Computers are everywhere. Some of them are highly visible, in laptops, tablets, cell phones, and smart watches. But most are invisible, like those in appliances, cars, medical equipment, transportation systems, power grids, and weapons. We never see the myriad computers that quietly collect, share, and sometimes leak vast amounts of personal data about us. Through computers, governments and companies increasingly monitor what we do. Social networks and advertisers know far more about us than we should be comfortable with, using information we freely give them. Criminals have all-too-easy access to our data. Do we truly understand the power of computers in our world?
Understanding the Digital World explains how computer hardware, software, networks, and systems work. Topics include how computers are built and how they compute; what programming is and why it is difficult; how the Internet and the web operate; and how all of these affect our security, privacy, property, and other important social, political, and economic issues. This book also touches on fundamental ideas from computer science and some of the inherent limitations of computers. It includes numerous color illustrations, notes on sources for further exploration, and a glossary to explain technical terms and buzzwords.
Understanding the Digital World is a must-read for all who want to know more about computers and communications. It explains, precisely and carefully, not only how they operate but also how they influence our daily lives, in terms anyone can understand, no matter what their experience and knowledge of technology.
Distributed Programming: Theory and Practice bridges the gap between books that focus on specific concurrent programming languages and books that focus on distributed algorithms. Programs are written in a "real-life" programming notation, along the lines of Java and Python with explicit instantiation of threads and programs. Students and programmers will see these as programs and not "merely" algorithms in pseudo-code. The programs implement interesting algorithms and solve problems that are large enough to serve as projects in programming classes and software engineering classes. Exercises and examples are included at the end of each chapter with on-line access to the solutions.
Distributed Programming: Theory and Practice is designed as an advanced-level text book for students in computer science and electrical engineering. Programmers, software engineers and researchers working in this field will also find this book useful.
Security automation is the automatic handling of software security assessments tasks. This book helps you to build your security automation framework to scan for vulnerabilities without human intervention.
This book will teach you to adopt security automation techniques to continuously improve your entire software development and security testing. You will learn to use open source tools and techniques to integrate security testing tools directly into your CI/CD framework. With this book, you will see how to implement security inspection at every layer, such as secure code inspection, fuzz testing, Rest API, privacy, infrastructure security, and web UI testing.
With the help of practical examples, this book will teach you to implement the combination of automation and Security in DevOps. You will learn about the integration of security testing results for an overall security status for projects.
By the end of this book, you will be confident implementing automation security in all layers of your software development stages and will be able to build your own in-house security automation platform throughout your mobile and cloud releases.What you will learnAutomate secure code inspection with open source tools and effective secure code scanning suggestionsApply security testing tools and automation frameworks to identify security vulnerabilities in web, mobile and cloud servicesIntegrate security testing tools such as OWASP ZAP, NMAP, SSLyze, SQLMap, and OpenSCAPImplement automation testing techniques with Selenium, JMeter, Robot Framework, Gauntlt, BDD, DDT, and Python unittestExecute security testing of a Rest API Implement web application security with open source tools and script templates for CI/CD integrationIntegrate various types of security testing tool results from a single project into one dashboardWho this book is for
The book is for software developers, architects, testers and QA engineers who are looking to leverage automated security testing techniques.
The nature of systems programming languages lies at the heart of the problem. Rather than rewriting decades of well-tested functionality, this book examines ways to live with the (programming) sins of the past while shoring up security in the most efficient manner possible. We explore a range of different options, each making significant progress towards securing legacy programs from malicious inputs.
The solutions explored include enforcement-type defenses, which excludes certain program executions because they never arise during normal operation. Another strand explores the idea of presenting adversaries with a moving target that unpredictably changes its attack surface thanks to randomization. We also cover tandem execution ideas where the compromise of one executing clone causes it to diverge from another thus revealing adversarial activities. The main purpose of this book is to provide readers with some of the most influential works on run-time exploits and defenses. We hope that the material in this book will inspire readers and generate new ideas and paradigms.
Numbers are often intimidating, confusing, and even deliberately deceptive—especially when they are really big. The media loves to report on millions, billions, and trillions, but frequently makes basic mistakes or presents such numbers in misleading ways. And misunderstanding numbers can have serious consequences, since they can deceive us in many of our most important decisions, including how to vote, what to buy, and whether to make a financial investment. In this short, accessible, enlightening, and entertaining book, leading computer scientist Brian Kernighan teaches anyone—even diehard math-phobes—how to demystify the numbers that assault us every day.
With examples drawn from a rich variety of sources, including journalism, advertising, and politics, Kernighan demonstrates how numbers can mislead and misrepresent. In chapters covering big numbers, units, dimensions, and more, he lays bare everything from deceptive graphs to speciously precise numbers. And he shows how anyone—using a few basic ideas and lots of shortcuts—can easily learn to recognize common mistakes, determine whether numbers are credible, and make their own sensible estimates when needed.
Giving you the simple tools you need to avoid being fooled by dubious numbers, Millions, Billions, Zillions is an essential survival guide for a world drowning in big—and often bad—data.
The book features hundreds of interesting and practical examples of well-written Go code that cover the whole language, its most important packages, and a wide range of applications. Each chapter has exercises to test your understanding and explore extensions and alternatives. Source code is freely available for download from http://gopl.io/ and may be conveniently fetched, built, and installed using the go get command.
After reading this book, you should be able to use these tools to do some testing and even working on penetration projects. You just need to remember not to use these techniques in a production environment without having a formal approval.