Candle Web Host

75% of attacks targeted against specific systems are aimed against the web application itself; not the operating system or network. While current security technologies and practices are aimed for the operating system and network, the custom developed software that runs the web application is the most exposed portion of any website, and often the most vulnerable. This book defines Web application security, why it should be addressed earlier in the lifecycle in development and quality assurance, and how it differs from other types of Internet security. Additionally, the book examines the procedures and technologies that are essential to developing, penetration testing and releasing a secure Web application. Through a review of recent Web application breaches, the book will expose the prolific methods hackers use to execute Web attacks using common vulnerabilities such as SQL Injection, Cross-Site Scripting and Buffer Overflows in the application layer. By taking an in-depth look at the techniques hackers use to exploit Web applications, readers will be better equipped to protect confidential.
Customer Review: Just not quite the book it promises to be
More recent books on web application security are welcomed. The publication date of 2006 suggests it might fall into that category.

A revolution in developing software is coming and it’s called the .NET Framework. This broad Microsoft strategy opens doors to exciting new concepts such as Web services, which deliver the software you create as services that dish out data via XML over the Net. ASP.NET and ADO.NET are key elements to this new approach, improving the efficiency of Web page coding and database access respectively. Programming Data-Driven Web Applications with ASP.NET provides an excellent introduction to this brave new world of database-driven Web development for seasoned and novice programmers alike.

The book dives into ASP.NET with a breakdown of its new features such as server side controls and event handling, Web services and session state management. It then clearly points out the advantages of ADO.NET–interoperability, a strong-typed programming model, higher disconnected performance, and better scalability. Readers will learn about managed providers and get a tutorial on ANSI SQL and the nitty gritty of database access. Plenty of example code is presented in both Visual Basic.NET and C#.

The book explains how XML and SOAP–the protocol for exchanging XML data–work together as the transmission mechanism behind the scenes of .NET applications. The centerpiece of this new architecture is the Web services feature, and this text covers this powerful Web-callable interface well. ASP.NET and ADO.NET require somewhat of a new programming mindset from previous coding platforms, but this easy-to-read tutorial provides an easy entry point. –Stephen W. Plain

Topics covered: .NET overview, ADO.NET managed providers, data binding, DataGrid control, templates, Web form server controls, validation controls, editing and filtering data, XML and SOAP, BLOB uploading and displaying, Web services, authentication, data caching, ASP.NET reference, and ADO.NET reference.
Customer Review: Great ASP.net book
Its a great book. I was able to use this book right away for my work. Covers ADO.net a must have in your library.