Logo - springer
Slogan - springer

Computer Science - Security and Cryptology | The Manager's Guide to Web Application Security - A Concise Guide to the Weaker Side of the Web

The Manager's Guide to Web Application Security

A Concise Guide to the Weaker Side of the Web

Lepofsky, Ron

2014, XX, 232 p. 11 illus.

A product of Apress
Available Formats:

Springer eBooks may be purchased by end-customers only and are sold without copy protection (DRM free). Instead, all eBooks include personalized watermarks. This means you can read the Springer eBooks across numerous devices such as Laptops, eReaders, and tablets.

You can pay for Springer eBooks with Visa, Mastercard, American Express or Paypal.

After the purchase you can directly download the eBook file or read it online in our Springer eBook Reader. Furthermore your eBook will be stored in your MySpringer account. So you can always re-download your eBooks.


ISBN 978-1-4842-0148-0

digitally watermarked, no DRM

The eBook version of this title will be available soon

learn more about Springer eBooks

add to marked items


Softcover (also known as softback) version.

You can pay for Springer Books with Visa, Mastercard, American Express or Paypal.

Standard shipping is free of charge for individual customers.


(net) price for USA

ISBN 978-1-4842-0149-7

free shipping for individuals worldwide

usually dispatched within 3 to 5 business days

add to marked items

    • offers concise format to get reader into decision mode sooner
    • brief format offers ready advice and mitigating tactics for many security vulnerabilities
    • cuts through the hype and offers real world guidance on what is and isn't truly a security problem

The Manager's Guide to Web Application Security is a concise, information-packed guide to application security risks every organization faces, written in plain language, with guidance on how to deal with those issues quickly and effectively. Often, security vulnerabilities are difficult to understand and quantify because they are the result of intricate programming deficiencies and highly technical issues. Author and noted industry expert Ron Lepofsky breaks down the technical barrier and identifies many real-world examples of security vulnerabilities commonly found by IT security auditors, translates them into business risks with identifiable consequences, and provides practical guidance about mitigating them.

The Manager's Guide to Web Application Security describes how to fix and prevent these vulnerabilities in easy-to-understand discussions of vulnerability classes and their remediation. For easy reference, the information is also presented schematically in Excel spreadsheets available to readers for free download from the publisher’s digital annex. The book is current, concise, and to the point—which is to help managers cut through the technical jargon and make the business decisions required to find, fix, and prevent serious vulnerabilities.

Content Level » Popular/general

Related subjects » Security and Cryptology

Table of contents 

1. Understanding IT Security Risks

2. Types of Web Application Security Testing

3. Web Application Vulnerabilities and the Damage They Can Cause

4. Web Application Vulnerabilities and Countermeasures

5. How to Build Preventative Countermeasures for Web Application Vulnerabilities

6. How to Manage Security on Applications Written by Third Parties

7. Integrating Compliance with Web Application Security

8. How to Create a Business Case Cost for Web Application Security

9. Parting Thoughts

A. COBIT 5 for Information Security

B. Experian EI3PA Security Audit

C. ISO/IEC 17799:2005 and the ISO/IEC 27000:2014 Series

D. North American Energy Council Security Standard for Critical Infrastructure Protection (NERC CIP)

E. NIST 800 Guidelines

F. Payment Card Industry (PCI) Data Security Standard

G. Sarbanes-Oxley Security Compliance Requirements

H. Sources of Information

Popular Content within this publication 



Read this Book on Springerlink

Services for this book

New Book Alert

Get alerted on new Springer publications in the subject area of Data Encryption.