• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • Liutauras Vilda
  • Jeanne Boyarsky
  • paul wheaton
Sheriffs:
  • Ron McLeod
  • Devaka Cooray
  • Henry Wong
Saloon Keepers:
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
  • Tim Moores
  • Mikalai Zaikin
Bartenders:
  • Frits Walraven

Iron-Clad Java: what's next in the series?

 
Sheriff
Posts: 17698
300
Mac Android IntelliJ IDE Eclipse IDE Spring Debian Java Ubuntu Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks to Jim and August for writing this book and especially for the way you wrote it. A lot of security-related books drag you through so much discussion about theory and principles before getting to, if ever, anything practical. One of things I really like about the material, and I wish there were more of them, are the sections where you discuss anti-patterns and design flaws. These are really useful and I hope in your next edition or next book(s? Yes, please!) in the series will continue to have these.

Another question that I think you'll find coming up often is that of retrofitting security into legacy applications. Michael Feathers' book "Working Effectively with Legacy Code" is a book that has proved invaluable to me as a developer and I think that something in the same vein but more security-focused would be very useful. Is this something you might consider going into more detail in another book in the series?

Just off the top of my head, these are other things I'd be interested in seeing in upcoming books:
1. Specific examples of how architecture plays a role in security; also anti-patterns and examples of architectural flaws
2. Specific examples of unit testing for security
3. Social engineering - what kind of security features, if any, can help mitigate the risk or guard against it;
 
Author
Posts: 53
7
MySQL Database Tomcat Server Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Next in the series is "Iron Clad Apps" and "Iron Clad Risk".

Apps will take a language neutral approach to web security.

Iron Clad Risk is for managers.

Aloha,
Jim
 
Do not threaten THIS beaver! Not even with this tiny ad:
Gift giving made easy with the permaculture playing cards
https://coderanch.com/t/777758/Gift-giving-easy-permaculture-playing
reply
    Bookmark Topic Watch Topic
  • New Topic