Secure Coding: Designing and Implementing Secure Applications -- an O'Reilly book by Mark G. Graff and Kenneth R. van Wyk.

A great book on the philosophy and theory behind secure design and implementation of applications and systems. Includes a great deal of insight and any number of things to ponder, but no code to steal or hard-coded list of absolute priorities. So while it won't help if you're shipping an program at the end of the week and it has to be secure, it will help you understand the security trade-offs in your next system and point you towards where you might start improving things.

Due to it's abstract nature, it isn't tied to one programming language or platform and shouldn't date too quickly.

I (StuartYeates) read it cover-to-cover on a plane trip after I got it at OpenSourceConvention.

The O'Rielly page and the authors page for the book.


lib/main.php:944: Notice: PageInfo: Cannot find action page

lib/main.php:839: Notice: PageInfo: Unknown action