The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.01 - January/February (2008 vol.6)
pp: 71-73
Michael Howard , Microsoft
ABSTRACT
The author discusses the basic skills a security expert should learn, including design, development, and tester skills, to thwart attackers.
INDEX TERMS
security, learning about security, Basic Training
CITATION
Michael Howard, "Becoming a Security Expert", IEEE Security & Privacy, vol.6, no. 1, pp. 71-73, January/February 2008, doi:10.1109/MSP.2008.3
REFERENCES
1. M. Howard, "Mitigate Security Risks by Minimizing the Code You Expose to Untrusted Users," MSDN Magazine: The Microsoft Journal for Developers, Nov. 2004; http://msdn.microsoft.com/msdnmag/issues/ 04/11/AttackSurfacedefault.aspx.
2. Microsoft Security Bulletin MS06-034, "Vulnerability in Microsoft Internet Information Services Using Active Server Pages Could Allow Remote Code Execution,"11 July 2006; www.microsoft.com/technet/security/Bulletin MS06-034.mspx.
3. Microsoft Security Bulletin MS04-030, "Vulnerability in WebDAV XML Message Handler Could Lead to a Denial of Service,"12 Oct. 2004; www.microsoft.com/technet/security/Bulletin MS04-030.mspx.
4. M. Howard, "A Security Lesson that Transcends Programming Language and Operating System Religion,"22 June 2007; http://blogs.msdn.com/sdl/archive/2007/06/ 22a-security-lesson-that-transcends-programming-language-and-operating-system-religion.aspx .
5. M. Howard, "A Process for Performing Security Code Reviews," IEEE Security &Privacy, vol. 4, no. 4, 2006, pp. 74–79.
6. S. Lambert, "Fuzz Testing at Microsoft and the Triage Process,"20 Sept. 2007; http://blogs.msdn.com/sdl/archive/2007/09/ 20fuzz-testing-at-microsoft-and-the-triage-process.aspx .
7. J. Whittaker, "Testing in the SDL,"24 May 2007; http://blogs.msdn.com/sdl/archive/2007/05/ 24testing-in-the-sdl.aspx.
8. J. Whittaker, "Reliability vs. Security,"7 Dec. 2007; http://blogs.msdn.com/sdl/archive/2007/12/ 07reliability-vs-security.aspx.
17 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool