Book description
Learn application security from the very start, with this comprehensive and approachable guide!
Alice and Bob Learn Application Security is an accessible and thorough resource for anyone seeking to incorporate, from the beginning of the System Development Life Cycle, best security practices in software development. This book covers all the basic subjects such as threat modeling and security testing, but also dives deep into more complex and advanced topics for securing modern software systems and architectures. Throughout, the book offers analogies, stories of the characters Alice and Bob, real-life examples, technical explanations and diagrams to ensure maximum clarity of the many abstract and complicated subjects.
Topics include:
- Secure requirements, design, coding, and deployment
- Security Testing (all forms)
- Common Pitfalls
- Application Security Programs
- Securing Modern Applications
- Software Developer Security Hygiene
Alice and Bob Learn Application Security is perfect for aspiring application security engineers and practicing software developers, as well as software project managers, penetration testers, and chief information security officers who seek to build or improve their application security programs.
Alice and Bob Learn Application Security illustrates all the included concepts with easy-to-understand examples and concrete practical applications, furthering the reader’s ability to grasp and retain the foundational and advanced topics contained within.
Table of contents
- Cover
- Foreword
- Introduction
- Part I: What You Must Know to Write Code Safe Enough to Put on the Internet
-
Part II: What You Should Do to Create Very Good Code
- CHAPTER 6: Testing and Deployment
- CHAPTER 7: An AppSec Program
-
CHAPTER 8: Securing Modern Applications and Systems
- APIs and Microservices
- Online Storage
- Containers and Orchestration
- Serverless
- Infrastructure as Code (IaC)
- Security as Code (SaC)
- Platform as a Service (PaaS)
- Infrastructure as a Service (IaaS)
- Continuous Integration/Delivery/Deployment
- Dev(Sec)Ops
- The Cloud
- Cloud Workflows
- Modern Tooling
- Modern Tactics
- Summary
- Exercises
- Part III: Helpful Information on How to Continue to Create Very Good Code
-
APPENDIX A: Resources
- Introduction
- Chapter 1: Security Fundamentals
- Chapter 2: Security Requirements
- Chapter 3: Secure Design
- Chapter 4: Secure Code
- Chapter 5: Common Pitfalls
- Chapter 6: Testing and Deployment
- Chapter 7: An AppSec Program
- Chapter 8: Securing Modern Applications and Systems
- Chapter 9: Good Habits
- Chapter 10: Continuous Learning
-
APPENDIX B: Answer Key
- Chapter 1: Security Fundamentals
- Chapter 2: Security Requirements
- Chapter 3: Secure Design
- Chapter 4: Secure Code
- Chapter 5: Common Pitfalls
- Chapter 6: Testing and Deployment
- Chapter 7: An AppSec Program
- Chapter 8: Securing Modern Applications and Systems
- Chapter 9: Good Habits
- Chapter 10: Continuous Learning
- Index
- End User License Agreement
Product information
- Title: Alice and Bob Learn Application Security
- Author(s):
- Release date: November 2020
- Publisher(s): Wiley
- ISBN: 9781119687351
You might also like
book
Zero Trust Security: An Enterprise Guide
Understand how Zero Trust security can and should integrate into your organization. This book covers the …
video
Making Sense of Application Security
Adib Saikali uses real-world scenarios to build out a roadmap for application developers and architects to …
book
Web Application Security, 2nd Edition
In the first edition of this critically acclaimed book, Andrew Hoffman defined the three pillars of …
book
Container Security
To facilitate scalability and resilience, many organizations now run applications in cloud native environments using containers …