Addison-Wesley Professional Showcases The New School of Information Security at RSA 2008

Addison-Wesley Professional is featuring new titles at RSA 2008, the information security forum being held April 7-11 at San Francisco's Moscone Center, including The New School of Information Security, Software Security Engineering: A Guide for Project Managers, Crimeware: Understanding New Attacks and Defenses and dotCrime Manifesto.

SAN FRANCISCO (Business Wire EON) April 7, 2008 -- Addison-Wesley Professional is featuring new titles at RSA 2008, the information security forum being held April 7-11 at San Francisco’s Moscone Center, including The New School of Information Security, Software Security Engineering: A Guide for Project Managers, Crimeware: Understanding New Attacks and Defenses and dotCrime Manifesto.

News Facts

• The New School of Information Security, by Adam Shostack and Andrew Stewart, focuses on a future vision for the security industry, centering on what threats companies now face and how they can best face them. The book discusses why security is failing, provides a pragmatic approach to spending, and helps organizations evaluate and structure their security programs. For more information, visit www.informit.com/title/9780321502780. The book is also Safari Books Online-enabled and available at http://safari.informit.com/9780321502780.
• The forthcoming Software Security Engineering provides readers with a set of sound practices they can adopt selectively to increase the security and dependability of software, both during its development and its operation. For more information, visit www.informit.com/title/9780321509178. Author Gary McGraw will be speaking at the track session Electronic Voting: The Politics of Broken Systems (Thursday morning at 10:40 in Green Room 103).
• Crimeware: Understanding New Attacks and Defenses helps security professionals, technical managers, students, and researchers understand and prevent specific crimeware threats. Security experts Markus Jakobsson and Zulfikar Ramzan have brought together chapter contributors who are among the best and the brightest in the security industry. For additional information, visit www.informit.com/title/9780321501950.
• The recently released dotCrime Manifesto, written by Dr. Phillip Hallam-Baker, begins with a revealing new look at the challenge of Internet crime– and a surprising look at today’s Internet criminals. The book examines why the Internet’s lack of accountability makes it so vulnerable, and how this can be fixed – technically, politically, and culturally. For more information, visit www.informit.com/title/9780321503589. This book is also Safari Books Online-enabled available at http://safari.informit.com/9780321503589. Author Hallam-Baker will be providing two track sessions, including Security Usability: The New Challenge (Tuesday, April 08 at 4:10 PM, Red Room 309) and Extended Validation: Raising the Bar for Internet Trust (Thursday, April 10 at 9:10 AM, Red Room 308).

Author Bios

Adam Shostack, co-author of The New School of Information Security, is part of Microsoft’s Security Development Lifecycle strategy team, where he is responsible for security design analysis techniques. Before Microsoft, Adam was involved in a number of successful start-ups focused on vulnerability scanning, privacy, and program analysis. He helped found the CVE, International Financial Cryptography association, and the Privacy Enhancing Technologies workshop. He has been a technical advisor to companies including Counterpane Internet Security and Debix.

Andrew Stewart, co-author of The New School of Information Security, is a Vice President at a US-based investment bank. His work on information security topics has been published in journals such as Computers & Security and Information Security Bulletin. His homepage is homepage.mac.com/andrew_j_stewart

Gary McGraw, co-author of the upcoming book Software Security Engineering, is the CTO of Cigital, Inc., a software security and quality consulting firm with headquarters in the Washington, D.C., area. He is a globally recognized authority on software security and the author of six best selling books on this topic. The latest is Exploiting Online Games (Addison-Wesley, 2008). His other titles include Java Security, Building Secure Software, Exploiting Software, and Software Security; and he is editor of the Addison-Wesley Software Security series. McGraw has also written more than ninety peer-reviewed scientific publications, authors a monthly security column for darkreading.com, and is frequently quoted in the press. Besides serving as a strategic counselor for top business and IT executives, Gary is on the Advisory Boards of Fortify Software and Raven White. He serves on the Dean’s Advisory Council for the School of Informatics at Indiana University. Gary is an IEEE Computer Society Board of Governors member and produces the monthly Silver Bullet Security Podcast for IEEE Security & Privacy magazine.

Markus Jakobsson, Ph.D. co-author of Crimeware: Understanding New Attacks and Defenses, is currently principal scientist at Palo Alto Research Center, and an adjunct associate professor at Indiana University. He has previously held positions as principal research scientist at RSA Laboratories, adjunct associate professor at New York University, and was a member of the technical staff at Bell Laboratories. He studies the human factor of security and cryptographic protocols, with a special focus on privacy. Markus has co-authored more than a hundred peer-reviewed articles and is a co-inventor of more than 50 patents and patents pending.

Zulfikar Ramzan, Ph.D. co-author of Crimeware: Understanding New Attacks and Defenses, is currently a senior principal researcher with Symantec Security Response. He focuses on improving the security of the online experience, including understanding threats like phishing, online fraud, malicious client-side software, and web security. In general, Zulfikar’s professional interests span the theoretical and practical aspects of information security and cryptography. He is a frequent speaker on these issues and has coauthored more than 50 technical articles and one book.

Dr. Phillip Hallam-Baker has been at the center of the development of the World Wide Web, electronic commerce, and Internet security for more than a decade. A member of the CERN team that created the original Web specifications, his list of design credits has few rivals and includes substantial contributions to the design of HTTP, the core protocol of the World Wide Web. A frequent speaker at international conferences with more than 100 appearances over the past four years and numerous media interviews, Hallam-Baker is known for his passionate advocacy of what he calls technology for real people. His mission is to democratize technology, making technology serve the needs of the ordinary person rather than interest technologists or an artificial business model. The dotCrime Manifesto serves this mission by reaching out beyond the field of network security specialists to provide a firsthand, accessible account of the measures needed to control Internet crime.

OnSecurity Video Podcasts by author Gary McGraw

• Software Security and Cybercrime (video); link: http://www.informit.com/podcasts/episode.aspx?e= 528856b1-a838-4564-a2dc-ab3629920529
• Software Security: Building Security In (video); link: http://www.informit.com/podcasts/episode.aspx?e= 877e9cce-7f1a-4d3b-821e-2d0d9ae74655
• Breaking Barriers to Security Implementation (video); link: http://www.informit.com/podcasts/episode.aspx?e= 37b269bd-1aaa-4169-b276-e3229d984ef2
• The Implicit Demand of Software Security (video); link: http://www.informit.com/podcasts/episode.aspx?e= 4fc6bda8-c8c0-426e-b7ad-07275d636f34

All OnSecurity Podcasts also available at iTunes.

About Pearson Education

Educating 100 million people worldwide, Pearson Education is the global leader in educational and professional publishing, providing scientifically research-based print and digital programs to help people of all ages learn at their own pace, in their own way. Professionals, leaders, academics, experts, and consultants draft the books and online resources that help develop today's and tomorrow's business leaders. Top technology companies that have chosen Pearson Education as their publishing partner include IBM, Symantec, Cisco, Adobe, and Macromedia. The company is home to such renowned publishing and information portal brands as Informit.com, Prentice Hall Professional, IBM Press, Addison-Wesley Professional, Peachpit Press, Cisco Press, Sams Publishing, and Que Publishing. Pearson Education is part of Pearson (NYSE: PSO), the international media company. In addition to Pearson Education, Pearson's primary operations include the Financial Times Group and the Penguin Group.

About InformIT

InformIT is the online publishing arm of Pearson Technology Group, the world's largest provider of professional reference content on operating systems, networking, programming, certification, web development and design, information technology, and engineering. InformIToffers authoritative, accurate content written by the experts in the field from leading technology publishers, including Prentice Hall Professional, IBM Press, Addison-Wesley Professional, Cisco Press, Sams Publishing and Que Publishing -names technology professionals and home and office computing users trust.

Technorati Keywords: Software Security, IT, Technology, RSA Conference, Computer, Book, Publishing.

Note to Editors: Due to their length, some of the URLs above may need to be copied/pasted into your Internet browser's address field. Remove the extra space if one exists.