12 Guidance in legacy code

This chapter covers

How to deal with ambiguous parameters
Security issues caused by logging
How DRY is about ideas, rather than text
Absence of negative tests as a warning sign
Introducing domain primitives in legacy code

Once you’ve grokked the fundamentals of the secure by design approach, you can start applying the concepts when writing code. This is usually easier when you’re doing greenfield development, but you’ll most likely spend a lot of time working on legacy codebases—codebases that weren’t created with a secure by design mindset. When working on such codebases, it can be difficult to know how to apply the concepts you’ve learned in this book and where to start.

In this chapter, you’ll learn how to identify ...

Get Secure by Design now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Secure by Design by Dan Bergh Johnsson, Daniel Deogun, Daniel Sawano

12 Guidance in legacy code

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly