The root of computer vulnerabilities, and the proper place to address them, say Thompson (director of security technology at Security Innovation LLC) and Chase (security architect, SI Government Solutions) is at the software level. In this work, they provide advice to software developers on how to avoid the code flaws that lead to security vulnerabilities and to testers on how to detect such vulnerabilities. They discuss problems that allow system level attacks, data parsing, information disclosure, connection vulnerabilities, and browser security. The CD-ROM contains the code and projects from the book\'s various examples, as well as a number of open-source security testing tools.