?Tanya knows her stuff. She has a huge depth of experience and expertise in application security, DevSecOps, and cloud security. We can all learn a ton of stuff from Tanya, so you should read her book!?
–Dafydd Stuttard, best-selling co-author of The Web Application Hacker’s Handbook, creator of Burp Suite
?I learned so much from this book! Information security is truly everyone’s job ? this book is a fantastic overview of the vast knowledge needed by everyone, from developer, infrastructure, security professionals, and so much more. Kudos to Ms. Janca for writing such an educational and practical primer. I loved the realistic stories that frame real-world problems, spanning everything from design, migrating applications from problematic frameworks, mitigating admin risks, and things that every modern developer needs to know.?
–Gene Kim, bestselling author of The Unicorn Project, co-author of The Phoenix Project, DevOps Handbook, Accelerate
?Practical guidance for the modern era; Tanya does a great job of communicating current day thinking around AppSec in terms we can all relate to.?
-Troy Hunt, creator of “Have I Been Pwned”
–This text refers to an alternate kindle_edition edition.
A TRIED-AND-TESTED APPROACH TO BUILDING SECURITY INTO PROJECTS FROM THE START
Do you have difficulty implementing application security into your software development process? Alice and Bob Learn Application Security shows readers how to “push left” in software, by building security considerations into their system development life cycle, right from the start.
You’ll learn basic security fundamentals and requirements, as well as secure design concepts, all while benefiting from the code, exercises, and examples interspersed throughout the text.
Written by one of the leading voices in the application security field, the book includes answers to the most common questions people starting out in application security often have. It also includes valuable additional resources where readers can find more answers.
The core security concepts are illustrated through references to the personas of Alice and Bob and how their professional lives and businesses drive application security decisions. The book takes a pleasantly straightforward approach that’s heavy on practical strategies and light on needless jargon or complexity. At the same time, it supplies the rigor or richness you would expect to find in a leading resource on the topic of application security.
The book is perfect for current and aspiring software and application developers. It also belongs on the bookshelves of software project managers, Chief Information Security Officers, and penetration testers who seek to improve their craft and their ability to deliver valuable results.
Alice and Bob Learn Application Security will teach you everything you need to know about:
- Security fundamentals and requirements
- Secure design concepts
- Secure coding (with guidelines)
- The basics of threat modelling and security testing
- How to build an AppSec program
- Modern application security concerns and defenses
- How to implement security hygiene protocols for developers and IT staff
–This text refers to an alternate kindle_edition edition.
From the Back Cover
A TRIED-AND-TESTED APPROACH TO BUILDING SECURITY INTO PROJECTS FROM THE START
Do you have difficulty implementing application security into your software development process? Alice and Bob Learn Application Security shows readers how to “push left” in software, by building security considerations into their system development life cycle, right from the start.
You’ll learn basic security fundamentals and requirements, as well as secure design concepts, all while benefiting from the code, exercises, and examples interspersed throughout the text.
Written by one of the leading voices in the application security field, the book includes answers to the most common questions people starting out in application security often have. It also includes valuable additional resources where readers can find more answers.
The core security concepts are illustrated through references to the personas of Alice and Bob and how their professional lives and businesses drive application security decisions. The book takes a pleasantly straightforward approach that’s heavy on practical strategies and light on needless jargon or complexity. At the same time, it supplies the rigor or richness you would expect to find in a leading resource on the topic of application security.
The book is perfect for current and aspiring software and application developers. It also belongs on the bookshelves of software project managers, Chief Information Security Officers, and penetration testers who seek to improve their craft and their ability to deliver valuable results.
Alice and Bob Learn Application Security will teach you everything you need to know about:
- Security fundamentals and requirements
- Secure design concepts
- Secure coding (with guidelines)
- The basics of threat modelling and security testing
- How to build an AppSec program
- Modern application security concerns and defenses
- How to implement security hygiene protocols for developers and IT staff
–This text refers to an alternate kindle_edition edition.
About the Author
Tanya Janca, also known as SheHacksPurple, is the founder of We Hack Purple, an online learning academy dedicated to teaching everyone how to create secure software. With over twenty years of IT and coding experience, she has won numerous awards and worked as a developer, pentester, and AppSec Engineer. She was named Hacker of the Year by the Cybersecurity Woman of the Year 2019 Awards and is the Founder of WoSEC International, #CyberMentoringMonday, and OWASP DevSlop.
–This text refers to an alternate kindle_edition edition.
