You think your data is safe, your website secured, your code foolproof.... think again. If you haven't read this book, probably none of the above are true. This book is written with a hacker's mind. It reveals and elaborates on the most common and not so common volnurabilities of computer and web applications. I am glad I read this book and used the information to plug the holes at a client's web application, so when one of their laptops was later compromised, no harm was done to their data or IT infrastructure.

I am happy with this book, it helped me quickly with all possible security options with Microsoft C++ and little bit of .NET framework. The book drills well enough on the Microsoft specific implementation guidelines for authentication, authorization, cryptographic options, database connectivity etc. It helps most part, but the book is weak on security options related to XML Web services particularly technologies related to WS-Security and Passport (Identity federation options). I am not a Microsoft developer so I do understand the security holes with every Microsoft application..(never heard of a Java virus), so I always wondered why the authors did'nt suggest to secure their own applications from redmond. If you are a C# developer, I am sure you will like it...and it certainly worth a buy.

Every professional developer should read this book, period!

This book provides a great overview of what techniques are important when writing secure applications, and what pitfalls to avoid. The book does a good job at making a point through examples and by explaining possible exploits.

This book tries to cover a lot of ground. Most of the things discussed are for C++ developers. However, most of the things discussed are of general interest no matter what language one develops with.

I found myself wishing that the book covered a bit more about my development environment of choice: Visual Studio .NET. As mentioned above, I found all the content very interesting and applicable, but I think it would be good to have more than one chapter covering .NET specifically. I do realize however, that this book was first written before .NET. Perhaps someone will dedicate a book completely to .NET ("Writing Secure .NET Code" anyone?).

This book provides a solid foundation and teaches developers what to look for. However, the book is written for developers and managers alike and does not cover tons of implementation details. I would recommend this book to everyone as a first book to read about secure application development. It is not the last book people should read however. There are a number of good books available for a variety of environments (including .NET) that discuss specific implementations of various security and privacy techniques. Get several of those books as well!

Bottom line: This is a great book. Developers must read it. No "ifs" and "buts". Once you are done with this one though, get other security books and keep on reading...

The title of the book is misleading to begin with. The book is not about writing secure code. It's about (1) not writing non-secure code and (2) using Windows specific security APIs.

(1) Not writing non-secure code. Covers several issues, some more obvious, like buffer overruns and validating user input, some more complex, like escaping URLs and socket security. I thought the book would teach me best practices about organizing code, as in "do like I do". Instead it goes like "don't do like I'm telling you".

(2) Using Windows security APIs. This is THE BEST part of the book. Gives you a very good overview about several different APIs, including ACLs, protecting sensitive data, securing DCOM and .NET code, excellent tips on installing programs etc. etc.

Keep in mind that this book is said to be used internally within Microsoft with "security pushes", with the audience of 8000 people, including not only developers of all levels, but managers as well, therefore the book is by definition a high level overview.

Sometimes the book feels like MS educational course. Ex. (tip on p.77) "I created the ... diagrams ... using ... Microsoft Visio Professional 2002". That's cool, but what does it have to do with security ?

Some topics should never be there. How about 3 pages of tips for a kernel driver writer ? It's a huge topic in itself and how many readers outside MS do this anyway ? Privacy issues are covered idealistically. Yeah, sure, if you put a specially crafted XML to the special place on your site, the users magically start trusting you... I'd better read about real situation with privacy, not how the government rules it to be. Oh, and how about 40 pages about cryptography ? Please...

The book tries to show you the security process with development and testing. I can easily see they use this process in Microsoft, with 8000 people. For a small team it's completely useless. How about using 4 (!) people for a code review ? Sure, upon reading this book you will know that security code review is a must (if you have enough resources). Didn't you know that before ?

The code samples are ugly. How about this: "... X is cool ... several pages of Perl (!) ... see what I mean ?". Ok, one of the authors admits to be a Perl fan, but how am I supposed to read through all this gibberish ? C(++) samples are not much better. May be they are fully functional and compilable and all, but please, they are huge and inconsistent in themselves.

All in all, 5 stars for Microsoft, 3 stars for the rest of the world.

This is an excellent book for any beginner to intermediate programmer who would like to know the hooks and corners of securing the code.

The book starts rather philosophically and for any one who read Steve Maguire's book this might seem like a bit boring. But the real meat wont come until the part 2 where the author takes straight dive into the coding with lots of examples. Some of the web related examples deserve double clapping just for the effort the examples are bringing out the case of bad-news. This got to open up any programmer's eye and any managers mouth (in shock! that is).

The author takes us mostly into the world of Windows and C/C++ and some what into .NET and managed code behavior and security lapses one can get easily into.

While I enjoyed this book thoroughly, I just could not give it 5 stars because of its bia towards Windows and .NET framework. This can be accompanied with Steve Maguire's excellent book on Writing Solid "C" Code.

For an expert this book only offers few bits of additional information. This might be the case as the author tried to address many facets of programming and didn't concentrate on one subject alone. Ideally this book can be made into a separate series of books each concentrating on a single topic of interest.

This book does a great job on showing you that security is not exactly a feature you add to your software, but should be a part of every single line of code you write.

The text is very clear and fun, providing an easy and productive reading. As the book is based in some problems and techniches encountered/developed on the security push made at Microsoft on early 2002, it is very practical and realistic.

Good reading for anyone trying to develop a better vision of software security.

I have bought this book hoping to write a secure web page but I could get more advice search the microsoft web page than the book. Not recommended if you r writing for the web.

I got this book for free from Microsoft, because our company became a Microsoft Partner. I must admit that at first I was a little bit sceptical about it, because afterall this book is published by Microsoft and they have this reputation of selling rather insecure software themselves. But after reading the first few sections I knew it was going to be a very good read.

The book explains in very clear language almost every aspect of secure programming and gives a good overview of all common security flaws that can (and will!) enter your programming code. You'll learn how to securely design, implement, test and deploy your programs. Ofcourse buffer overruns are handled (Public Enemy #1 according to the authors), but that's only the tip of the iceberg. The book does a great job by identifying and providing solutions to common security pitfalls. Topics that are handled include: database access, user privileges and Access Control, Cryptography, handling secret data, user input, encoding and internationalization, RPC, DCOM, DOS attacks, .NET and writing secure program documentation.

I recommend this book to every programmer out there, even if you're not programming for the Win32-platform. Don't let the fact that this is a Microsoft publication refrain you from buying this book. If you are serious about writing secure programs this is the book to get.

A pretty good book if you are not very familiar with security issues. It has a very good introductory on threat modeling concepts from software engineering point of view.

It does a good job alerting developers of potential risks in their day-to-day coding practices. Although this is achieved somtimes through blatant bluff.

When it comes down to the hardcore issues, the book just scratches the surface most of the time.

A typical software product manager's writing with some technical touch. This is said because of the quality of the sample code presented. If you have read Jeffrey Ritchter's book, you know what I mean.

The 2nd edition is even better than the first. According to the intro, the first edition came out before the Windows group security push, and the 2nd is based on experience from several other teams (SQL Server, Visual Studio and others) doing a similar security push. The expanded .NET section has some great tips!

...so I picked it up and flipped through it. It is packed with valueable (and useable!) information. This book seems so useful, I ordered myself a copy. Nothing else out there talks about how to write (and test) the security aspects of an application.

I have to admit to being somewhat skeptical about this book, but after reading 3/4 of it, my skepticism is gone. It's wonderfully written, full of practical advice to designing and building secure software.

I think the most useful chapter is on threat modelling, we're building such models for all our apps.

Say what you will about Microsoft,but this book is great! And, hopefully a sign of things to come from the company.

Say what you will about Microsoft, but at least they are trying to solve their security ills, and I can see why this book is required reading for all developers at the company. It's well written, well edited and full of really useful stuff about designing and building secure systems.

It covers all the stuff you'd expect and much more: buffer overruns and how to prevent them, as well as ACLs, least priv, crypto, managed code, tesing, threat analysis, sockets mistakes, installation, web issues and much more.

If Microsoft follows the guidelines in this book, the will succeed if their goal of trustworthy computing.

This is a wonderful book that covers things that are often glossed over in other security books. For instance, the coverage of access control lists, and the difficulties of controlling them, are well covered. I wish it had more information on the .NET Framework (there are I believe 2 chapters covering .NET security issues) but the editing is clean (something I am a bit of a finatic about) and the writing style is good enough to make this relatively dry topic an enjoyable read.

This is a must read for todays savvy devloper. Michael is obviously a talented individual who shares his insight in a simple no nonsense fashion. You can spend 10 yrs making all these mistakes and learning from them or just read this book! I have brought several for our department that have become well thumbed in only a few weeks.

As a newcomer to security issues in networked systems, I read this book going progressively whiter, realising that most code, my own included, had glaring invitations to the ill-adjusted individuals that get kicks from spreading malware and owning other people's computers to do me some damage. This changes everything. This book is the first toolbox I have ever encountered for giving developers a better than even chance against the hackers. More power to Howard and LeBlanc's elbows! Well done, gentlemen.

I bought this book after the *Bill Gates* email came out about Microsoft being serious about security. I figured that when he sends email like this to the company, it's important. And when **he recommends this book** in the email, it's something worth looking at. It is - Writing Secure Code is great. It's an easy read, full of great design, development and testing principles and ideas.

The first couple of chapters revolve around design, in fact ch2 is over 70pp long, and it's all about how to design secure systems.

The bulk of the book focuses on secure coding, including buffer overruns, sockets, RPC, COM, Crypto, canoniclization issues, least privilege, storing secret data, Web apps - and more!

The last part of the book discusses common .NET coding errors, and how to build security test plans.

What makes this book utterly unique is it really teaches you how to design and test secure applications, as well as how to write them. The design and test stuff I have seen nowhere else.

The book is worth every penny, and I now know why Bill Gates recommends the book to all Microsoft developers.

This book tells you the nuts and bolts of secure programming in great detail and explained real well.

I especially enjoy the anecdotes, the authors obviously know their stuff and have plenty of experience!

This book covers real-world-apps and how to build them based on threats and common security coding mistakes.

It's a great book!

Wow -- a great and very unexpected find. Michael Howard's experience within the Microsoft organization and David LeBlanc's technical experiences at ISS blend very well to provide a very solid high-level overview of secure coding practices. Of the few texts available for this subject, I would rate this very highly. It is technically neutral enough to survive for longer than it takes me to write this review, while using enough examples to help the reader understand the issues.

This isn't a low-level coding "how-to", and doesn't pretend to be. Providing examples of how to implement every coding algorithm in the short history of coding would be counter-productive. Instead, Howard and LeBlanc provide excellent examples that teach the reader how to think securely, and then carry that information into their coding practices. Phenomenal read, well worth the time.

Finally a book written by authors who know their stuff and can express themselves well. I have read many books about security and most of them focus simply on how things work, but not ho to use them effectivley when designing and building networked applications. However, this book delivers: it is rich in depth and breadth, and is really easy to read.

What's surprising, is I thought I knew how to build secure apps, 'til I read this book!

I bought this after reading other reviews, and like many of them I found this book worth every cent. The three manjor portions of the book: secure design, secure coding and security testing are really well explained. In fact, I have never seen any other material in any book on security design and testing.

And to those that thing there are no good SSL examples, I have two comments, (a) yes, there is material in the book on when to use SSL (and when not to!) and (b) SSL is no panacea, sometimes SSL is not the correct solution to use, and this book offers exceptional recommendations on how to determine if SSL is indeed the correct solution or not.

Too many books talk about how to secure a network, and discuss network-based attacks, but this book is different; it covers how to design, build and test the code at the end of the pipe - the application software.

The book is complete in its explanation of how to make sure your application code, be it web-based or otherwise, is secured from attack.

I learned a great deal from this book, and, based on code and design reviews of my company's code, the authors obviously know what they are talking about - as we made a lot of fixes, and added many new security test cases to our test suites.

Simply put, we never knew we had problems, until we read this book, now it's mandatory reading for all our software engineers.

This book was prety good. I liked it less after thinking about some of the reviews here. One reviewer has a good point that this is not a book for the hardcore coder. It is more about high-level how to secure-it stuff. Still, I thought the other reviewer had a good point too about SSL. I didn't think about it until after i finished the book, but the topic wasn't covered at all. Is it really something where there are no pitfalls to using it? It's okay not to tell me about the API, but even if SSL doesn't have any problems, i would have at least liked to hear "use this, it will secure all your network connections, then you won't have to worry about any network attacks" or something like that.

Covers WIndows and Web security coding bugs like no other book. Very complete, and an easy read. The Web section is the only one of it's kind!

Note, this book is not focused on security features (SSL, IPSec etc), but rather how to build secure applications, and is a 'must have' for Web and Windows developers/designers and testers.

An excellent discussion of designing and writing secure code!

I had the opportunity to see Michael Howard speak at this year's Professional Developers Conference -- he opened my eyes to the programmatic side of security and clearly knows whereof he speaks.

(...)the authors begin with the business case, discuss how to integrate security awareness into the development process, and then move into discussions of techniques in a well-organized fashion. Example code is clear and to the point.

I highly recommend this book to anyone sincerely interested in writing high-quality software.

When deciding on whether or not to buy a book, I normally read the reviews to find out what people did not like. After checking out this book, I am shocked at the comments one of the reviewers wrote, as he unfairly panned the book on something that it was not intended to solve.
If you are looking for a heavy coders book to show you how to code security in your apps, this is probably not the best place to look. While there is some code, that is not the primary focus. You will also be disappointed if you are looking for code samples that easily migrate to other systems.
The book is, overall, very Microsoft-centric. Whether this is good or bad depends largely on your point of view. While you can apply many of the techniques to any platform to shore up holes in your code.
There are many of the security mistakes in this book that I found almost laughable, until I tested code on a few collegues sites. If you code your SQL strings in ADO, for example, you might be leaving a way for a malicious user to gain admin rights to your SQL Server.
If you think there is no way in the world you would ever need a book on security holes in code, then this book is probably tailor made for you. Understand, of course, if you do not do windows, the code samples will be far less useful than if you do.

There's no other book like this on the market. It is an extremely practical book with lessons learned from security teams at Microsoft. Not only do they tell you about real-life problems they've experienced, they tell you what to avoid and how to best fix security problems. The best thing I like about the book is that it comes with code examples throughout the book that you can use when building your secure applications. It goes completely down and dirty to the details, but with a good 30,000 foot view of how to address security from a Project Management level too.

We've (Foundstone) have been performing security assessments on products and applications for years and have seen the same problems they address in the book out in the software industry. But I still learned a lot of new tricks from the book, especially regarding the Microsoft platform. My only fear is that if people start reading this book, I'll be out of a job!

If you write code, are a project manager, tester, you need to go buy this book, especially if you are working on the Microsoft platform.

I know it's really weird buying a book from Microsoft written by people from Microsoft on secure code. Why should you trust them? They know more about Windows than most people!

I read the Linux Secure Programming book online, and the other book Building Secure Software. Those other two books are better organized. It felt more like a collection of lose tips than the other two.

It's also missing a lot. Even though I'd learned a lot of stuff from the other books, I bought this one because I needed to learn how to use the Microsoft APIs to do SSL programming, and I wasn't happy with the documentation I've got access to. I figured this book would have it, but it doesn't, which was a deep disappointment.

Now, this book has taught me some new tricks. It has lots of good windows-specific hints that other books don't have. But if you're not a Windows programmer, don't bother. They don't cover other operating systems as well as the other books do. The book also didn't really teach the basic principles as well as the others. Every Windows programmer should have this book on his desk, but only for the Windows-specific stuff. Buy a better book first.

after reading the secure web app chapter, i rushed out and fixed about seven errors in my web-based finance app. the security bugs were bugs i didn't know i had!

we've also built cross-site scripting tests based on the commentary in the testing chapter.

GREAT BOOK!

A wonderfully complete book on building secure applications. It covers web stuff, Win32 stuff as well as common security mistakes in any OS or platform. There's a chapter covering security mistakes which could be made when writing .NET Managed code.

What I really like is the the book covers design, coding and testing, the design and testing chapters are comprehensive, very well written and I found I could use the information straight away in my job.

I have only read 6 chapters, and already I have learned a great deal.

If you are a shop which has unix boxes as well as web-based and Win32 boxes, then you should buy this along with Building Secure Software; between them they cover most everything.

Worth every cent!