Features
- Cover Type: Paperback with 426 pages
- Published by: McGraw-Hill/OsborneMedia
- Edition: 1st Edition September 24, 2002
- Written in: English
- ISBN 10 Number: 0072225653
- ISBN 13 Number: 978-0072225655
-
Book Dimensions:
9.2 x 7.9 x 1 inches
- Weighs: 1.6 pounds
Book Description
Written in the same exciting and informative style as the international blockbuster
Hacking Exposed, this book provides comprehensive coverage of the tools and techniques for testing and correcting J2EE and Java security issues. Includes examples of J2EE attacks and countermeasures, risk ratings throughout the chapters and case studies.
Book Info
Provides comprehensive coverage of the tools and techniques for testing and correcting J2EE and Java security issues. Includes examples of J2EE attacks and countermeasures, risk ratings throughout the chapters and case studies. Softcover.
Reader Reviews
If this book had been titled differently, I would have had no reason for complaint: it gives a good introduction to Java Security, and how to deploy it in various forms. But it *is* titled 'Hacking Exposed'. That is now taken to be an indication of a particular approach to security, ... The blurb acknowledges it: 'The proven Hacking Exposed methodology' is the first thing mentioned under 'What You Learn'. And I bought this title without second thought -- I have nothing but praise for the previous books, and expected to find the same approach and the same quality here. In this book you find a lot of information on prevention, but very little on actual vulnerabilities. As a result the message is far less urgent. If I can demonstrate a 'hack' the message gets across very quickly: we have to do something about it now. But if all I can do is point to a text that says 'attackers can potentially attach a debugger to our application and watch the code as it runs', urgency is gone. There's another point there as well: 'our application'. Those words probably sum up the difference from, say, 'Hacking Exposed Web Applications'. This book is not from the point of view of the hacker that the previous books used so well to get their message across. This is 'we', protecting our assets from a considerably more nebulous hacker than has appeared earlier. The difference is the same as between an actual security incident on one hand, and the report of a threat analysis on the other. In short, this is not a Hacking Exposed book. It's a Java Security Exposed book. As such it probably merits four stars. But ... as it is marketed as a Hacking Exposed book, and, in my opinion, doesn't live up to the expectations that goes with that trademark, I'm afraid I can't give any rating at all. (1 star seems to be the lowest possible, so that is what I give it.) I'll be very careful about purchasing the next red book with "Hacking Exposed" all over the front cover. I just might find that I have bought 'Hacking Exposed - ISO 17799'.
Comment | |
(Report this)
Search for books at
