Much has been and continues to be written on the topic of computer security, but a lot of that content is directed towards computer security professionals. Few resources exist that are written for software developers, by developers. In this work, McDonald seeks to answer the need for a comprehensive exposition on this topic. In this attempt, he succeeds in providing a clear and thorough introduction of what developers need to know about security.
The biggest advantage of this book is that it collects all a developer needs to know in one space. McDonald’s treatment does not go in too much detail for the audience, as in many security books. Instead, as the book’s subtitle suggests, it pragmatically focuses on how security principles apply to the art and science of programming.
This work is written for a general audience of programmers and not focused on one specific language. The author appears to be a Ruby developer as many of the examples are written in that language. However, knowledge of Ruby is not required to appreciate and learn from this book. Indeed, the vast majority of this book is pertinent to any language on any platform.
Despite these strengths, McDonald’s book exhibits some weakness as it contains very little cutting-edge material. It would have been nice to include towards the end a chapter or two on emerging concepts. Because of this, people who stay engaged with the state-of-the-art might find the book redundant and not worth their time.
Web Security for Developers is geared mainly for web developers who are in early-to-mid career. Despite the introduction’s claim that experienced programmers will fill in a few knowledge gaps, in truth, experienced programmers will find little new here. Nonetheless, this work fills a needed gap in the literature for all that programmers need to know about computer security concepts. This solid work should be relevant for years to come.
Web Security for Developers: Real Threats, Practical Defense
By Malcolm McDonald
Copyright (c) 2020
No Starch Press
ISBN13 9781593279943
eBook
Genre: Computer Science
www.amazon.com