First of all I find this an extremely interesting subject...
I'm just coming out of an interview for what we call an information security officer...and secure
code has been part of the questions...
Regarding your book...do you also describe how to test the application after you've secured
them with your examples?
posted 3 years ago
Thank you for your question! Yes, the topic of secure code is finally getting the attention it deserves, particularly after all of the major breaches such as Sony and others.
I do discuss the importance of Peer Code Reviews and the use of tools such as FindBugs! to assist in such tasks to facilitate the labor involved. This is in the last chapter of the
book. Application Security and the SDLC, in general, is a subject that I can elaborate on quite a bit since I have quite a passion on the subject, so please let me know if you have further questions.
"So this is how liberty dies - to thunderous applause" -- Padme (Star Wars - Episode III)