{"product_id":"building-secure-software-nikolai-lebedevz-9798305227475","title":"Building Secure Software: A Hands-On Guide for Developers","description":"In an era where cyber threats are evolving at an unprecedented rate, building secure software has become a critical necessity for developers across all industries. \u003cb\u003eBuilding Secure Software: A Hands-On Guide for Developers\u003c\/b\u003e by \u003cb\u003e\u003ci\u003eNikolai Lebedevz\u003c\/i\u003e\u003c\/b\u003e is your comprehensive roadmap to mastering the art and science of secure software development. This essential guide equips you with the knowledge, techniques, and best practices needed to protect your applications from the increasing array of vulnerabilities and threats. \u003cp\u003e\u003c\/p\u003e\u003cb\u003eWhy This Book?\u003c\/b\u003e \u003cp\u003e\u003c\/p\u003eAs a developer, you play a pivotal role in safeguarding sensitive data, maintaining user trust, and ensuring compliance with evolving regulatory requirements. Yet, many software development teams still view security as an afterthought, often integrating it only during the testing phase. This book changes that narrative by embedding security into every stage of the software development lifecycle (SDLC). \u003cp\u003e\u003c\/p\u003e\u003cb\u003eWhat You'll Learn\u003c\/b\u003e \u003cp\u003e\u003c\/p\u003eThis hands-on guide covers a broad range of topics that are crucial for secure software development: \u003cp\u003e\u003c\/p\u003e\u003cb\u003eUnderstanding the Security Landscape\u003c\/b\u003e: Discover common threats and vulnerabilities that impact applications today, and learn how to recognize and address them effectively. \u003cp\u003e\u003c\/p\u003e\u003cb\u003eThreat Modeling and Risk Assessment\u003c\/b\u003e: Master frameworks like STRIDE and PASTA to identify and categorize potential threats. Learn how to prioritize and mitigate risks to create more secure applications. \u003cp\u003e\u003c\/p\u003e\u003cb\u003eSecure Coding Principles\u003c\/b\u003e: Explore fundamental secure coding standards from OWASP, CWE, and SANS. Understand common pitfalls and anti-patterns, and implement defensive programming techniques to minimize vulnerabilities. \u003cp\u003e\u003c\/p\u003e\u003cb\u003eAuthentication and Access Control\u003c\/b\u003e: Dive into robust authentication mechanisms such as OAuth and OpenID Connect. Learn to implement role-based and attribute-based access control to ensure that users have the right permissions. \u003cp\u003e\u003c\/p\u003e\u003cb\u003eData Encryption and Storage Security\u003c\/b\u003e: Gain insights into choosing the right cryptographic algorithms and libraries. Understand how to securely store sensitive data using hashing, salting, and effective key management practices. \u003cp\u003e\u003c\/p\u003e\u003cb\u003eSecuring Web Applications\u003c\/b\u003e: Identify and mitigate common web vulnerabilities like XSS and CSRF. Learn input validation and output encoding techniques to fortify your web applications. \u003cp\u003e\u003c\/p\u003e\u003cb\u003eAPI Security and Secure Data Exchange\u003c\/b\u003e: Understand best practices for securing RESTful APIs, including authentication, authorization, and rate limiting. Explore how to secure data in transit using HTTPS and API gateways. \u003cp\u003e\u003c\/p\u003e\u003cb\u003eSecure Software Design and Architecture\u003c\/b\u003e: Learn principles of secure application architecture, including the least privilege and zero trust models. Understand how to build scalable and resilient systems. \u003cp\u003e\u003c\/p\u003e\u003cb\u003eContinuous Security in DevOps (DevSecOps)\u003c\/b\u003e: Discover how to integrate security into CI\/CD pipelines, automate security testing, and adopt a shift-left approach to bring security considerations into early development phases. \u003cp\u003e\u003c\/p\u003e\u003cb\u003ePenetration Testing and Code Reviews\u003c\/b\u003e: Understand the fundamentals of penetration testing and the importance of static and dynamic code analysis tools. Learn to conduct effective security code reviews to identify vulnerabilities early. \u003cp\u003e\u003c\/p\u003e\u003cb\u003eWho Should Read This Book?\u003c\/b\u003e \u003cp\u003e\u003c\/p\u003eBuilding Secure Software is tailored for software developers, DevOps engineers, security professionals, and team leaders who want to elevate their understanding of secure software development practices. Whether you're a seasoned developer or just starting your journey in software engineering, this book provides practical insights and actionable strategies to help you create secure applications that meet today's security challenges.\u003cbr\u003e\u003cbr\u003e\u003cb\u003eAuthor:\u003c\/b\u003e Nikolai Lebedevz\u003cbr\u003e\u003cb\u003eISBN-13:\u003c\/b\u003e 9798305227475\u003cbr\u003e\u003cb\u003ePublisher:\u003c\/b\u003e Independently Published\u003cbr\u003e\u003cb\u003eLanguage:\u003c\/b\u003e English\u003cbr\u003e\u003cb\u003ePublished:\u003c\/b\u003e 12\/29\/2024\u003cbr\u003e\u003cb\u003ePages:\u003c\/b\u003e 162\u003cbr\u003e\u003cb\u003eFormat:\u003c\/b\u003e Paperback\u003cbr\u003e\u003cb\u003eWeight:\u003c\/b\u003e 0.86lbs\u003cbr\u003e\u003cb\u003eSize:\u003c\/b\u003e 11.00h x 8.50w x 0.35d","brand":"Nikolai Lebedevz","offers":[{"title":"Paperback","offer_id":48588083298559,"sku":"9798305227475","price":19.99,"currency_code":"USD","in_stock":true}],"url":"https:\/\/www.whiterainbookhouse.com\/products\/building-secure-software-nikolai-lebedevz-9798305227475","provider":"WR Book House","version":"1.0","type":"link"}