I really like Secure by Design. The key idea is that there is a big overlap between secure code and good software design. Code that is strict, clear and focused will be easier to reason about, and will have fewer bugs. This in turn makes it less vulnerable to attacks. This is easy to say, but Secure by Design is full of techniques for how to actually do this. Here are the ideas from the book that I liked the most.
MOST POPULAR
-
RECENT POSTS
- Well-maintained Software
- Algorithmic Trading: A Practitioner’s Guide
- There Is No Software Maintenance
- Switching to Go – First Impressions
- Effective Software Testing – A Developer’s Guide
- On Code Reviews
- Book Review: A Philosophy of Software Design
- On Comments in Code
- 4 Things I Like About Microservices
- Recruiting Software Developers – Coding Tests
- More Good Programming Quotes, Part 5
- 6 Small Unit Testing Tips
- Mathematical Modelling of Football
- Deployed To Production Is Not Enough
- Good Logging
- Working From Home – Cons and Pros
- Artificial Intelligence – A Guide for Thinking Humans
- 20.5 Years of XP and Agile
- Secure by Design
- More Good Programming Quotes, Part 4
- Grokking Deep Learning
- EuroSTAR Testing Conference Prague 2019
- Classic Computer Science Problems in Python
- When TDD Is Not a Good Fit
- Recruiting Software Developers – Checking Out a Company
- Book Review: Designing Data-Intensive Applications
- Nordic Testing Days Tallinn 2019
- Book review: Accelerate
- More Good Programming Quotes, Part 3
- Programming: Math or Writing?
- Developer On Call
- My Favorite Command-Line Shortcuts
- 6 Git Aha Moments
- Is Manual Testing Needed?
- Exercises in Programming Style
- Programming for Grade 8
- 6 Years of Thoughts on Programming
- Benefits of Continuous Delivery
- More Good Programming Quotes, Part 2
- Developer Testing
- Programming Conference – QCon New York 2017
- Developers – Talk To People
- Code Rot
- Programmer Career Planning
- Software Development and the Gig Economy
- Book Review: The Effective Engineer
- Things Programmers Say
- Developer Book Club
- Book Review: Release It!
- 18 Lessons From 13 Years of Tricky Bugs
- Learning From Your Bugs
- More Good Programming Quotes
- The Wisdom of Programming Quotes
- Ph.D. or Professional Programmer?
- Social Engineering from Kevin Mitnick
- Recruiting Software Developers – Initial Contact
- Coursera Course Review: Software Security
- Lessons Learned in Software Development
- Book Review: Clean Code
- Coursera Course Review: Computational Investing Part 1
- Programmer Knowledge
- 5 Reasons Why Software Developer is a Great Career Choice
- A Response to “Why Most Unit Testing is Waste”
- What Makes a Good Programmer?
- Switching from Java to Python – First Impressions
- Antifragility and Software Development
- 5 Unit Testing Mistakes
- Unit Testing Private Methods
- A Bug, a Trace, a Test, a Twist
- Session-based Logging
- Finding Bugs: Debugger versus Logging
- TDD, Unit Tests and the Passage of Time
- Automatically Include Revision in Log Statement
- 7 Ways More Methods Can Improve Your Program
- LinkedIn – Good or Bad?
- Great Programmers Write Debuggable Code
- SET Card Game Variation – Complementary Pairs
- Programmer Productivity – Interruptions, Meetings and Working Remotely
- What Do Programmers Want?
- Coursera course review: Algorithms: Design and Analysis, Part 2
- Blog stats for 2012 (by WordPress)
- Working as a Software Developer
- 4 Reasons Why Bugs Are Good For You
- Book Review: How Google Tests Software
- Top 5 Surprises When Starting Out as a Software Developer
- Programmer Productivity: Emacs versus IntelliJ IDEA
- Why I Love Coding
- Coursera course review: Design and Analysis of Algorithms I
- Mac OS X Break Programs Review
- Favorite Programming Quotes
- How I Beat Repetitive Stress Injury
- Introduction to Databases – On-line Learning Done Well
- 10 million SET games simulated using “Random among ‘most similar’ Sets”
- 10 million SET games simulated using “Random among available Sets”
- 10 million SET games simulated using “First found Set”
- SET® Probabilities Revisited
TAG CLOUD
algorithms book book review break program bugs career code coding conference coursera creativity databases debugging developer testing DevOps emacs ergonomics face to face Google hiring ide idea integration testing intellij interruption job knowledge learning linkedin logging love machine learning Mac OS X meeting meta methods office on-line course probabilities production software productivity professional software development programmer programming programming course programming job python quotes recruiting refactoring Repetitive Stress Injury review revision RSI security SET game simulation software development statistics stats stretches subversion surprises svn tdd test-driven development testing time trouble-shooting unit-test unit testing university version work workingRSS
-
Join 365 other subscribers
Henrik Warne's blog 