Secure software begins before the first line of code, and software development is inextricably linked with security. Dangers lurk throughout the software lifecycle: Hackers target repositories and try to smuggle malicious code into other projects using supposedly helpful libraries. Not only publicly accessible web applications are under attack, but almost every application, even in apparently secure environments.
OWASP Top Ten, Cryptography and DevSecOps
The iX Developer special issue “Developing Safe Software” takes up numerous important topics in order to make your own software more secure from the start. Among other things, it presents different methods of code analysis from static processes to fuzzing. A look at the fresh OWASP Top Ten 2021 is essential for web development.
Cryptography is a basic requirement for many applications, but many traps lurk in practical use, especially since the documentation of the open source tools is often poor. Since quantum computers will probably reshuffle the cards in the foreseeable future and currently send algorithms that are currently considered to be secure to the sidelines, an article provides an outlook on post-quantum cryptography.
Individual programming languages and cloud security
The booklet also sheds light on security aspects for individual programming languages: one article shows how memory errors in C ++ can be tracked down and prevented, while another takes a closer look at Rust’s security concepts. Anyone who uses Java will find an overview of the relevant security changes since Java 11.
The division of monoliths into microservices architectures and the use of serverless computing result in numerous new interfaces and thus additional areas of attack. In the cloud, confidential computing is supposed to protect sensitive data, and the open policy agent helps with the implementation of security guidelines.
Further topics in the issue are pentests, privacy by design, container security and securing the software and hardware supply chain in the IoT.
The special issue is now available for 14.90 euros in well-stocked newsagents. Of the heise Shop offers the printed version until December 2nd with free shipping. Those who prefer to read digitally can purchase the PDF edition of the special issue for 12.99 euros in the heise shop. That Bundle of printed version plus PDF costs 19.90 euros.