Secure by Design

ISBN
9781617294358
$49.99
Author Daniel Deogun, Daniel
Format Paperback
Details
  • 9.2" x 7.4" x 0.8"
  • Active Record
  • Individual Title
  • 2019
  • 410
  • Yes
  • 22
  • QA76.76.D47
Summary Secure by Design teaches developers how to use design to drive security in software development. This book is full of patterns, best practices, and mindsets that you can directly apply to your real world development. You'll also learn to spot weaknesses in legacy code and how to address them. Foreword by Daniel Terhorst-North. Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications. About the Technology Security should be the natural outcome of your development process. As applications increase in complexity, it becomes more important to bake security-mindedness into every step. The secure-by-design approach teaches best practices to implement essential software features using design as the primary driver for security. About the Book Secure by Design teaches you principles and best practices for writing highly secure software. At the code level, you'll discover security-promoting constructs like safe error handling, secure validation, and domain primitives. You'e(tm)ll also master security-centric techniques you can apply throughout your build-test-deploy pipeline, including the unique concerns of modern microservices and cloud-native designs. What's inside Secure-by-design concepts Spotting hidden security problems Secure code constructs Assessing security by identifying common design flaws Securing legacy and microservices architectures About the Reader Readers should have some experience in designing applications in Java, C#, .NET, or a similar language. About the Author Dan Bergh Johnsson , Daniel Deogun , and Daniel Sawano are acclaimed speakers who often present at international conferences on topics of high-quality development, as well as security and design. Table of Contents PART 1 - Introduction Why design matters for security Intermission: The anti-Hamlet PART 2 - Fundamentals Core concepts of Domain-Driven Design Code constructs promoting security Domain primitives Ensuring integrity of state Reducing complexity of state Leveraging your delivery pipeline for security Handling failures securely Benefits of cloud thinking Intermission: An insurance policy for free PAT 3 - Applying the fundamentals Guidance in legacy code Guidance on microservices A final word: Don't forget about security!