What do you think?
Rate this book
Practical Security
Most security professionals don’t have the words “security” or “hacker” in their job title. Instead, as a developer or admin you often have to fit in security alongside your official responsibilities — building and maintaining computer systems. Implement the basics of good security now, and you’ll have a solid foundation if you bring in a dedicated security staff later. Identify the weaknesses in your system, and defend against the attacks most likely to compromise your organization, without needing to become a trained security professional.
- GenresProgrammingCoding
132 pages, Paperback
Published February 13, 2019
5 people are currently reading
58 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 6 of 6 reviews
June 17, 2019
I know it might be funny, but, it's a really practical book ! :)
June 28, 2020
A little book about a few simple practices you can adapt to massively improve security. Chapter 1 is about patching and how important it is to address vulnerabilities in the software you use. Be that applications or dependencies – the faster you fix those holes, the better off you are. Vulnerabilities like SQL Injection and XSS are covered as well as the evergreen “do not write your own crypto algorithm”. The author addresses a massive problem of S3 (the storage system of Amazon). Through an unfortunate name of the “authorized” access group, one may easily think that only people that are authorized with your application can access these S3 buckets. However, Amazon means everyone authenticated at AWS can see them. This discrepancy leads to the many data leaks we saw in the past. The lesson of this story is you need to read the documentation – even (or especially) when you think you know what is going on. The advices in this book are actionable and definitely a must read for every software developer.
February 27, 2019
Great! This is a fantastic entry primer on security particularly for software engineers, though it also delves a bit into corporate IT (very Windows heavy for that part). It covers the basics of what and how to implement cryptography for passwords, audit and patch vulnerabilities, and even goes into the basics of preventing SQL injection. Read this if you are a web developer without a traditional comp-sci background to get through most of what you will need building basic applications. If you are well versed in networking and infrastructure or larger scale architecture, read this as a reminder that other more junior individuals in your organization may not have all these practices as rote quite yet.
October 1, 2020
As someone who's had to go through several of these 'security onboarding' and 'fixing' steps in several codebases in the industry, I appreciate this comprehensive albeit whirlwind tour of all important aspects of software security.
January 11, 2021
This is a perfectly fine intro to basic security for folks that are not exactly security practitioners. You could glean all this information from cruising through lots of info online, but it's good to have it all collected in one volume here.
December 12, 2020
Great concise and practical overview of the security topic, useful for both ops people, developers and IT managers.
Displaying 1 - 6 of 6 reviews