Written by the experts at 37signals, this book shows hundreds of real-world examples from companies like Amazon, Google, and Yahoo that show the right (and wrong) ways to get defensive. Readers will learn 40 guidelines to prevent errors and rescue customers if a breakdown occurs. They'll also explore how to evaluate their own site's defensive design and improve it over the long term.
If you are in charge of the user experience, development, or strategy for a web site, A Web for Everyone will help you make your site accessible without sacrificing design or innovation. Rooted in universal design principles, this book provides solutions: practical advice and examples of how to create sites that everyone can use.
No matter how visually appealing or content-packed a Web site may be, if it's not adaptable to a variety of situations and reaching the widest possible audience, it isn't really succeeding. In Bulletproof Web Desing, author and Web designer extraordinaire, Dan Cederholm outlines standards-based strategies for building designs that provide flexibility, readability, and user control--key components of every sucessful site. Each chapter starts out with an example of an unbulletproof site one that employs a traditional HTML-based approach which Dan then deconstructs, pointing out its limitations. He then gives the site a make-over using XHTML and Cascading Style Sheets (CSS), so you can see how to replace bloated code with lean markup and CSS for fast-loading sites that are accessible to all users. Finally, he covers several popular fluid and elastic-width layout techniques and pieces together all of the page components discussed in prior chapters into a single-page template.
Rigorously test and improve the security of all your Web software! It’s as certain as death and taxes: hackers will mercilessly attack your Web sites, applications, and services. If you’re vulnerable, you’d better discover these attacks yourself, before the black hats do. Now, there’s a definitive, hands-on guide to security-testing any Web-based software: How to Break Web Software. In this book, two renowned experts address every category of Web software exploit: attacks on clients, servers, state, user inputs, and more. You’ll master powerful attack tools and techniques as you uncover dozens of crucial, widely exploited flaws in Web architecture and coding. The authors reveal where to look for potential threats and attack vectors, how to rigorously test for each of them, and how to mitigate the problems you find. Coverage includes · Client vulnerabilities, including attacks on client-side validation · State-based attacks: hidden fields, CGI parameters, cookie poisoning, URL jumping, and session hijacking · Attacks on user-supplied inputs: cross-site scripting, SQL injection, and directory traversal · Language- and technology-based attacks: buffer overflows, canonicalization, and NULL string attacks · Server attacks: SQL Injection with stored procedures, command injection, and server fingerprinting · Cryptography, privacy, and attacks on Web services Your Web software is mission-critical–it can’t be compromised. Whether you’re a developer, tester, QA specialist, or IT manager, this book will help you protect that software–systematically.
Building an elegant, functional website requires more than just knowing how to code. In Adaptive Web Design, Second Edition, you’ll learn how to use progressive enhancement to build websites that work anywhere, won’t break, are accessible by anyone—on any device—and are designed to work well into the future. This new edition of Adaptive Web Design frames even more of the web design process in the lens of progressive enhancement. You will learn how content strategy, UX, HTML, CSS, responsive web design, JavaScript, server-side programming, and performance optimization all come together in the service of users on whatever device they happen to use to access the web. Understanding progressive enhancement will make you a better web professional, whether you’re a content strategist, information architect, UX designer, visual designer, front-end developer, back-end developer, or project manager. It will enable you to visualize experience as a continuum and craft interfaces that are capable of reaching more users while simultaneously costing less money to develop. When you’ve mastered the tenets and concepts of this book, you will see the web in a whole new way and gain web design superpowers that will make you invaluable to your employer, clients, and the web as a whole. Visit http://adaptivewebdesign.info to learn more.
Using patterns to help Web designers develop a site that attracts visitors, this text reveals ways to understand customers and their needs, and ways to keep customers involved through good design.
The goal of Defensive Programming is to produce resilient code that responds gracefully to the unexpected. Inside this book, you will find dozens of practical, defensive programming techniques that will improve the quality of your T-SQL code and increase its resilience and robustness.
Despite the increase of high-profile hacks, record-breaking data leaks, and ransomware attacks, many organizations don’t have the budget to establish or outsource an information security (InfoSec) program, forcing them to learn on the job. For companies obliged to improvise, this pragmatic guide provides a security-101 handbook with steps, tools, processes, and ideas to help you drive maximum-security improvement at little or no cost. Each chapter in this book provides step-by-step instructions for dealing with a specific issue, including breaches and disasters, compliance, network infrastructure and password management, vulnerability scanning, and penetration testing, among others. Network engineers, system administrators, and security professionals will learn tools and techniques to help improve security in sensible, manageable chunks. Learn fundamentals of starting or redesigning an InfoSec program Create a base set of policies, standards, and procedures Plan and design incident response, disaster recovery, compliance, and physical security Bolster Microsoft and Unix systems, network infrastructure, and password management Use segmentation practices and designs to compartmentalize your network Explore automated process and tools for vulnerability management Securely develop code to reduce exploitable errors Understand basic penetration testing concepts through purple teaming Delve into IDS, IPS, SOC, logging, and monitoring
Since his 1990 landmark book Overcoming Organizational Defenses, Chris Argyris has extensively researched and written about how well-meaning, smart people create vicious cycles of defensive behavior to protect themselves from embarrassment and threat. In Discussing the Undiscussable, Bill Noonan enlivens the scholarly work of Chris Argyris through the use of reflective exercises and easy-to-read chapters that illuminate the basic human experience endemic to the creation of defensive routines. This book offers hope for altering organizational defensive routines by leveraging the greatest opportunity for change—the way we think and act. Discussing the Undiscussable provides a set of practical “how to do” exercises for detecting, surfacing, and discussing organizational defensive routines in a safe and productive way. The combination of text, business fable, and interactive and reflective exercises is versatile in its application to both individuals and groups. The companion DVD contains video vignettes of the book’s business fable where the actors model both defensive routines and virtuous cycles of behavior. Readers will instantly recognize what has long been going on in the workplace, and will be able to develop the skills to talk about it productively.
