EUR 54,68
  • Tous les prix incluent la TVA.
Il ne reste plus que 9 exemplaire(s) en stock (d'autres exemplaires sont en cours d'acheminement).
Expédié et vendu par Amazon. Emballage cadeau disponible.
Quantité :1
Bulletproof SSL and TLS a été ajouté à votre Panier
Vous l'avez déjà ?
Repliez vers l'arrière Repliez vers l'avant
Ecoutez Lecture en cours... Interrompu   Vous écoutez un extrait de l'édition audio Audible
En savoir plus
Voir les 2 images

Bulletproof SSL and TLS (Anglais) Broché – 31 juillet 2014


Voir les formats et éditions Masquer les autres formats et éditions
Prix Amazon
Neuf à partir de Occasion à partir de
Broché
"Veuillez réessayer"
EUR 54,68
EUR 51,68 EUR 72,12

Offres spéciales et liens associés


Descriptions du produit

Extrait

Ivan Ristic is a security researcher, engineer, and author, known especially for his contributions to the web application firewall field and development of ModSecurity, an open source web application firewall, and for his SSL/TLS and PKI research, tools and guides published on the SSL Labs web site. He is the author of two books, Apache Security and ModSecurity Handbook, which he publishes via Feisty Duck, his own platform for continuous writing and publishing. Ivan is an active participant in the security community and you'll often find him speaking at security conferences such as Black Hat, RSA, OWASP AppSec, and others. He's currently Director of Application Security Research at Qualys. Revue de presse (commentaires, reviews) : "The most comprehensive book about deploying TLS in the real world!" Nasko Oskov, Chrome Security developer and former SChannel developer "Meticulously researched." Eric Lawrence, Fiddler author and former Internet Explorer Program Manager "The most to the point and up to date book about SSL/TLS I've read." Jakob Schlyter, IT security advisor and DANE co-author

Aucun appareil Kindle n'est requis. Téléchargez l'une des applis Kindle gratuites et commencez à lire les livres Kindle sur votre smartphone, tablette ou ordinateur.

  • Apple
  • Android
  • Windows Phone
  • Android

Pour obtenir l'appli gratuite, saisissez votre adresse e-mail ou numéro de téléphone mobile.




Détails sur le produit


En savoir plus sur l'auteur

Ivan Ristic is a security researcher, engineer, and author, known especially for his contributions to the web application firewall field and development of ModSecurity, an open source web application firewall, and for his SSL/TLS and PKI research, tools and guides published on the SSL Labs web site. He is the author of two books, Apache Security and ModSecurity Handbook, which he publishes via Feisty Duck, his own platform for continuous writing and publishing.

Ivan is an active participant in the security community and you'll often find him speaking at security conferences such as Black Hat, RSA, OWASP AppSec, and others. He's currently Director of Application Security Research at Qualys.

Dans ce livre

(En savoir plus)
Parcourir les pages échantillon
Couverture | Copyright | Table des matières | Extrait | Index | Quatrième de couverture
Rechercher dans ce livre:

Commentaires en ligne

Il n'y a pas encore de commentaires clients sur Amazon.fr
5 étoiles
4 étoiles
3 étoiles
2 étoiles
1 étoiles

Commentaires client les plus utiles sur Amazon.com (beta)

Amazon.com: HASH(0x94843204) étoiles sur 5 27 commentaires
6 internautes sur 6 ont trouvé ce commentaire utile 
HASH(0x944efcb4) étoiles sur 5 Must read book for developers, administrators, and security folks. 29 novembre 2014
Par Ilya Grigorik - Publié sur Amazon.com
Format: Broché
Comprehensive, thorough, and an engaging book -- a rare combination, especially for a field that is mired in jargon and subtle but critical technical insights. Imagine sitting down with an expert for a (long) cup of coffee, and getting and end-to-end story on SSL/TLS: the history of the protocol, how it works, what all the options mean, attacks and mitigations, performance and security best practices, and more. Best of all, everything is explained in approachable english, with lots of examples, citations, and tips.

If you've ever ran the Qualys SSL Test on your site (if you haven't, definitely give it a try), and felt overwhelmed by all the output, then this book is the explainer you've been looking for. By the time you're done, you'll know what all the checks are, why the tool is recommending particular configurations, and how you can go about addressing them on your servers.

The future of the internet is TLS everywhere, and this is a must read guide for developers, administrators, and security folks alike.
6 internautes sur 7 ont trouvé ce commentaire utile 
HASH(0x969710d8) étoiles sur 5 Comprehensive, Practical, and Accurate 15 septembre 2014
Par Eric Lawrence - Publié sur Amazon.com
Format: Broché
This is *the* HTTPS book to buy, whether you're a web developer, IT administrator, security researcher, or computer science student.

Author Ivan Ristic's meticulously-researched book covers every important aspect of HTTPS, from cryptography, to public key infrastructure, to deployment and operations. Weighing in at a hefty 506 pages, it's unlikely that you'll read this book as I did, from cover-to-cover, so the author thoughtfully crafted the book with distinct sections so you can easily start with the content most important to your needs before (or instead of) reading anything else.

For security enthusiasts, there's excellent coverage of all of the major attacks against TLS and PKI over the last decade or so, from CA compromise to TLS protocol attacks like BEAST, CRIME, Lucky 13, and more. This book serves as an excellent resource on each of these attacks-- how they operate, and how to mitigate against them.

Web developers charged with keeping their sites fast as they move to HTTPS will appreciate nearly 30 pages of content on optimizing HTTPS for both the network and CPU, and fantastic coverage of OpenSSL will help you navigate the many functions of that powerful toolchain, even if your servers are running on other technologies. Thoughtful coverage on the tradeoffs between high security and interoperability problems is found in every chapter, to help you make the right decisions for your site's needs.

One of the best features about this book is its breadth of platform coverage; unlike many guides that cover only one particular implementation, Bulletproof SSL and TLS covers all of the major platforms including thorough sections on OpenSSL, Apache, Java/Tomcat, IIS, and Nginx, with comments and footnotes about more obscure platforms as appropriate.

The web is full of outdated, inaccurate, and conflicting information about how to configure and deploy HTTPS properly, which makes this book an invaluable reference which will remain on my desk for years to come.
3 internautes sur 3 ont trouvé ce commentaire utile 
HASH(0x96971150) étoiles sur 5 Excellent book which needs a new title! 5 avril 2015
Par ViolentMetaphor - Publié sur Amazon.com
Format: Broché Achat vérifié
The title makes it sound like a boring sysadmin book on setting up HTTPS sites. I think it is better described as a book which gives you the context and history of PKI and SSL/TLS in terms of implementation, attacks and mitigations. Oh and it also has a section on sysadmin and some programming in the latter half of the book. For me, the first 200 pages is worth the price of admission. That's the kind of information that people get by doing hands on investigation, research and staying current in the field.

As a software engineer, I read a lot of technical books. It's rare to see a book like this which combines so many different elements into a cohesive book. It could be split up into 2 books: one on the history/context of the development and vulnerabilities of SSL/TLS and another on using OpenSSL, configuring certs and servers. I'm glad it's all one book so I only need to recommend one! There aren't many books like this on the market on any topic. It's rare to see someone cover the basics of the theory, summary of attacks and mitigations, and trade-offs with deploying in the real world.

The book's binding and paper is great as well. If you properly break in the book, it will lie flat all the way from page 30 onward. I didn't have any problems reading it on a bed. I read this cover to cover in part of a weekend. It was a quick, fun and informative read. After reading this, you should be ready to dive into the RFCs.

My criticism is light. I don't think the wikipedia references have much value. Everyone knows you can search for things. I think using the URL shortener links are annoying. What happens when your server goes down? And I wish there was a quick reference appendix at the end which summarizes recommended future reading. There were some book recommendations throughout the book and a summary of important RFCs. It would be nice to have that all in one place.
3 internautes sur 4 ont trouvé ce commentaire utile 
HASH(0x944efedc) étoiles sur 5 Correct details in one place 26 septembre 2014
Par Wolt - Publié sur Amazon.com
Format: Broché
This book is outstanding. Without it, one would have to navigate through a large quantity of unrelated documentation from different companies and spend significant effort in piecing it together.
This covers the role of SSL and TLS in every system and how they connect to each-other through algorithms and certificates, what different changes do, and when/why you should make them.
After reading, systems run smoother and in a more controlled manner because I am able to make specific adjustments that I otherwise would not have known.
1 internautes sur 1 ont trouvé ce commentaire utile 
HASH(0x96971618) étoiles sur 5 The Game of Thrones for technical readers 25 juin 2015
Par Anonymous - Publié sur Amazon.com
Format: Broché Achat vérifié
If you're involved with technology on any level, encryption is here to stay and it's only going to get more complicated. Somehow Ivan wrote a real page turner that can be used as both a point of reference and read from cover to cover with ease. Every page reveals more about what I don't know and anyone experienced in the industry will appreciate the feeling as you can't fix what you don't know is broke (yourself - before reading this book).
Ces commentaires ont-ils été utiles ? Dites-le-nous


Commentaires

Souhaitez-vous compléter ou améliorer les informations sur ce produit ? Ou faire modifier les images?