Baking Security In
One great advantage that we have as web application developers is the ability to quickly and easily make changes to our applications. Compared to box-product application developers, who have to issue patches in order to fix bugs (and then hope that as many users as possible actually install those patches), we can just edit the server code and every user will just automatically pick up the changes. This convenience is great and enables us to be nimble and responsive, but unless we’re disciplined about it, it can be a dual-edged sword.
The Earlier, the Better
Since it’s relatively easy to make fixes in web applications, there can be a temptation to take a strictly reactive approach to application security: If someone finds a ...
Get Web Application Security, A Beginner's Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
