Skip to Content
97 Things Every Application Security Professional Should Know
book

97 Things Every Application Security Professional Should Know

by Reet Kaur, Yabing Wang
June 2024
Intermediate to advanced
310 pages
8h 59m
English
O'Reilly Media, Inc.

Overview

In this fast-advancing technology world, almost everything is written as software or application. Together with the fast-evolving threat landscape, protecting customer data and ensuring the resilience of your business becomes the critical objective of all cybersecurity professionals. Weak application defenses can lead to serious consequences like regulatory fines, penalties, and loss of customer trust—especially for industries that handle sensitive or financial data. That's why it's imperative for security professionals to reinforce themselves with the latest insights to combat growing cyber threats.

In this go-to guide, editors Reet Kaur and Yabing Wang share key concepts, up-to-date best practices, and cutting-edge tools that today's cyber professionals need to ensure solid application security. The articles in this book include actionable advice on a wide variety of application security topics and thought-provoking questions that drive the direction of the field. You'll also receive expert advice from professionals on how to navigate your career within this industry.

Articles include:

  • AppSec Is a People Problem—Not a Technical One — Mark S. Merkow
  • A Coordinated Approach to a Successful DevSecOps Program — Han Lievens
  • Will Passwordless Authentication Save Your Application? — Aldo Salas
  • Introduction to CI/CD Pipelines and Associated Risks — Tyler Young
  • Unveiling Paths to Account Takeover: Web Cache to XSS Exploitation — Lütfü Mert Ceylan
  • Secure the Software Supply Chain Through Transparency — Niels Tanis
  • The Right Way to Threat Model — Josh Brown
  • Enhanced Application Security Defense — Michael Freeman
  • Mobile Security Domain and Best Practices — Aruneesh Salhotra
  • API Security Primer — Chenxi Wang
  • Will Generative and LLM Solve a 20-Year-Old Problem in Application Security? — Neatsun Ziv
  • Application Security in Cyber-Physical Systems — Yaniv Vardi
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

AirBnbBlueOriginElectronic ArtsHomeDepotNasdaqRakutenTata Consultancy Services

QuotationMarkO’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.
Julian F.
Head of Cybersecurity
QuotationMarkI wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.
Addison B.
Field Engineer
QuotationMarkI’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.
Amir M.
Data Platform Tech Lead
QuotationMarkI'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Mark W.
Embedded Software Engineer

You might also like

97 Things Every Information Security Professional Should Know

97 Things Every Information Security Professional Should Know

Christina Morillo

Publisher Resources

ISBN: 9781098152161Errata Page