Over the years, JIRA has grown from a simple bug tracking system designed for engineers to manage their projects to an all-purpose issue tracking solution. As it has matured over time, JIRA has become more than an application, it has transformed into a platform, with a suite of other products that are built on it, enabling it to adapt and deliver value to a wide variety of use cases. JIRA 6 is …
Executives and security technologists need a common understanding of web application security risks and how to find and fix them. This book provides common points of understanding to enable both groups to collaborate on building secure web application frameworks. The book translates with simplicity and brevity the technical world of threats, vulnerabilities, mitigation, prevention, and level o…
In the summer of 2005, systems administrators and security researchers from all over the world gathered in Las Vegas, Nevada for Black Hat, one of the largest computer security conferences in the world. On the morning of the first day, Michael Lynn, one of the authors of this book, was scheduled to speak about vulnerabilities in Cisco routers. These vulnerabilities were serious: an attacker cou…
Node.js and MongoDB are quickly becoming very popular tech stacks for the Web. Powered by Google's V8 engine, Node.js caters to easily building fast, scalable network applications while MongoDB is the perfect fit as a scalable, high-performance, open source NoSQL database solution. Using these two technologies together, web applications can be built quickly and easily and deployed to the clou…
In this part of the book, you discover how to create a security plan that you can use when writing applications. Having a good security plan ensures that your application actually meets specific goals and that others can discuss how to implement security with the development team. Without a good security plan in place, hackers often find easy access to the application and cause all kinds of pro…
Deciding to add security to a web application is like deciding whether to wear clothes in the morning. Both decisions provide comfort and protection throughout the day, and in both cases the decisions are better made beforehand rather than later. Just look around and ask yourself, “How open do I really want to be with my neigh- bors?” Or, “How open do I really want them to be with me?” …
To make best use of web services and SOAP, you must have a firm understanding of the principles and technologies upon which they stand. This chapter is an introduction to a variety of new technologies, approaches, and ideas for writing web-based applications to take advantage of the web services architecture. SOAP is one part of the bigger picture described in this chapter, and you'll learn how…
This book covers a vast array of information related to packetC. It is a complete language reference and contains background information on many unique parts of packetC. As packetC shares much of its grammar with C, the book focuses on being an instructional language reference and not a general C programming introduction, since extensive texts exist on that topic. Focusing the unique aspects of…
Basic network architecture and construction is a good starting point when trying to understand how communication systems function, even though the topic is a bit dull. Architectures are typically based on a model showing how protocols and functions fit together. Historically, there have been many models used for this purpose, including, but not limited to, Systems Network Architecture (SNA-IBM)…
Social applications are, by default, applications with the potential to be used by many users at the same time. I know, the first word that comes to your mind is scalability, but that is just one of the challenges you must tackle, and possibly not the hardest. Your application needs to work for almost every user who decides to give it a try, from the perspectives of usability and user experienc…
The Essential Handbook of Internal Auditing contains the same format as the original handbook and includes chapters on Corporate Governance Perspectives, Managing Risk and Internal Controls. It is only after having addressed these three interrelated topics that we can really appreciate the internal audit role. There are chapters on professional standards, audit approaches, managing internal aud…
The first step in diagnosing a network problem is to collect information. This includes collecting information from your users as to the nature of the problems they are having, and it includes collecting data from your network. Your success will depend, in large part, on your efficiency in collecting this information and on the quality of the information you collect. This book is about tools yo…
AWS is not easy; it combines skills of several different (established) crafts. It is different from traditional systems administration, and it’s not just developing a piece of software. If you have practiced one or both of these skills, all you need is to be inquisitive and open to learning. Our background is in software engineering. We are computer scientists with extensive software engineer…
We begin to jump into the PHP code within this chapter. You will learn about PHP best coding practices when it comes to performance. You will learn about constructing a faster-running for loop, how to include files using the optimal PHP function, and, most importantly, how to use and install VLD, strace, and Xdebug. Once VLD and strace are installed, you will analyze Opcode, as well as the Apac…
This PhoneGap 4 cookbook is a practical guide to developing hybrid applications using PhoneGap or Cordova. The sample applications here are based on real-world use cases and are shown step by step. This book covers the standard workflow using the Cordova command-line interface, and the extension of hybrid applications using various Cordova plugins. It also covers the development of hybrid appl…
When Olaf Kirche joined the LDP in 1992, he wrote two small chapters on UUCP and smail, which he meant to contribute to the System Administrator’s Guide. Development of TCP/IP networking was just beginning, and when those “small chapters” started to grow, he wondered aloud whether it would be nice to have a Networking Guide. “Great!” everyone said. “Go for it!” So he went for it a…
To be able to define IoT, let's first look at how the term was coined. Kevin Ashton noted that most data on the Internet was at the time originally entered or captured into the system by human beings. From a system point of view, a human is nothing more than a slow, error-prone, and inefficient router of data that puts limits on quality and quantity of data available and sometimes even dares to…
Firewalls are a staple of almost every network in the world. The firewall protects nearly every network-based transaction that occurs, and even the end user understands its metaphoric name, meant to imply keeping out the bad stuff. But firewalls have had to change. Whether it’s the growth of networks or the growth of network usage, they have had to move beyond the simple devices that only req…
After you’ve spent some time in the networking field, you tend to notice that there is rarely a single way to do things, and in many cases, rarely a single, precise definition for terms. After all, often a network engineer’s best answer is “it depends.” Such is the case with enterprise routing, so let’s start off with a definition question: what is an enterprise network? Is it a large…
This book describes the jobs that I and other networking engineers have performed on client networks over the past few years. We are considered network warriors because of the way that we attack networking challenges and solve issues for our clients. Network warriors come from different backgrounds, including service provider routing, security, and the enterprise. They are experts on many diffe…