Software Security for Developers: With Examples in Java and Spring
暫譯: 開發者的軟體安全:以 Java 和 Spring 為例
Saikali, Adib, Spilca, Laurentiu
相關主題
商品描述
Free PDF and epub formats plus online reader with AI assistant. Cloud applications have special security requirements and concerns. This book demonstrates effective real-world practices to keep your cloud and Kubernetes-deployed applications safe and sound. It is a hands-on guide for working developers. It minimizes the abstract and complex security theory, instead focusing on the practices you need to secure applications running on Kubernetes and the cloud. In it, you'll learn how to take advantage of pre-built security services in your daily development. Authors Adib Saikali and Laurentiu Spilca take a developer-to-developer approach, sharing hard-won lessons from many years securing software in real-world environments. Easy-to-follow sample applications written in Java take you hands-on with security standards and protocols, turning complex concepts into practical solutions. In this book you will learn how to: - Configure industry standard security protocols correctly
- Quickly debug errors and exceptions form security libraries
- Utilize the developer-friendly Google Tink cryptography library
- Work with X.509 digital certificates for implementing application security
- Setup passwordless logins using the WebAuthentication protocol
- Implement single sign on using OpenID Connect protocol
- Establish authentication and authorization services using the Spring Authorization Server
- Make use of popular secret storage solutions including HashiCorp Vault, AWS KMS, Google KMS, and Azure Key Vault
- Use the security features of Kubernetes to secure deployed applications
- Securely containerize application code About the technology Despite its absolute importance, security practices can appear to be confusing, complex, and mysterious. This book breaks down the fundamentals of securing cloud-based applications in a way that's both practical and easy to understand. The goal is simple: you'll learn the concepts and practices you'll need to keep your cloud applications and data safe during development and after deployment. About the book Software Security for Developers demystifies complex security protocols, algorithms, and patterns, and demonstrates how to put them into practice in everyday development. This one-stop guide to all major security concepts will teach you how to rapidly debug security-related issues, and put an end to unreliable fixes. Sample cloud applications help illustrate complex security ideas in a digestible and developer-friendly way. Discover how to use cryptographic algorithms correctly, liberate your users from constant passwords and logins, and make your life easier with prebuilt security from leading cloud key management vaults and services. By the time you're done, you'll know everything you need to keep your applications secure and your company's data safe. About the reader For intermediate Java developers ready to up their security skills. About the author Adib Saikali started his professional software development career in 1995. Over the past 25 years he has implemented security in a variety of applications. Adib is currently a principal solutions engineer at VMware Tanzu and a regular conference speaker. Laurentiu Spilca is a skilled Java and Spring developer and an experienced technology instructor. He is also the author of Manning's Spring Start Here, Troubleshooting Java, and Spring Security in Action.
- Quickly debug errors and exceptions form security libraries
- Utilize the developer-friendly Google Tink cryptography library
- Work with X.509 digital certificates for implementing application security
- Setup passwordless logins using the WebAuthentication protocol
- Implement single sign on using OpenID Connect protocol
- Establish authentication and authorization services using the Spring Authorization Server
- Make use of popular secret storage solutions including HashiCorp Vault, AWS KMS, Google KMS, and Azure Key Vault
- Use the security features of Kubernetes to secure deployed applications
- Securely containerize application code About the technology Despite its absolute importance, security practices can appear to be confusing, complex, and mysterious. This book breaks down the fundamentals of securing cloud-based applications in a way that's both practical and easy to understand. The goal is simple: you'll learn the concepts and practices you'll need to keep your cloud applications and data safe during development and after deployment. About the book Software Security for Developers demystifies complex security protocols, algorithms, and patterns, and demonstrates how to put them into practice in everyday development. This one-stop guide to all major security concepts will teach you how to rapidly debug security-related issues, and put an end to unreliable fixes. Sample cloud applications help illustrate complex security ideas in a digestible and developer-friendly way. Discover how to use cryptographic algorithms correctly, liberate your users from constant passwords and logins, and make your life easier with prebuilt security from leading cloud key management vaults and services. By the time you're done, you'll know everything you need to keep your applications secure and your company's data safe. About the reader For intermediate Java developers ready to up their security skills. About the author Adib Saikali started his professional software development career in 1995. Over the past 25 years he has implemented security in a variety of applications. Adib is currently a principal solutions engineer at VMware Tanzu and a regular conference speaker. Laurentiu Spilca is a skilled Java and Spring developer and an experienced technology instructor. He is also the author of Manning's Spring Start Here, Troubleshooting Java, and Spring Security in Action.
商品描述(中文翻譯)
免費的 PDF 和 epub 格式,還有帶 AI 助手的線上閱讀器。
雲端應用程式有特殊的安全需求和考量。本書展示了有效的實務做法,以確保您的雲端和 Kubernetes 部署的應用程式安全無虞。這是一本針對在職開發者的實作指南。它最小化了抽象和複雜的安全理論,專注於您需要的實務,以保護在 Kubernetes 和雲端上運行的應用程式。在本書中,您將學習如何在日常開發中利用預建的安全服務。作者 Adib Saikali 和 Laurentiu Spilca 採取開發者對開發者的方式,分享了多年來在真實環境中保護軟體的艱辛經驗。易於跟隨的 Java 範例應用程式將帶您親身體驗安全標準和協議,將複雜的概念轉化為實用的解決方案。在本書中,您將學習如何: - 正確配置行業標準的安全協議- 快速調試安全庫中的錯誤和例外
- 利用開發者友好的 Google Tink 加密庫
- 使用 X.509 數位證書來實現應用程式安全
- 使用 WebAuthentication 協議設置無密碼登錄
- 使用 OpenID Connect 協議實現單一登入
- 使用 Spring Authorization Server 建立身份驗證和授權服務
- 利用流行的秘密儲存解決方案,包括 HashiCorp Vault、AWS KMS、Google KMS 和 Azure Key Vault
- 使用 Kubernetes 的安全功能來保護已部署的應用程式
- 安全地容器化應用程式代碼 關於技術 儘管安全實踐至關重要,但它們有時會顯得混亂、複雜且神秘。本書以實用且易於理解的方式分解了保護雲端應用程式的基本原則。目標很簡單:您將學習在開發和部署後保持雲端應用程式和數據安全所需的概念和實踐。 關於本書 開發者的軟體安全 解密了複雜的安全協議、算法和模式,並展示了如何在日常開發中將它們付諸實踐。這本涵蓋所有主要安全概念的一站式指南將教您如何快速調試與安全相關的問題,並終結不可靠的修復方法。範例雲端應用程式幫助以易於消化且開發者友好的方式說明複雜的安全概念。了解如何正確使用加密算法,解放您的用戶免於不斷的密碼和登錄,並通過領先的雲端密鑰管理庫和服務的預建安全功能使您的生活更輕鬆。當您完成時,您將知道保持應用程式安全和公司數據安全所需的一切。 關於讀者 針對準備提升安全技能的中級 Java 開發者。 關於作者 Adib Saikali 於 1995 年開始他的專業軟體開發生涯。在過去的 25 年中,他在各種應用程式中實施了安全性。Adib 目前是 VMware Tanzu 的首席解決方案工程師,並且是定期的會議演講者。 Laurentiu Spilca 是一位熟練的 Java 和 Spring 開發者,也是經驗豐富的技術講師。他還是 Manning 出版社的 Spring Start Here、Troubleshooting Java 和 Spring Security in Action 的作者。
作者簡介
Adib Saikali started his professional software development career in 1995. Over the past 25 years he has implemented security in a variety of applications. Adib is currently a principal solutions engineer at VMware Tanzu and a regular conference speaker. Laurentiu Spilca is a skilled Java and Spring developer and an experienced technology instructor. He is the author of Manning's Spring Start Here and Spring Security in Action.
作者簡介(中文翻譯)
Adib Saikali 於1995年開始他的專業軟體開發生涯。在過去的25年中,他在各種應用程式中實施了安全性。Adib 目前是 VMware Tanzu 的首席解決方案工程師,並且是定期的會議演講者。
Laurentiu Spilca 是一位熟練的 Java 和 Spring 開發者,以及一位經驗豐富的技術講師。他是 Manning 出版社的《Spring Start Here》和《Spring Security in Action》的作者。
![2026【圖解觀念統整】民法概要[題庫+歷年試題][十七版](不動產經紀人)-cover](https://cf-assets2.tenlong.com.tw/products/images/000/262/136/medium/getImage.jpg?1778568286)
