Today, we are seeing a major shift in how web applications are being built and particularly the importance of the “shift left” paradigm. With the shift left focus on security, there is increased responsibility on developers to build security in their design and code from the start. The stakes are too high to ignore, given the variety of compliance-specific industries we work across.
With this in mind, the book starts to give web application developers insight into the context of security in web applications, particularly in PHP. There are a variety of applications a developer works in starting from green field projects, existing projects, hybrid ones (Kubernetes and OpenShift), and cloud native.
To understand this and gain practical insights, the book focuses on security aspects which need to be understood and implemented while building core applications which do not use any frameworks, then proceeds to the security protocols behind various processes which help us build web applications, and finally security practices prevalent in enterprise frameworks like Laravel.
Software development lifecycle has many phases and security needs to be built into each phase from the very start. The book gives practical insights into discussing security with stakeholders, understanding the context of security in different phases like development, testing, deployment, infrastructure as cloud, cloud security, and maintenance.
The book finally details the future of security and some of the helpful tools which will be part of the developer lifecycle. There are concepts and code recipes shared throughout the book which are helpful not only for learning but also while working on real-world projects.
Description:
Today, we are seeing a major shift in how web applications are being built and particularly the importance of the “shift left” paradigm. With the shift left focus on security, there is increased responsibility on developers to build security in their design and code from the start. The stakes are too high to ignore, given the variety of compliance-specific industries we work across.
With this in mind, the book starts to give web application developers insight into the context of security in web applications, particularly in PHP. There are a variety of applications a developer works in starting from green field projects, existing projects, hybrid ones (Kubernetes and OpenShift), and cloud native.
To understand this and gain practical insights, the book focuses on security aspects which need to be understood and implemented while building core applications which do not use any frameworks, then proceeds to the security protocols behind various processes which help us build web applications, and finally security practices prevalent in enterprise frameworks like Laravel.
Software development lifecycle has many phases and security needs to be built into each phase from the very start. The book gives practical insights into discussing security with stakeholders, understanding the context of security in different phases like development, testing, deployment, infrastructure as cloud, cloud security, and maintenance.
The book finally details the future of security and some of the helpful tools which will be part of the developer lifecycle. There are concepts and code recipes shared throughout the book which are helpful not only for learning but also while working on real-world projects.