Nobody builds software from scratch nowadays, least of all web developers. Most of the code powering your website—from the operating system, to the web server, to the programming language libraries you use—will be written by others. So how do you manage vulnerabilities in other people’s code?

Hackers often target known vulnerabilities in popular software components, so it is important to secure third-party code. It is far more efficient for a hacker to scan the web for insecure WordPress instances, for example, than to pick a particular website and try to figure out how it might be vulnerable. So, it’s important that you stay ...

Get Web Security for Developers now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.