Sunshine on Java
One Minute Bottom Line
|Defensive programming knowledge should be in every Java developers toolkit. Although only offering basic techniques, it's a good start to get you going.|
Sunshine on Java offers a nice introduction in defensive web application programming.
No rocket-science, but clear, concise explanation on some well known attacks and how to avoid them.
When you never thought about defensive programming, this is a really good start. The explanation of the vulnerabilities and the attacks possible is nicely done. The images really do add value.
The mitigation sections are clear, and immediately applicable - and that is what an introduction should do!
After reading this book (it is a small Kindle e-book, so it will not take long) and applying the "sanitations" offered, your applications will be more secure - as stated in the introduction they will not be foolproof, but as a start they are invaluable.
Vulnerabilities explained are 3 kinds of XSS (Cross Site Scripting) attacks - reflective, stored and DOM-based, CSRF (Cross Site Request Forgery) and SQL Injection.
In addition the importance of Peer Reviews (regarding security) is emphasized.
The knowledge offered should be in any Java developers toolkit, so if you don't know much about security or defensive programming, grab this book.
Seeing how easy you can program more secure so easily, hopefully it will encourage you to explore this field in more depth!
(Note: Opinions expressed in this article and its replies are the opinions of their respective authors and not those of DZone, Inc.)