We take a look at "Secure Coding: Principles & Practices" by Mark G. Graff and Kenneth R. van Wyk on essential principles of developing secure software
In this slim volume, Mark G. Graff and Kenneth R. van Wyk present the essential principles for developing secure software. Without getting into the nitty gritties of code, (the book has less than 7 pages of code), the book lays out the broad issues software developers need to understand. Using the Software Development Life Cycle as a frame of reference, the authors show how risks can be mitigated at each stage of a software's life cycle. The section on constructing a mental model and a security metaphor for the product during the Design stage is one of my favourites. The advice is practical, and the prose lucid. If you're in a hurry to understand the important issues in software security, then this book is worth the read.