The Tangled Web: A Guide to Securing Modern Web Applications

Author: Michal Zalewski
3.9
This Month Hacker News 2

Comments

by elorant   2018-11-10
That's funny because there is another book [1] with exactly the same title and also about computer security, although it predates the one you mention by a decade.

[1] https://www.amazon.com/Tangled-Web-Securing-Modern-Applicati...

by dmix   2018-11-10
If you don't know who this is, he wrote one of my favourite books on web (browser) security: "The Tangled Web" [1].

Another lesser known book by him is also worth a read: "Silence on the Wire" that takes a look at the full information security stack from the keyboard you type on, to the wires the data transits, to the internet protocols, etc [2] and looking at how each stage exposes/protects data.

And has quite an interesting history in infosec beyond that [3].

[1] https://www.amazon.com/Tangled-Web-Securing-Modern-Applicati...

[2] https://www.amazon.com/Silence-Wire-Passive-Reconnaissance-I...

[3] https://en.wikipedia.org/wiki/Micha%C5%82_Zalewski