is a fascinating book on the workings of the spam industry. Written by an insider, it provides excellent information on how spammers create spam, bypass spam filters and get their spam mails read.… more →

Book: Apache Security

in August 2005

According to Netcraft’s August 2005 Web Server Survey, 70% of the websites use the Apache web server. They will benefit from this book.… more →

in July 2005

Chris Shiflett’s “HTTP Developer’s Handbook” is an excellent place to learn the innards of the HTTP protocol for security testers.… more →

Website: SQLSecurity.com

in June 2005

If you design applications that access MS SQL Server or are responsible for maintaining SQL Server, then SQLSecurity.com is the go-to site for you. Started in 1999 by Chip Andrews (the co-author of “SQL Server Security”), the site has grown in content answering your questions on securing SQL Server databases, and then some more. … more →

Website: Technical Info

in May 2005

One of our favourite websites on application security, Technical Info hosts a large collection of papers by Gunter Ollman. Here’s an introduction to the website.… more →

Book: Code Complete, 2^nd Ed.

in April 2005

We take a look at the “Code Complete” book by Steve McConnell on software construction and guidelines to write good softwares… more →

Website: Microsoft Security Developer Center

in March 2005

We take a look at a Microsoft website dedicated to Application Security for Windows developers — Microsoft Security Developer Center… more →

in December 2004

We take a look at “The Shellcoder’s Handbook” by Jack Koziol, David Litchfield, et al on finding and exploiting buffer overflow vulnerabilities… more →

Book: How to Break Software Security

in November 2004

We take a look at the “How to Break Software Security” book by James A. Whittaker & Herbert H. Thompson on software security testing and attack techniques… more →

Book: Know Your Enemy, 2^nd Ed.

in October 2004

We take a look at the “Know Your Enemy” book by the HoneyNet project on the motives and techniques of black hats… more →

Book: Writing Secure Code, 2^nd Ed.

in September 2004

We take a look at the “Writing Secure Code, 2^nd Ed” book by Michael Howard & David LeBlanc on safe programming practices and guidelines security principles and threat modeling… more →

Book: Threat Modeling

in August 2004

We take a look at “Threat Modeling” by Frank Swiderski, Window Snyder on the structured approach of analysing security threats.… more →

Book: Secure Coding: Principles & Practices

in July 2004

We take a look at “Secure Coding: Principles & Practices” by Mark G. Graff and Kenneth R. van Wyk on essential principles of developing secure software … more →

Search this website

Write To Us

All flowers, brickbats and suggestions are welcome. You can put in yours on the feedback page.