Book description
Learn application security from the very start, with this comprehensive and approachable guide!
Alice and Bob Learn Application Security is an accessible and thorough resource for anyone seeking to incorporate, from the beginning of the System Development Life Cycle, best security practices in software development. This book covers all the basic subjects such as threat modeling and security testing, but also dives deep into more complex and advanced topics for securing modern software systems and architectures. Throughout, the book offers analogies, stories of the characters Alice and Bob, real-life examples, technical explanations and diagrams to ensure maximum clarity of the many abstract and complicated subjects.
Topics include:
- Secure requirements, design, coding, and deployment
- Security Testing (all forms)
- Common Pitfalls
- Application Security Programs
- Securing Modern Applications
- Software Developer Security Hygiene
Alice and Bob Learn Application Security is perfect for aspiring application security engineers and practicing software developers, as well as software project managers, penetration testers, and chief information security officers who seek to build or improve their application security programs.
Alice and Bob Learn Application Security illustrates all the included concepts with easy-to-understand examples and concrete practical applications, furthering the reader’s ability to grasp and retain the foundational and advanced topics contained within.
Table of contents
- Cover
- Foreword
- Introduction
- Part I: What You Must Know to Write Code Safe Enough to Put on the Internet
-
Part II: What You Should Do to Create Very Good Code
- CHAPTER 6: Testing and Deployment
- CHAPTER 7: An AppSec Program
-
CHAPTER 8: Securing Modern Applications and Systems
- APIs and Microservices
- Online Storage
- Containers and Orchestration
- Serverless
- Infrastructure as Code (IaC)
- Security as Code (SaC)
- Platform as a Service (PaaS)
- Infrastructure as a Service (IaaS)
- Continuous Integration/Delivery/Deployment
- Dev(Sec)Ops
- The Cloud
- Cloud Workflows
- Modern Tooling
- Modern Tactics
- Summary
- Exercises
- Part III: Helpful Information on How to Continue to Create Very Good Code
-
APPENDIX A: Resources
- Introduction
- Chapter 1: Security Fundamentals
- Chapter 2: Security Requirements
- Chapter 3: Secure Design
- Chapter 4: Secure Code
- Chapter 5: Common Pitfalls
- Chapter 6: Testing and Deployment
- Chapter 7: An AppSec Program
- Chapter 8: Securing Modern Applications and Systems
- Chapter 9: Good Habits
- Chapter 10: Continuous Learning
-
APPENDIX B: Answer Key
- Chapter 1: Security Fundamentals
- Chapter 2: Security Requirements
- Chapter 3: Secure Design
- Chapter 4: Secure Code
- Chapter 5: Common Pitfalls
- Chapter 6: Testing and Deployment
- Chapter 7: An AppSec Program
- Chapter 8: Securing Modern Applications and Systems
- Chapter 9: Good Habits
- Chapter 10: Continuous Learning
- Index
- End User License Agreement
Product information
- Title: Alice and Bob Learn Application Security
- Author(s):
- Release date: November 2020
- Publisher(s): Wiley
- ISBN: 9781119687351
You might also like
video
The Complete Cybersecurity Bootcamp (Video Collection): Threat Defense, Ethical Hacking, and Incident Handling
More than 25 Hours of Expert Video Instruction An updated edition of this video title is …
book
Shifting Left for Application Security
Security is a paramount concern for developers, operations and security engineers, and company CISOs alike. Security …
book
Security in Computing, 6th Edition
The New State of the Art in Information Security: From Cloud to Crypto, AI-Driven Security to …
book
API Security in Action
A web API is an efficient way to communicate with an application or service. However, this …