Bulletproof SSL and TLS book cover
Release date: 1 August 2014
Language: English (528 pages)
ISBN: 978-1907117046
Formats: Paperback, PDF, EPUB,
     Kindle, Online (no DRM)
Bulletproof SSL and TLS
Book Reviewer Kit
Understanding and deploying SSL/TLS and Internet PKI to secure servers and web applications, by Ivan Ristić

For system administrators, developers, and IT security professionals, this book provides a comprehensive coverage of the ever-changing field of SSL/TLS and Internet PKI. Written by Ivan Ristić, a security researcher and author of SSL Labs, this book will teach you everything you need to know to protect your systems from eavesdropping and impersonation attacks.

Short Description

For system administrators, developers, and IT security professionals, this book provides a comprehensive coverage of the ever-changing field of SSL/TLS and Internet PKI. Written by Ivan Ristić, a security researcher and author of SSL Labs, this book will teach you everything you need to know to protect your systems from eavesdropping and impersonation attacks.

Full Description

Bulletproof SSL and TLS is a complete guide to using SSL and TLS encryption to deploy secure servers and web applications. Written by Ivan Ristić, the author of the popular SSL Labs web site, this book will teach you everything you need to know to protect your systems from eavesdropping and impersonation attacks.

In this book, you’ll find just the right mix of theory, protocol detail, vulnerability and weakness information, and deployment advice to get your job done:

  • Comprehensive coverage of the ever-changing field of SSL/TLS and Internet PKI, with updates to the digital version
  • For IT security professionals, help to understand the risks
  • For system administrators, help to deploy systems securely
  • For developers, help to design and implement secure web applications
  • Practical and concise, with added depth when details are relevant
  • Introduction to cryptography and the latest TLS protocol version
  • Discussion of weaknesses at every level, covering implementation issues, HTTP and browser problems, and protocol vulnerabilities
  • Coverage of the latest attacks, such as BEAST, CRIME, BREACH, Lucky 13, RC4 biases, Triple Handshake Attack, and Heartbleed
  • Thorough deployment advice, including advanced technologies, such as Strict Transport Security, Content Security Policy, and pinning
  • Guide to using OpenSSL to generate keys and certificates and to create and run a private certification authority
  • Guide to using OpenSSL to test servers for vulnerabilities
  • Practical advice for secure server configuration using Apache httpd, IIS, Java, Nginx, Microsoft Windows, and Tomcat

This book is available in paperback and a variety of digital formats without DRM.

About the Author

Ivan Ristić is a security researcher, engineer, and author, known especially for his contributions to the web application firewall field and development of ModSecurity, an open source web application firewall, and for his SSL/TLS and PKI research, tools, and guides published on the SSL Labs web site.

He is the author of three books: Apache Security (O’Reilly, 2005), ModSecurity Handbook (Feisty Duck, 2010) and Bulletproof SSL and TLS (Feisty Duck, 2014). Ivan is an active participant in the security community, and you’ll often find him speaking at security conferences, such as Black Hat, RSA, OWASP AppSec, and others. He’s currently Director of Application Security Research at Qualys.

Quotes

“The most comprehensive book about deploying TLS in the real world!”

Nasko Oskov, Chrome Security developer and
former SChannel developer

“Meticulously researched.”

Eric Lawrence, Fiddler author and former
Internet Explorer Program Manager

“The most to the point and up to date book about SSL/TLS I've read.”

Jakob Schlyter, IT security advisor and DANE co-author

Reviews

Resources

About Feisty Duck

Feisty Duck is a publisher of fine technology books, with a special focus on computer security and open source. Our books are published in a way that aims to bridge the gap between traditional publishing and the new digital age.