This book is part of the Software Engineering Institute (SEI) Series in Software Engineering, and it lives up to this series’ reputation for publishing books with high-quality information presented in an understandable way. The author, Robert Seacord, is a senior vulnerability analyst with CERT Coordinating Committee (CERT/CC) at Carnegie Mellon University. CERT is the premier US computer security analysis and response organization. He has been at SEI (the parent organization of CERT) for over 19 years, and has published over 40 books and papers on security and other software engineering topics.

The stated goal of this book is to educate readers about the causes of software security vulnerabilities and provide the means to prevent (or at least mitigate) their inclusion in, and subsequent impact on, software. The author wants to reach a wide audience, including software developers, security analysts, program managers, and computer science majors. His focus is on code written in the C and C++ programming languages running on the Microsoft Windows and Linux operating systems.

Unlike several recent, popular books dealing with secure coding, this book deals almost exclusively with coding vulnerabilities. The introductory chapter, “Running with Scissors” (an apt metaphor for the current world of increasingly prevalent and increasingly nasty viruses, worms, and other malware spread by the Internet and wide/local area networks), first discusses the threats and costs of creating and using insecure code. The next section provides clear, concise definitions of key security concepts. The rest of the chapter presents a high-level overview of the C and C++ languages and the development platforms (operating systems, compilers, and so on) on which they are used. Each of the following six chapters discusses a major coding issue. All of these chapters have a similar format: an extensive discussion of the security vulnerability; a section on mitigation strategy (how to avoid creating insecure code); a section describing well-known and often widely used software containing the vulnerability; a summary section; and a further reading section. The vulnerability topics of these chapters are strings, pointers, dynamic memory management, formatted output, and file input/output (I/O). The final chapter recommends practices to reduce the likelihood of creating software security vulnerabilities. These practices are based on the software life cycle comprising requirements, architecture and design, implementation, quality assurance/testing, and post-deployment.

Seacord is a good writer and attains the goal of the book. He employs many examples of both secure and insecure code with adequate text descriptions. This feature, while appealing to developers and students, makes the book a slow read for program managers who often do not have the technical expertise to understand this information. This book could be used as a textbook, but it has no chapter problems and solutions. Anyone serious about developing secure code in C, C++, or a similar language like Java should buy this book, read it thoroughly, and keep it on the shelf above her monitor.