Goodreads helps you keep track of books you want to read.
Start by marking “Secure by Design” as Want to Read:
Secure by Design
Enlarge cover
Rate this book
Clear rating
Open Preview

Secure by Design

3.88  ·  Rating details ·  64 ratings  ·  8 reviews
As a developer, you need to build software in a secure way. But you can't spend all your time focusing on security. The answer is to use good design principles, tools, and mindsets that make security an implicit result - it's secure by design. Then secure-by-design becomes a guiding principle in how you build your software, from code to architecture. This begins by underst ...more
Paperback, 375 pages
Published 2017 by Manning
More Details... Edit Details

Friend Reviews

To see what your friends thought of this book, please sign up.

Reader Q&A

To ask other readers questions about Secure by Design, please sign up.

Be the first to ask a question about Secure by Design

This book is not yet featured on Listopia. Add this book to your favorite list »

Community Reviews

Showing 1-30
Average rating 3.88  · 
Rating details
 ·  64 ratings  ·  8 reviews


More filters
 | 
Sort order
Start your review of Secure by Design
Alexander
Dec 16, 2019 rated it it was ok
Shelves: computers
The book is a torture to read. Although it contains some good ideas, which are, by the way, not new ones - the authors merely remind us about good existing practices, - it seems that the main goal was to write as many pages as possible telling as little as possible. Some concepts are repeated over and over again, so you get irritated reading the same thing for tenth time, not only across the book, but even in the same chapter.

The length of the book is further increased by introducing concepts a
...more
Johnny
Sep 24, 2018 rated it it was ok
There are some great ideas right at the beginning of the book. Don’t try to add security as a feature, instead put it in the design. Don’t use the basic data types like string, int and float for concepts that have important business rules attached.
The example with a negative quantity in a shopping bag shows this well: Using an int offers the possibility to use a negative number. What happens if you order -1 book? In his example the book store tried to send a check to get even with the customer.
...more
Eduards Sizovs
Oct 09, 2019 rated it liked it
The book promotes an important idea, that developers should be designing software domain models that can protect themselves from harm – security attacks, data corruption, invariant breaches. I completely agree with the idea, and the book has some good examples, such as leveraging type-safety and value objects, designing a sound exception handling hierarchy, but in general I found the content shallow. The whole idea can be described in a single blog post.

The book is OK. Read this book and skim th
...more
Łukasz Biedrycki
Dec 28, 2018 rated it liked it
This is a good book, I just prefer more condensed content.
Jakub
Apr 11, 2020 rated it it was ok
This book should be called:

DDD - how to validate inputs

or:

DDD - Use Domain Primitives

or:

Hey! we will talk about security in chapter 14 that is 10 pages long.


2 stars:
chapter 14, thanks
what authors says about how to design using DDD is true, but firstly you need to design in DDD way. For instance, receipt for legacy system from the authors is... use DDD...

Sorry, but I was expecting something completely different. even from reading back of the book cover. I did not expect another book about DDD.
Maciej Pakulski
Jun 26, 2019 rated it really liked it
Quite interesting, mostly recommended for junior/mid developers.
Rene Stein
May 05, 2019 rated it it was ok
Hodnocení pro MEAP v13.
Henrik Warne
Mar 18, 2020 rated it it was amazing
The key insight in this book is that good software design often leads to good security. Therefore, you don’t have to choose between features and security – you can have both at the same time. The most important idea in this regard is domain primitives. Never represent anything as a primitive type (string, int, float etc). Instead, create custom classes that capture the domain restrictions. For example, the quantity of books ordered should not be an int. Instead, it should be a Quantity value obj ...more
Karol
rated it liked it
Sep 07, 2018
Hans
rated it really liked it
Sep 07, 2020
Andreas
rated it it was amazing
Feb 02, 2020
Djamel Benali
rated it it was amazing
Jan 04, 2021
Mohamed
rated it really liked it
Apr 12, 2020
Wim Vandenhaute
rated it really liked it
Aug 27, 2020
Jonas
rated it really liked it
Feb 23, 2020
Triple D
rated it really liked it
May 07, 2018
Héctor
rated it liked it
Jan 20, 2021
Lina Hejenstedt
rated it really liked it
Jun 11, 2020
Eduardo Díaz
rated it it was amazing
Oct 31, 2020
Kosta Petan
rated it it was ok
Aug 03, 2019
Blaine
rated it it was amazing
Jan 12, 2021
Gustavo Tavares
rated it it was amazing
Apr 11, 2021
Manh Tai
rated it really liked it
Jul 07, 2020
Name
rated it really liked it
Oct 29, 2019
Sara Wänerskär
rated it really liked it
Sep 21, 2019
Subhajit Das
rated it liked it
Nov 29, 2019
Peter Sellars
rated it it was amazing
Sep 17, 2020
Tom
rated it really liked it
Nov 16, 2019
Vlad GURDIGA
rated it it was amazing
Feb 13, 2019
« previous 1 3 next »
topics  posts  views  last activity   
Goodreads Librari...: Update cover 3 20 Sep 25, 2019 03:24AM  

Readers also enjoyed

  • Clean Code: A Handbook of Agile Software Craftsmanship
  • Monolith to Microservices: Sustaining Productivity While Detangling the System
  • Effective TypeScript: 62 Specific Ways to Improve Your TypeScript
  • First as Tragedy, Then as Farce
  • The Unicorn Project
  • A Philosophy of Software Design
  • Web Application Security: Exploitation and Countermeasures for Modern Web Applications
  • The Passionate Programmer
  • Carlo Ancelotti: The Beautiful Games of an Ordinary Genius
  • Team Topologies: Organizing Business and Technology Teams for Fast Flow
  • Head First Design Patterns
  • The Manager's Path: A Guide for Tech Leaders Navigating Growth and Change
  • Secrets of the JavaScript Ninja
  • Money
  • Refactoring: Improving the Design of Existing Code
  • Defending the Cavewoman: And Other Tales of Evolutionary Neurology
  • A General Theory of Love
  • Kubernetes in Action
See similar books…

Goodreads is hiring!

If you like books and love to build cool products, we may be looking for you.
Learn more »

News & Interviews

The coming season is a big one for the science fiction and fantasy genres, with the release of some of 2021's most anticipated speculative...
126 likes · 77 comments