{"product_id":"software-security-for-developers-1","title":"Software Security for Developers: With examples in Java and Spring","description":"\u003cb\u003eGet the eBook free when you register your print book at Manning.\u003c\/b\u003e\u003cbr\u003e\u003cbr\u003eSoftware security is about understanding how real systems fail, and how to build them so they don’t. This book gives you that understanding, and shows you how to apply it in the modern cloud and Kubernetes environments you work with every day.\u003cbr\u003e \u003cbr\u003eThe book starts with the reality developers face: security problems are not theoretical—they show up in design choices, dependencies, configuration, and day-to-day coding decisions. You’ll see why breaches happen, how supply chain risks creep in, and how “secure development” actually looks across the lifecycle—from design to deployment.\u003cbr\u003e \u003cbr\u003eFrom there, the book builds the foundation you need to work confidently with security tools. Instead of treating frameworks as black boxes, it explains the standards, protocols, and patterns they implement.\u003cbr\u003e \u003cbr\u003eYou’ll learn how integrity, encryption, authentication, and identity really work—so TLS, OAuth2, OpenID Connect, and certificates become understandable and usable.\u003cbr\u003e \u003cbr\u003eWith that foundation in place, the focus shifts to modern application architecture. You’ll implement secure communication channels, design authentication and identity flows, adopt passwordless approaches, and manage authorization across complex service-to-service call chains. Along the way, you’ll see how to give every service an identity, enforce access policies, and secure interactions in distributed, cloud-native systems.\u003cbr\u003e \u003cbr\u003eThroughout the book, concepts are grounded in practical Java examples that mirror real production scenarios. By the end, you’ll be familiar with security terms and know how to apply them to build systems that pass audits, resist attacks, and hold up under real-world pressure.\u003cbr\u003e \u003cbr\u003e \u003cb\u003eWhat's inside\u003c\/b\u003e\u003cbr\u003e \u003cbr\u003e • Why security failures happen in real systems\u003cbr\u003e • How to apply cryptography and security standards correctly\u003cbr\u003e • How to secure identity, access, and service communication\u003cbr\u003e \u003cbr\u003e\u003cb\u003eAbout the reader\u003c\/b\u003e\u003cbr\u003e \u003cbr\u003e For developers who want to understand and apply security with confidence.\u003cbr\u003e \u003cbr\u003e \u003cb\u003eAbout the author\u003c\/b\u003e\u003cbr\u003e \u003cbr\u003e \u003cb\u003eAdib Saikali\u003c\/b\u003e is a Distinguished Software Engineer and a Principal Solutions Engineer at VMware Tanzu. \u003cb\u003eLaurentiu Spilca\u003c\/b\u003e is Java and Spring expert, an experienced technology instructor, and the author of several books.\u003cbr\u003e \u003cbr\u003e \u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e \u003cbr\u003e Part 1\u003cbr\u003e 1 Making sense of application security\u003cbr\u003e 2 Standards for implementing authentication\u003cbr\u003e 3 Service-to-service communication\u003cbr\u003e Part 2\u003cbr\u003e 4 Message integrity and authentication\u003cbr\u003e 5 Advanced Encryption Standard\u003cbr\u003e 6 Public key encryption and digital signatures: Unleashing RSA\u003cbr\u003e 7 Public key encryption and digital signatures: Using ECC\u003cbr\u003e Part 3\u003cbr\u003e 8 Public key infrastructure and X.509 digital certificates: Know who you’re talking to\u003cbr\u003e 9 Working with X.509 certificates: Life cycle and self-signing\u003cbr\u003e 10 Transport Layer Security: How the internet is secured\u003cbr\u003e Part 4\u003cbr\u003e 11 JSON Object Signing and Encryption\u003cbr\u003e 12 Single-sign on using OAuth2 and OpenID Connect\u003cbr\u003e 13 Deepening security with OpenID Connect\u003cbr\u003e 14 Passwordless login: Using magic links and one-time passwords\u003cbr\u003e 15 Passwordless login: WebAuthn and hardware authentication\u003cbr\u003e Part 5\u003cbr\u003e 16 Implementing service identity\u003cbr\u003e 17 Taming authorization: RBAC, ABAC, and ReBAC\u003cbr\u003e Appendix\u003cbr\u003e A Installation and setup","brand":"None","offers":[{"title":"Livre numérique Kobo","offer_id":46684337995986,"sku":"a80b9c82-3fb6-3439-8b6b-616cd247db39","price":59.99,"currency_code":"CAD","in_stock":true},{"title":"Couverture souple","offer_id":46718925570258,"sku":"9781617298585","price":79.99,"currency_code":"CAD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0655\/8980\/5233\/files\/image_2ec0d799-9945-488a-84ca-c413c64d095a.jpg?v=1765659984","url":"https:\/\/www.indigo.ca\/fr\/products\/software-security-for-developers-1","provider":"Indigo","version":"1.0","type":"link"}