This book is intended for application developers, system administrators and operators, as well as networking professionals who need a comprehensive top-level view of web application security in order to better defend and protect both the ‘web’ and the ‘application’ against potential attacks. This book examines the most common, fundamental attack vectors and shows readers the defence techniques used to combat them.

• Cover
• Web Application Security is a Stack
• Title Page
• Copy Page
• ABOUT THE AUTHOR
• ACKNOWLEDGEMENTS
• Contents
• Chapter 1: Introduction
• The modern threat
• CYA: Cover Your Apps
• Chapter 2: Attack Surface
• The web application security stack
• Application: Platform
• Application: Logic
• Application: Data
• Chapter 3: Threat Vectors
• Threat vector: Data
• Threat vector: Protocols
• Threat vector: Availability
• Chapter 4: Threat Mitigation
• The three Cs of application security
• Inbound threat mitigation
• Outbound threat mitigation
• Chapter 5: Conclusion
• ITG Resources