Dave Aitel is the founder of Immunity, Inc. (www.immunitysec.com), with prior experience at both private industry security consulting companies and the National Security Agency. His tools, SPIKE and SPIKE Proxy, are widely regarded as the best black box application assessment tools available.Susan Young has worked in the security field for the past seven years, four of which have been spent in the security consulting arena, helping clients design and implement secure networks, training on security technologies, and conducting security assessments and penetration tests of client system or network defenses (so-called ethical hacking). Her experience has included consulting work in the defense sector and the financial industry, as well as time spent evaluating and deconstructing various security products. She currently works as a senior security consultant in the Boston area security practice of International Network Services (INS).
By the author's providing a 'hacker' perspective, readers will more fully understand the ramifications of having an insecure computer, server, network, program, database and or policy. The book [includes] a good table of contents that is extensive, very organized and thorough . [T]here are important discussions of the non-technical kind [of insecurity] like policy, which is too often overlooked in many organizations. What is most impressive about the book is its outlines of specific exploits and attacks with prescribed defenses. Coupled with good illustrations and detailed explanations[, ] this is a greet resource for both academic and public libraries. - E-Streams, Vol. 7, No. 9, Sept. 2004 Awesome work! -Anton Chuvakin, Ph.D., GCIA, GCIH, netForensics Promo Copy