You're reading from Secure Software Development Learn to analyze and mitigate risks in your software projects

Product type Paperback

Published in Mar 2024

Publisher Packt

ISBN-13 9781835462836

Length 262 pages

Edition 1st Edition

Concepts

Application Development

Author (1):

Aspen Olmsted

View More author details

Table of Contents (20) Chapters

Preface

1. Part 1: Modeling a Secure Application FREE CHAPTER

2. Chapter 1: Security Principles

3. Chapter 2: Designing a Secure Functional Model

4. Chapter 3: Designing a Secure Object Model

5. Chapter 4: Designing a Secure Dynamic Model

6. Chapter 5: Designing a Secure System Model

7. Chapter 6: Threat Modeling

8. Part 2: Mitigating Risks in Implementation

9. Chapter 7: Authentication and Authorization

10. Chapter 8: Input Validation and Sanitization

11. Chapter 9: Standard Web Application Vulnerabilities

12. Chapter 10: Database Security

13. Part 3: Security Validation

14. Chapter 11: Unit Testing

15. Chapter 12: Regression Testing

16. Chapter 13: Integration, System, and Acceptance Testing

17. Chapter 14: Software Penetration Testing

18. Index

Why subscribe?

19. Other Books You May Enjoy

Example of the enterprise input validation and sanitization

Throughout this book, we will build a secure design for an event ticketing system. Envision a software system that allows a box office or a website to sell tickets to a famous musical concert or theatre event. Table 3 is a simplified STRIDE model for our running ticketing example. Next, we will look at utilizing the PHP filter_var function and FILTER_VALIDATE_* constants to perform input validation for various fields. Here is a PHP code sample that utilizes the filter_var extension for validating fields such as First Name, Last Name, Phone Number, Email, and Address:

<?php
// Function to sanitize and validate input
function sanitize_input($input) {
    $input = trim($input);
    $input = stripslashes($input);
    $input = htmlspecialchars($input);
    return $input;
}
// Function to validate name
function validate_name($name) {
  ...

The rest of the chapter is locked

Tech Concepts

Programming languages

Tech Tools

Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.

Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.

50+ new titles added per month and exclusive early access to books as they are being written.

You're reading from Secure Software Development Learn to analyze and mitigate risks in your software projects

Table of Contents (20) Chapters

Example of the enterprise input validation and sanitization

Authors (1)

Personalised recommendations for you

You're reading from Secure Software Development Learn to analyze and mitigate risks in your software projects

Table of Contents (20) Chapters

Example of the enterprise input validation and sanitization

Authors (1)

Personalised recommendations for you

Create a Free Account To Continue Reading

Sign in to activate your 7-day free access