[Owasp-leaders] Need A Reference: "Must Read" Application Security Book

John Wilander john.wilander at owasp.org
Sat Mar 10 14:33:28 UTC 2012


+1 for the Tangled Web if you mean *web* app sec.

The OWASP books are nice since they're free.

Another way of approaching appsec is to read the OWASP Top 10 document and
follow its links. I don't think all cheat sheets are linked there yet so
you'd want to add those. Not a book, but a good read.

   /John

2012/3/9 Erlend Oftedal <Erlend.Oftedal at bekk.no>

>   The highly recommend Michal Zalewski's "Tangled web". As an intro to
> web app sec I normally recommend "Innocent code" by Sverre Huseby. "Web
> application hacker's handbook" is also a good read.
>
> Erlend
>
> Sent from my phone
>  ------------------------------
> From: Zaki Akhmad
> Sent: 09.03.2012 04:14
> To: owasp-leaders at lists.owasp.org
> Subject: [Owasp-leaders] Need A Reference: "Must Read" Application
> Security Book
>
>  Hi all,
>
> I need a reference on a "must read" application security book. I know
> there are a lot of application security books out there, but I need to
> know, your opinion on the "must read" one and what makes it a must
> read. Thanks a lot!
>
> Regards,
> --
> Zaki Akhmad
> OWASP Indonesia Chapter Leader
> http://www.owasp.org/index.php/Indonesia
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>


-- 
John Wilander, https://twitter.com/johnwilander
Chapter co-leader OWASP Sweden, http://owaspsweden.blogspot.com
Conf Comm, http://www.owasp.org/index.php/Global_Conferences_Committee
My music http://www.johnwilander.com & my résumé http://johnwilander.se
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20120310/25aafbd6/attachment.html>


More information about the OWASP-Leaders mailing list