Web Application Security
While many resources for network and IT security are available, detailed knowledge regarding modern web application security has been lacking - until now. This practical guide provides both offensive and defensive security concepts that software engineers can easily learn and apply. Andrew Hoffman, a senior security engineer at Salesforce, introduces three pillars of web application security: recon, offense, and defense. You'll learn methods for effectively researching and analyzing modern web applications - including those you don't have direct access to. You'll also learn how to break into web applications using the latest hacking techniques. Finally, you'll learn how to develop mitigations for use in your own web applications to protect against hackers. Explore common vulnerabilities plaguing today's web applications; Learn essential hacking techniques attackers use to exploit applications; Map and document web applications for which you don't have direct access; Develop and d ...
While many resources for network and IT security are available, detailed knowledge regarding modern web application security has been lacking - until now. This practical guide provides both offensive and defensive security concepts that software engineers can easily learn and apply. Andrew Hoffman, a senior security engineer at Salesforce, introduces three pillars of web application security: recon, offense, and defense. You'll learn methods for effectively researching and analyzing modern web applications - including those you don't have direct access to. You'll also learn how to break into web applications using the latest hacking techniques. Finally, you'll learn how to develop mitigations for use in your own web applications to protect against hackers. Explore common vulnerabilities plaguing today's web applications; Learn essential hacking techniques attackers use to exploit applications; Map and document web applications for which you don't have direct access; Develop and d ...
Beginning Ballerina Programming
Discover the Ballerina programming language for next-generation microservices and cloud-native application development. This book shows you that Ballerina is a cutting-edge programming language which incorporates many of the latest technological advancements in programming language theory. You'll learn variables and types, modules and functions, flow control, error handling, concurrency, I/O, cloud/network programming, persistence and data access, security and more. Additionally, Beginning Ballerina Programming introduces many foundation computer science topics along the way and doesn't assume much prior knowledge. For example, when introducing transport-level security, you will get a brief introduction to public-key cryptography, how it is different from private-key cryptography, and why it is needed. This provides an added bonus for you to learn something new and general in computer science. After reading and using this book, you'll be proficient with Ballerina and cloud-firs ...
Discover the Ballerina programming language for next-generation microservices and cloud-native application development. This book shows you that Ballerina is a cutting-edge programming language which incorporates many of the latest technological advancements in programming language theory. You'll learn variables and types, modules and functions, flow control, error handling, concurrency, I/O, cloud/network programming, persistence and data access, security and more. Additionally, Beginning Ballerina Programming introduces many foundation computer science topics along the way and doesn't assume much prior knowledge. For example, when introducing transport-level security, you will get a brief introduction to public-key cryptography, how it is different from private-key cryptography, and why it is needed. This provides an added bonus for you to learn something new and general in computer science. After reading and using this book, you'll be proficient with Ballerina and cloud-firs ...
Cloud Native Data Center Networking
If you want to study, build, or simply validate your thinking about modern cloud native data center networks, this is your book. Whether you're pursuing a multitenant private cloud, a network for running machine learning, or an enterprise data center, author Dinesh Dutt takes you through the steps necessary to design a data center that's affordable, high capacity, easy to manage, agile, and reliable. Ideal for network architects, data center operators, and network and containerized application developers, this book mixes theory with practice to guide you through the architecture and protocols you need to create and operate a robust, scalable network infrastructure. The book offers a vendor-neutral way to look at network design. For those interested in open networking, this book is chock-full of examples using open source software, from FRR to Ansible. In the context of a cloud native data center, you'll examine: Clos topology; Network disaggregation; Network operating system choi ...
If you want to study, build, or simply validate your thinking about modern cloud native data center networks, this is your book. Whether you're pursuing a multitenant private cloud, a network for running machine learning, or an enterprise data center, author Dinesh Dutt takes you through the steps necessary to design a data center that's affordable, high capacity, easy to manage, agile, and reliable. Ideal for network architects, data center operators, and network and containerized application developers, this book mixes theory with practice to guide you through the architecture and protocols you need to create and operate a robust, scalable network infrastructure. The book offers a vendor-neutral way to look at network design. For those interested in open networking, this book is chock-full of examples using open source software, from FRR to Ansible. In the context of a cloud native data center, you'll examine: Clos topology; Network disaggregation; Network operating system choi ...
Java Cookbook, 4th Edition
Java continues to grow and evolve, and this cookbook continues to evolve in tandem. With this guide, you'll get up to speed right away with hundreds of hands-on recipes across a broad range of Java topics. You'll learn useful techniques for everything from string handling and functional programming to network communication. Each recipe includes self-contained code solutions that you can freely use, along with a discussion of how and why they work. If you're familiar with Java basics, this cookbook will bolster your knowledge of the language and its many recent changes, including how to apply them in your day-to-day development. This updated edition covers changes through Java 12 and parts of 13 and 14. Recipes include: Blade, Laravel's powerful custom templating tool; Methods for compiling, running, and debugging; Packaging Java classes and building applications; Manipulating, comparing, and rearranging text; Regular expressions for string and pattern matching; Handling numbers, ...
Java continues to grow and evolve, and this cookbook continues to evolve in tandem. With this guide, you'll get up to speed right away with hundreds of hands-on recipes across a broad range of Java topics. You'll learn useful techniques for everything from string handling and functional programming to network communication. Each recipe includes self-contained code solutions that you can freely use, along with a discussion of how and why they work. If you're familiar with Java basics, this cookbook will bolster your knowledge of the language and its many recent changes, including how to apply them in your day-to-day development. This updated edition covers changes through Java 12 and parts of 13 and 14. Recipes include: Blade, Laravel's powerful custom templating tool; Methods for compiling, running, and debugging; Packaging Java classes and building applications; Manipulating, comparing, and rearranging text; Regular expressions for string and pattern matching; Handling numbers, ...
Using and Administering Linux: Volume 1
Become a Linux sysadmin and expert user of Linux, even with no previous Linux experience and learn to manage complex systems with ease. Volume 1 of this three volume training course introduces operating systems in general and Linux in particular. It briefly explores the The Linux Philosophy for SysAdmins in preparation for the rest of the course. This book provides you with the tools necessary for mastering user management; installing, updating, and deleting software; and using command line tools to do performance tuning and basic problem determination. You'll begin by creating a virtual network and installing an instance of Fedora - a popular and powerful Linux distribution - on a VirtualBox VM that can be used for all of the experiments on an existing Windows or Linux computer. You'll then move on to the basics of using the Xfce GUI desktop and the many tools Linux provides for working on the command line including virtual consoles, various terminal emulators, BASH, and other shel ...
Become a Linux sysadmin and expert user of Linux, even with no previous Linux experience and learn to manage complex systems with ease. Volume 1 of this three volume training course introduces operating systems in general and Linux in particular. It briefly explores the The Linux Philosophy for SysAdmins in preparation for the rest of the course. This book provides you with the tools necessary for mastering user management; installing, updating, and deleting software; and using command line tools to do performance tuning and basic problem determination. You'll begin by creating a virtual network and installing an instance of Fedora - a popular and powerful Linux distribution - on a VirtualBox VM that can be used for all of the experiments on an existing Windows or Linux computer. You'll then move on to the basics of using the Xfce GUI desktop and the many tools Linux provides for working on the command line including virtual consoles, various terminal emulators, BASH, and other shel ...
Using and Administering Linux: Volume 2
Experience an in-depth exploration of logical volume management and the use of file managers to manipulate files and directories and the critical concept that, in Linux, everything is a file and some fun and interesting uses of the fact that everything is a file. This book builds upon the skills you learned in Volume 1 of this course and it depends upon the virtual network and virtual machine created there. More experienced Linux users can begin with this volume and download the assigned script that will set up the VM for the start of Volume 2. Instructions with the script will provide specifications for configuration of the virtual network and the virtual machine. Refer to the volume overviews in the book's introduction to select the volume of this course most appropriate for your current skill level. You'll see how to manage and monitor running processes, discover the power of the special filesystems, monitor and tune the kernel while it is running - without a reboot. You'll th ...
Experience an in-depth exploration of logical volume management and the use of file managers to manipulate files and directories and the critical concept that, in Linux, everything is a file and some fun and interesting uses of the fact that everything is a file. This book builds upon the skills you learned in Volume 1 of this course and it depends upon the virtual network and virtual machine created there. More experienced Linux users can begin with this volume and download the assigned script that will set up the VM for the start of Volume 2. Instructions with the script will provide specifications for configuration of the virtual network and the virtual machine. Refer to the volume overviews in the book's introduction to select the volume of this course most appropriate for your current skill level. You'll see how to manage and monitor running processes, discover the power of the special filesystems, monitor and tune the kernel while it is running - without a reboot. You'll th ...
Chaos Engineering
As more companies move toward microservices and other distributed technologies, the complexity of these systems increases. You can't remove the complexity, but through Chaos Engineering you can discover vulnerabilities and prevent outages before they impact your customers. This practical guide shows engineers how to navigate complex systems while optimizing to meet business goals. Two of the field's prominent figures, Casey Rosenthal and Nora Jones, pioneered the discipline while working together at Netflix. In this book, they expound on the what, how, and why of Chaos Engineering while facilitating a conversation from practitioners across industries. Many chapters are written by contributing authors to widen the perspective across verticals within (and beyond) the software industry. Learn how Chaos Engineering enables your organization to navigate complexity; Explore a methodology to avoid failures within your application, network, and infrastructure; Move from theory to practic ...
As more companies move toward microservices and other distributed technologies, the complexity of these systems increases. You can't remove the complexity, but through Chaos Engineering you can discover vulnerabilities and prevent outages before they impact your customers. This practical guide shows engineers how to navigate complex systems while optimizing to meet business goals. Two of the field's prominent figures, Casey Rosenthal and Nora Jones, pioneered the discipline while working together at Netflix. In this book, they expound on the what, how, and why of Chaos Engineering while facilitating a conversation from practitioners across industries. Many chapters are written by contributing authors to widen the perspective across verticals within (and beyond) the software industry. Learn how Chaos Engineering enables your organization to navigate complexity; Explore a methodology to avoid failures within your application, network, and infrastructure; Move from theory to practic ...
Graph Algorithms
Learn how graph algorithms can help you leverage relationships within your data to develop intelligent solutions and enhance your machine learning models. With this practical guide, developers and data scientists will discover how graph analytics deliver value, whether they're used for building dynamic network models or forecasting real-world behavior. Mark Needham and Amy Hodler from Neo4j explain how graph algorithms describe complex structures and reveal difficult-to-find patterns - from finding vulnerabilities and bottlenecks to detecting communities and improving machine learning predictions. You'll walk through hands-on examples that show you how to use graph algorithms in Apache Spark and Neo4j, two of the most common choices for graph analytics. Learn how graph analytics reveal more predictive elements in today's data; Understand how popular graph algorithms work and how they're applied; Use sample code and tips from more than 20 graph algorithm examples; Learn which alg ...
Learn how graph algorithms can help you leverage relationships within your data to develop intelligent solutions and enhance your machine learning models. With this practical guide, developers and data scientists will discover how graph analytics deliver value, whether they're used for building dynamic network models or forecasting real-world behavior. Mark Needham and Amy Hodler from Neo4j explain how graph algorithms describe complex structures and reveal difficult-to-find patterns - from finding vulnerabilities and bottlenecks to detecting communities and improving machine learning predictions. You'll walk through hands-on examples that show you how to use graph algorithms in Apache Spark and Neo4j, two of the most common choices for graph analytics. Learn how graph analytics reveal more predictive elements in today's data; Understand how popular graph algorithms work and how they're applied; Use sample code and tips from more than 20 graph algorithm examples; Learn which alg ...
PCI DSS
Gain a broad understanding of how PCI DSS is structured and obtain a high-level view of the contents and context of each of the 12 top-level requirements. The guidance provided in this book will help you effectively apply PCI DSS in your business environments, enhance your payment card defensive posture, and reduce the opportunities for criminals to compromise your network or steal sensitive data assets. Businesses are seeing an increased volume of data breaches, where an opportunist attacker from outside the business or a disaffected employee successfully exploits poor company practices. Rather than being a regurgitation of the PCI DSS controls, this book aims to help you balance the needs of running your business with the value of implementing PCI DSS for the protection of consumer payment card data. Applying lessons learned from history, military experiences (including multiple deployments into hostile areas), numerous PCI QSA assignments, and corporate cybersecurity and InfoS ...
Gain a broad understanding of how PCI DSS is structured and obtain a high-level view of the contents and context of each of the 12 top-level requirements. The guidance provided in this book will help you effectively apply PCI DSS in your business environments, enhance your payment card defensive posture, and reduce the opportunities for criminals to compromise your network or steal sensitive data assets. Businesses are seeing an increased volume of data breaches, where an opportunist attacker from outside the business or a disaffected employee successfully exploits poor company practices. Rather than being a regurgitation of the PCI DSS controls, this book aims to help you balance the needs of running your business with the value of implementing PCI DSS for the protection of consumer payment card data. Applying lessons learned from history, military experiences (including multiple deployments into hostile areas), numerous PCI QSA assignments, and corporate cybersecurity and InfoS ...
DevSecOps for .NET Core
Automate core security tasks by embedding security controls and processes early in the DevOps workflow through DevSecOps. You will not only learn the various stages in the DevOps pipeline through examples of solutions developed and deployed using .NET Core, but also go through open source SDKs and toolkits that will help you to incorporate automation, security, and compliance. The book starts with an outline of modern software engineering principles and gives you an overview of DevOps in .NET Core. It further explains automation in DevOps for product development along with security principles to improve product quality. Next, you will learn how to improve your product quality and avoid code issues such as SQL injection prevention, cross-site scripting, and many more. Moving forward, you will go through the steps necessary to make security, compliance, audit, and UX automated to increase the efficiency of your organization. You'll see demonstrations of the CI phase of DevOps, on-prem ...
Automate core security tasks by embedding security controls and processes early in the DevOps workflow through DevSecOps. You will not only learn the various stages in the DevOps pipeline through examples of solutions developed and deployed using .NET Core, but also go through open source SDKs and toolkits that will help you to incorporate automation, security, and compliance. The book starts with an outline of modern software engineering principles and gives you an overview of DevOps in .NET Core. It further explains automation in DevOps for product development along with security principles to improve product quality. Next, you will learn how to improve your product quality and avoid code issues such as SQL injection prevention, cross-site scripting, and many more. Moving forward, you will go through the steps necessary to make security, compliance, audit, and UX automated to increase the efficiency of your organization. You'll see demonstrations of the CI phase of DevOps, on-prem ...