0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Secure Software Development

You're reading from Secure Software Development Learn to analyze and mitigate risks in your software projects

Product type Paperback

Published in Mar 2024

Publisher Packt

ISBN-13 9781835462836

Length 262 pages

Edition 1st Edition

Concepts

Application Development

Author (1):

Aspen Olmsted

View More author details

Table of Contents (20) Chapters

Preface

1. Part 1: Modeling a Secure Application FREE CHAPTER

2. Chapter 1: Security Principles

3. Chapter 2: Designing a Secure Functional Model

4. Chapter 3: Designing a Secure Object Model

5. Chapter 4: Designing a Secure Dynamic Model

6. Chapter 5: Designing a Secure System Model

7. Chapter 6: Threat Modeling

8. Part 2: Mitigating Risks in Implementation

9. Chapter 7: Authentication and Authorization

10. Chapter 8: Input Validation and Sanitization

11. Chapter 9: Standard Web Application Vulnerabilities

12. Chapter 10: Database Security

13. Part 3: Security Validation

14. Chapter 11: Unit Testing

15. Chapter 12: Regression Testing

16. Chapter 13: Integration, System, and Acceptance Testing

17. Chapter 14: Software Penetration Testing

18. Index

Why subscribe?

19. Other Books You May Enjoy

Example of enterprise web defenses

Throughout this book, we will build a secure design for an event ticketing system. Envision a software system that allows a box office or a website to sell tickets to a famous musical concert or theatre event. In the previous chapter, we covered code that will properly validate and sanitize input, which is the best defense against XSS. The next chapter will look at code to defend against SQL injection.

To defend against CSRF attacks in PHP, you can use anti-CSRF tokens. Here’s a simple example of how to implement CSRF protection using tokens:

Generate a CSRF token on the server side and include it in the form.
Verify the token when processing the form submission.

Here’s the example PHP code:

<?php
session_start();
session_regenerate_id();
function generateCSRFToken() {
    $token = bin2hex(random_bytes(32)); // Generate a random token
    $_SESSION['csrf_token&apos...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (1)

Aspen Olmsted

Aspen Olmsted

Aspen Olmsted is an associate professor and program director at Wentworth Institute of Technology in the Computer Science department. He obtained a Ph.D. in Computer Science and Engineering from The University of South Carolina. Before his academic career, he was CEO of Alliance Software Corporation. Alliance Software developed N-Tier enterprise applications for the performing arts and humanities market. Dr Olmsted's research focus is on the development of algorithms and architectures for distributed enterprise solutions that can guarantee security and correctness while maintaining high-availability. In his Secure Data Engineering Lab, Aspen mentors over a dozen graduate and undergraduate students each year.

See other products by Aspen Olmsted

Personalised recommendations for you

Based on your interests and search pattern

Pragmatic Microservices with C# and Azure

Pragmatic Microservices with C# and Azure

This book empowers you with in-depth knowledge of microservices architecture using .NET and Azure. Through hands-on tutorials, you'll be able to build, deploy, and manage scalable applications, gaining crucial skills for modern software development.

May 2024 16h 56m

Pragmatic Microservices with C# and Azure

Pragmatic Microservices with C# and Azure

This book empowers you with in-depth knowledge of microservices architecture using .NET and Azure. Through hands-on tutorials, you'll be able to build, deploy, and manage scalable applications, gaining crucial skills for modern software development.

May 2024 16h 56m

Pragmatic Microservices with C# and Azure

Pragmatic Microservices with C# and Azure

This book empowers you with in-depth knowledge of microservices architecture using .NET and Azure. Through hands-on tutorials, you'll be able to build, deploy, and manage scalable applications, gaining crucial skills for modern software development.

May 2024 16h 56m

Pragmatic Microservices with C# and Azure

Pragmatic Microservices with C# and Azure

This book empowers you with in-depth knowledge of microservices architecture using .NET and Azure. Through hands-on tutorials, you'll be able to build, deploy, and manage scalable applications, gaining crucial skills for modern software development.

May 2024 16h 56m

Pragmatic Microservices with C# and Azure

Pragmatic Microservices with C# and Azure

This book empowers you with in-depth knowledge of microservices architecture using .NET and Azure. Through hands-on tutorials, you'll be able to build, deploy, and manage scalable applications, gaining crucial skills for modern software development.

May 2024 16h 56m

Pragmatic Microservices with C# and Azure

Pragmatic Microservices with C# and Azure

This book empowers you with in-depth knowledge of microservices architecture using .NET and Azure. Through hands-on tutorials, you'll be able to build, deploy, and manage scalable applications, gaining crucial skills for modern software development.

May 2024 16h 56m

Pragmatic Microservices with C# and Azure

Pragmatic Microservices with C# and Azure

This book empowers you with in-depth knowledge of microservices architecture using .NET and Azure. Through hands-on tutorials, you'll be able to build, deploy, and manage scalable applications, gaining crucial skills for modern software development.

May 2024 16h 56m

Pragmatic Microservices with C# and Azure

Pragmatic Microservices with C# and Azure

This book empowers you with in-depth knowledge of microservices architecture using .NET and Azure. Through hands-on tutorials, you'll be able to build, deploy, and manage scalable applications, gaining crucial skills for modern software development.

May 2024 16h 56m

Pragmatic Microservices with C# and Azure

Pragmatic Microservices with C# and Azure

This book empowers you with in-depth knowledge of microservices architecture using .NET and Azure. Through hands-on tutorials, you'll be able to build, deploy, and manage scalable applications, gaining crucial skills for modern software development.

May 2024 16h 56m

Pragmatic Microservices with C# and Azure

Pragmatic Microservices with C# and Azure

This book empowers you with in-depth knowledge of microservices architecture using .NET and Azure. Through hands-on tutorials, you'll be able to build, deploy, and manage scalable applications, gaining crucial skills for modern software development.

May 2024 16h 56m

Mastering Python Design Patterns

Mastering Python Design Patterns

Unlock the power of design patterns to build maintainable and scalable software and applications using Python. Authored by Python veterans, this book is your guide to mastering design patterns in Python.

May 2024 9h 52m

Mastering Python Design Patterns

Mastering Python Design Patterns

Unlock the power of design patterns to build maintainable and scalable software and applications using Python. Authored by Python veterans, this book is your guide to mastering design patterns in Python.

May 2024 9h 52m