Definitely a worthy book for developers and security pros alike

Hacking the Code is a must read if you want to pick apart .NET Web applications in the name of better security. More people in development and IT need to read books like this. I like how it focuses on ASP.NET - the language that a large portion of Web applications are developed in today. The book covers the important areas of securing applications and shows some good examples. Appendix A also has some good ASP.NET code samples for real-world concerns.

I especially like the coverage on authentication mechanisms which is something that's often taken for granted by developers but where I tend to find a lot of the weaknesses in the work I do. Plus it doesn't just focus on the technical side of things with the coverage of users awareness and policies. Overall, very good at covering the root of many of our security problems.

Other Reviews

• Definitely a worthy book for developers and security pros alike
• Spot on
• Secure Coding 101
• very unprofessional