Web Application Security: Exploitation and Countermeasures for Modern Web Applications
內容描述
Web Application Security will present timeless security concepts (from both an offensive and defensive standpoint) in a format that any software engineer can absorb. Readers will be able to write significantly more secure code by the end of this book. Additionally, for those interested in the more offensive elements of web application security, this book will provide a solid foundation from which they can rapidly move toward becoming an expert hacker.
作者介紹
Andrew Hoffman is a product security lead at Salesforce.com, where he is responsible for the security of multiple JavaScript, NodeJS, and OSS teams. His expertise is in deep DOM and JavaScript security vulnerabilities. He has worked with every major browser vendor, as well as with TC39 and WHATWG ? the organizations responsible for the upcoming version of JavaScript and the browser DOM spec.
Prior to this role, Andrew was a software security engineer working on Locker Service, the world's first JavaScript namespace isolation library that operates from the interpreter level up. In parallel, Andrew also contributed to the upcoming JavaScript language security feature "Realms," which provides language level namespace isolation to JavaScript.