At Artech House, we ask our authors what problems their books can help readers solve. In this series, we share what our authors aim to do in their writing. Read on to find out what Serge Borso, who wrote The Penetration Tester’s Guide to Web Applications had to say:
What are the features of your book and the specific benefits a reader can expect to derive from those features?
- Bridging the gap between high risk vulnerabilities and exploiting flaws to get shell access
- Working in a professional services space to produce quality and thorough testing results
- Understanding the requirements of providing a best-of-class penetration testing service
- The problem of not knowing how to approach a web app pen test
- The challenge of integrating a mature pen testing program into an organization
What are the features of your book and the specific benefits a reader can expect to derive from those features?
- The feature of providing clear and easy to follow information about the web application penetration testing program may benefit the buyer by enabling the buyer to understand the concepts in such a way that she can take the information to her place of business and provide a better service to her company/clients.
- The feature of discussing each OWASP top ten vulnerability in depth may benefit the buyer by providing the required information to conduct a thorough test for these common flaws during their next penetration testing engagement.
- The feature of including hands-on labs may benefit the buyer by combining multiple learning styles to drive home concepts, knowledge and feeling like there is a value-add to the book.
Please name the audiences at which this book is aimed. How will this audience use your book?
- Penetration Tester: A penetration tester will use this book to enhance their skills as web application penetration testing is one of several very common types of penetration tests.
- Cyber Security Student: A student studying cyber security will use this book to understand how web app pen testing is performed and gain a level of skills in this area. This book could be used as a text book for any cyber security student with a focus on “appsec” (application security)
- Security professionals: A Security professional (devsecops person, security analyst, security engineer, security manager) will use this book to sharpen their skills in the world of web applications.
- Developer/SOC Analyst: A SOC analyst would use this book to become more familiar with common web application attacks and use this information to develop defenses against these attacks.
For more information or to order, click here.
