I recently finished reading Secure by Design by Dan Bergh Johnsson, Daniel Deogun, and Daniel Sawano. I started reading it shortly after I received it as a gift from Dan Bergh Johnsson at Jfokus 2020.
Secure by Design hooked me from the beginning. Chapter 1 dives right in and shows why design matters for security and how security shouldn't be an afterthought. The authors show how developers will have a difficult time grokking security if you make them remember security-related API calls. However, if you bake security into your design and codify your security practices, developers will be more secure by default.[Read More]