Blog Posts
My Secure Web Application Development book
Finally, my book Secure Web Application Development - a Hands-On Guide with Python and Django is out, published by Apress, an imprint of Springer-Nature.
This book is aimed at people that already know something about web development but are not confident at making it secure. It covers all the main things to consider when making your applications hacker-proof, such as:
- Authentication and Authorization
- Password management
- Server deployment
- Cookie security
- Common mistakes: cross-site scripting (XSS), SQL injection
- Techniques such as CORS, CSP
- Developing secure REST APIs
I cover not only the techniques you should use to secure your applications, but the techniques and tools hackers and penetration testers use to exploit vulnerabilities.
If you develop in a language other than Python, you will still be able to use the techniques described in the book. It is just the examples that are in Python.
Where can I get it?
If you belong to a university, there's a good chance your library has a subscription to Springer Link where you'll be able to download it as a PDF for free.
If you don't have the benefit of a generous library, you can still buy it, in electronic form or soft cover (yes, a real book on real paper!)
Here are some links to save you searching:
- On Springer Link - soft cover and PDF
- Amazon in soft cover and for Kindle:
- Waterstones (UK) - soft cover
- Ex Libris (Switzerland) - soft cover
- Ex Libris (Switzerland) - eBook
- Orel Füssli (Switzerland) - soft cover and eBook