Look Inside

Alice and bob learn application security Ebook

This book covers security fundamentals, security requirements, secure design concepts, secure coding (plus a guideline they can keep), solutions to the OWASP Top Ten items not covered by the secure coding guidelines. It also covers the basics of threat modelling, security testing, how to build an AppSec program, modern application security concerns and mitigations, and security hygiene for software developers and other IT staff. The book ends with answers to common questions people starting in Application Security often have, as a conclusion to the book. It will also list resources where they can find more answers.Much of the approach of the book focuses on “pushing left” in AppSec, that is getting application security considerations built into the software development process as early as possible. Many of the examples in the book are illustrated by a fictional story of the characters of Alice and Bob as they learn the core concepts of application security, interspersed with code, exercises, examples. Written by Tanya “SheHacksPurple” Janca it features the same fun, entertaining, and easy writing style of her blog and numerous presentations.

S$69.95 exc. GST

Available on back-order

For eTextbook orders, the access codes will be emailed to you within 5~7 working days. For back-ordered printed books, please allow 3~4 weeks for delivery.
ISBN: 9781119687405 Categories: ,

Tanya Janca, also known as SheHacksPurple, is the author of Alice and Bob Learn Application Security. She is the founder of We Hack Purple, an online learning academy, community and weekly podcast that revolves around teaching everyone to create secure software. Tanya has been coding and working in IT for over twenty years, won numerous awards, and has been everywhere from startups to public service to tech giants (Microsoft, Adobe, startup founder, pentester, CISO, AppSec Engineer, and software developer. She is an award-winning public speaker, active blogger & streamer and has delivered hundreds of talks and trainings on 6 continents. She values diversity, inclusion and kindness, which shines through in her countless initiatives. Tanya was named Hacker of the Year by the Cybersecurity Woman of the Year 2019 conference and the winner of the ITWC and WISECRA 2020 Top Canadian Women in Cyber Security Celebration. Tanya. can be found on Twitter, YouTube, Medium and others as @shehackspurple.






Tanya Janca


John Wiley