Hacking the Code

The other day I received my copy of Hacking the Code and so far I'm enjoying it quite a bit. On the cover it says, “ASP.NET Web Application Security” but let me tell you, the ideas and topics discussed go far beyond just ASP.NET and web applications. I just finished reading the first chapter, “Managing Users” which was about 50 pages and went very deep into implementing secure password schemes. I had heard some of the advice before but, also picked up a few things I hadn't thought about before, which is always good. I like coming away from reading security books aware of some new security issues I didn't know about before. So far, it seems like a book I would definitely recommend , in addition to Writing Secure Code, 2nd Edition to anyone interested in learning more about coding and security. I'd also recommend Dana Epp's Security Blog.

Another thing I like about the book is that it refers to actual websites that you can go take a look at, right now, with your browser. Some are used as good examples, some as bad examples. Even better, at the end of each chapter, the book contains a security checklist and a coding conventions checklist that you can reference while writing code of your own. Nice bonus.

The whole book comes in at under 450 pages, short enough to tackle in a couple of weekends. It's been a while for me since I read a tech book so I'm glad the first one I decided to read has been able to keep my interest.

1 Comment

Comments have been disabled for this content.