Overview
The world has changed. Today, every time you make a site live, you're opening it up to attack.
A first-time developer can easily be discouraged by the difficulties involved with properly securing a website. But have hope: an army of security researchers is out there discovering, documenting, and fixing security flaws. Thankfully, the tools you'll need to secure your site are freely available and generally easy to use.
Web Security for Developers will teach you how your websites are vulnerable to attack and how to protect them. Each chapter breaks down a major security vulnerability and explores a real-world attack, coupled with plenty of code to show you both the vulnerability and the fix.
You'll learn how to:
• Protect against SQL injection attacks, malicious JavaScript, and cross-site request forgery
• Add authentication and shape access control to protect accounts
• Lock down user accounts to prevent attacks that rely on guessing passwords, stealing sessions,
• or escalating privileges
• Implement encryption
• Manage vulnerabilities in legacy code
• Prevent information leaks that disclose vulnerabilities
• Mitigate advanced attacks like malvertising and denial-of-service
As you get stronger at identifying and fixing vulnerabilities, you'll learn to deploy disciplined, secure code and become a better programmer along the way.
While major retailers like Amazon may carry Web Security for Developers (Real Threats, Practical Defense), we specialize in bulk book sales and offer personalized service from our friendly, book-smart team based in Portland, Oregon. We’re proud to offer a Price Match Guarantee and a streamlined ordering experience from people who truly care.
We’re trusted by over 75,000 customers, many of whom return time and again. Want proof? Just check out our 25,000+ customer reviews—real feedback from people who love how we do business.
Prefer to talk to a real person? Our Book Specialists are here Monday–Friday, 8 a.m. to 5 p.m. PST and ready to help with your bulk order of Web Security for Developers (Real Threats, Practical Defense).