Web Security for Developers
The world has changed. Today, every time you make a site live, you're opening it up to attack. A first-time developer can easily be discouraged by the difficulties involved with properly securing a website. But have hope: an army of security researchers is out there discovering, documenting, and fixing security flaws. Thankfully, the tools you'll need to secure your site are freely available and generally easy to use. Web Security for Developers will teach you how your websites are vulnerable to attack and how to protect them. Each chapter breaks down a major security vulnerability and explores a real-world attack, coupled with plenty of code to show you both the vulnerability and the fix. You'll learn how to: Protect against SQL injection attacks, malicious JavaScript, and cross-site request forgery; Add authentication and shape access control to protect accounts; Lock down user accounts to prevent attacks that rely on guessing passwords, stealing sessions, or escalating priv ...
The world has changed. Today, every time you make a site live, you're opening it up to attack. A first-time developer can easily be discouraged by the difficulties involved with properly securing a website. But have hope: an army of security researchers is out there discovering, documenting, and fixing security flaws. Thankfully, the tools you'll need to secure your site are freely available and generally easy to use. Web Security for Developers will teach you how your websites are vulnerable to attack and how to protect them. Each chapter breaks down a major security vulnerability and explores a real-world attack, coupled with plenty of code to show you both the vulnerability and the fix. You'll learn how to: Protect against SQL injection attacks, malicious JavaScript, and cross-site request forgery; Add authentication and shape access control to protect accounts; Lock down user accounts to prevent attacks that rely on guessing passwords, stealing sessions, or escalating priv ...
Real-World Python
With its emphasis on project-based practice, Real World Python will take you from playing with syntax to writing complete programs in no time. You'll conduct experiments, explore statistical concepts, and solve novel problems that have frustrated geniuses throughout history, like detecting distant exoplanets, as you continue to build your Python skills. Chapters begin with a clearly defined project goal and a discussion of ways to attack the problem, followed by a mission designed to make you think like a programmer. You'll direct a Coast Guard search-and-rescue effort, plot and execute a NASA flight to the moon, protect access to a secure lab using facial recognition, and more. Along the way you'll learn how to: Use libraries like matplotlib, NumPy, Bokeh, pandas, Requests, Beautiful Soup, and turtle; Work with Natural Language Processing and computer vision modules like NLTK and OpenCV; Write a program to detect and track objects moving across a starfield; Scrape speeches from the ...
With its emphasis on project-based practice, Real World Python will take you from playing with syntax to writing complete programs in no time. You'll conduct experiments, explore statistical concepts, and solve novel problems that have frustrated geniuses throughout history, like detecting distant exoplanets, as you continue to build your Python skills. Chapters begin with a clearly defined project goal and a discussion of ways to attack the problem, followed by a mission designed to make you think like a programmer. You'll direct a Coast Guard search-and-rescue effort, plot and execute a NASA flight to the moon, protect access to a secure lab using facial recognition, and more. Along the way you'll learn how to: Use libraries like matplotlib, NumPy, Bokeh, pandas, Requests, Beautiful Soup, and turtle; Work with Natural Language Processing and computer vision modules like NLTK and OpenCV; Write a program to detect and track objects moving across a starfield; Scrape speeches from the ...
NGINX Cookbook
NGINX is one of the most widely used web servers available today, in part because of its capabilities as a load balancer and reverse proxy server for HTTP and other network protocols.This cookbook provides easy-to-follow examples to real-world problems in application delivery. The practical recipes will help you set up and use either the open source or commercial offering to solve problems in various use cases. For professionals who understand modern web architectures, such as n-tier or microservice designs, and common web protocols including TCP and HTTP, these recipes provide proven solutions for security, software load balancing, and monitoring and maintaining NGINX's application delivery platform. You'll also explore advanced features of both NGINX and NGINX Plus, the free and licensed versions of this server. You'll find recipes for: High-performance load balancing with HTTP, TCP, and UDP; Securing access through encrypted traffic, secure links, HTTP authentication subreques ...
NGINX is one of the most widely used web servers available today, in part because of its capabilities as a load balancer and reverse proxy server for HTTP and other network protocols.This cookbook provides easy-to-follow examples to real-world problems in application delivery. The practical recipes will help you set up and use either the open source or commercial offering to solve problems in various use cases. For professionals who understand modern web architectures, such as n-tier or microservice designs, and common web protocols including TCP and HTTP, these recipes provide proven solutions for security, software load balancing, and monitoring and maintaining NGINX's application delivery platform. You'll also explore advanced features of both NGINX and NGINX Plus, the free and licensed versions of this server. You'll find recipes for: High-performance load balancing with HTTP, TCP, and UDP; Securing access through encrypted traffic, secure links, HTTP authentication subreques ...
Programming iOS 14
If you're grounded in the basics of Swift, Xcode, and the Cocoa framework, this book provides a structured explanation of all essential real-world iOS app components. Through deep exploration and copious code examples, you'll learn how to create views, manipulate view controllers, and add features from iOS frameworks. Create, arrange, draw, layer, and animate views that respond to touch; Use view controllers to manage multiple screens of interface; Master interface classes for scroll views, table views, collection views, text, popovers, split views, web views, and controls; Dive into frameworks for sound, video, maps, and sensors; Access user libraries: music, photos, contacts, and calendar; Explore additional topics, including files, networking, and threads. Stay up-to-date on iOS 14 innovations, such as: Control action closures and menus; Table view cell configuration objects; Collection view lists and outlines; New split view controller architecture; Pointer customization on i ...
If you're grounded in the basics of Swift, Xcode, and the Cocoa framework, this book provides a structured explanation of all essential real-world iOS app components. Through deep exploration and copious code examples, you'll learn how to create views, manipulate view controllers, and add features from iOS frameworks. Create, arrange, draw, layer, and animate views that respond to touch; Use view controllers to manage multiple screens of interface; Master interface classes for scroll views, table views, collection views, text, popovers, split views, web views, and controls; Dive into frameworks for sound, video, maps, and sensors; Access user libraries: music, photos, contacts, and calendar; Explore additional topics, including files, networking, and threads. Stay up-to-date on iOS 14 innovations, such as: Control action closures and menus; Table view cell configuration objects; Collection view lists and outlines; New split view controller architecture; Pointer customization on i ...
AWS Penetration Testing
Cloud security has always been treated as the highest priority by AWS while designing a robust cloud infrastructure. AWS has now extended its support to allow users and security experts to perform penetration tests on its environment. This has not only revealed a number of loopholes and brought vulnerable points in their existing system to the fore, but has also opened up opportunities for organizations to build a secure cloud environment. This book teaches you how to perform penetration tests in a controlled AWS environment. You'll begin by performing security assessments of major AWS resources such as Amazon EC2 instances, Amazon S3, Amazon API Gateway, and AWS Lambda. Throughout the course of this book, you'll also learn about specific tests such as exploiting applications, compromising Identity and Access Management (IAM) keys, testing permissions flaws, and discovering weak policies. Moving on, you'll discover how to establish private-cloud access through backdoor Lambda functi ...
Cloud security has always been treated as the highest priority by AWS while designing a robust cloud infrastructure. AWS has now extended its support to allow users and security experts to perform penetration tests on its environment. This has not only revealed a number of loopholes and brought vulnerable points in their existing system to the fore, but has also opened up opportunities for organizations to build a secure cloud environment. This book teaches you how to perform penetration tests in a controlled AWS environment. You'll begin by performing security assessments of major AWS resources such as Amazon EC2 instances, Amazon S3, Amazon API Gateway, and AWS Lambda. Throughout the course of this book, you'll also learn about specific tests such as exploiting applications, compromising Identity and Access Management (IAM) keys, testing permissions flaws, and discovering weak policies. Moving on, you'll discover how to establish private-cloud access through backdoor Lambda functi ...
SELinux System Administration, 3rd Edition
Linux is a dominant player in many organizations and in the cloud. Securing the Linux environment is extremely important for any organization, and Security-Enhanced Linux (SELinux) acts as an additional layer to Linux system security. SELinux System Administration covers basic SELinux concepts and shows you how to enhance Linux system protection measures. You will get to grips with SELinux and understand how it is integrated. As you progress, you'll get hands-on experience of tuning and configuring SELinux and integrating it into day-to-day administration tasks such as user management, network management, and application maintenance. Platforms such as Kubernetes, system services like systemd, and virtualization solutions like libvirt and Xen, all of which offer SELinux-specific controls, will be explained effectively so that you understand how to apply and configure SELinux within these applications. If applications do not exert the expected behavior, you'll learn how to fine-tune p ...
Linux is a dominant player in many organizations and in the cloud. Securing the Linux environment is extremely important for any organization, and Security-Enhanced Linux (SELinux) acts as an additional layer to Linux system security. SELinux System Administration covers basic SELinux concepts and shows you how to enhance Linux system protection measures. You will get to grips with SELinux and understand how it is integrated. As you progress, you'll get hands-on experience of tuning and configuring SELinux and integrating it into day-to-day administration tasks such as user management, network management, and application maintenance. Platforms such as Kubernetes, system services like systemd, and virtualization solutions like libvirt and Xen, all of which offer SELinux-specific controls, will be explained effectively so that you understand how to apply and configure SELinux within these applications. If applications do not exert the expected behavior, you'll learn how to fine-tune p ...
The Unix Workbench
Learning the command line can be a difficult and intimidating task, but this book is designed to be your lighthouse in the modern computational storm. Unix is a 40 year old operating system that powers the internet, your phone, and the latest scientific research. This book aims to be a gateway to the world of computer programming, providing you with a set of tools that will allow you to scale your ideas. Even if you have no prior programming experience The Unix Workbench can help you build a solid foundation which you can use to build the next great business, discover a new innovation, or choreograph a ovation-inducing ballet. This book begins by helping you get access to Unix, followed by an introduction to how you can use the command line to navigate your computer just like you normally would with your mouse and keyboard. We will then discuss more advanced topics including how to do complex searches with regular expressions, how to configure your programming environment, and how t ...
Learning the command line can be a difficult and intimidating task, but this book is designed to be your lighthouse in the modern computational storm. Unix is a 40 year old operating system that powers the internet, your phone, and the latest scientific research. This book aims to be a gateway to the world of computer programming, providing you with a set of tools that will allow you to scale your ideas. Even if you have no prior programming experience The Unix Workbench can help you build a solid foundation which you can use to build the next great business, discover a new innovation, or choreograph a ovation-inducing ballet. This book begins by helping you get access to Unix, followed by an introduction to how you can use the command line to navigate your computer just like you normally would with your mouse and keyboard. We will then discuss more advanced topics including how to do complex searches with regular expressions, how to configure your programming environment, and how t ...
MySQL Concurrency
Know how locks work in MySQL and how they relate to transactions. This book explains the major role that locks play in database systems, showing how locks are essential in allowing high-concurrency workloads. You will learn about lock access levels and lock granularities from the user level as well as table locks to record and gap locks. Most importantly, the book covers troubleshooting techniques when locking becomes a pain point. Several of the lock types in MySQL have a duration of a transaction. For this reason, it is important to understand how transactions work. This book covers the basics of transactions as well as transaction isolation levels and how they affect locking. The book is meant to be your go-to resource for solving locking contention and similar problems in high-performance MySQL database applications. Detecting locking issues when they occur is the first key to resolving such issues. MySQL Concurrency provides techniques for detecting locking issues such as co ...
Know how locks work in MySQL and how they relate to transactions. This book explains the major role that locks play in database systems, showing how locks are essential in allowing high-concurrency workloads. You will learn about lock access levels and lock granularities from the user level as well as table locks to record and gap locks. Most importantly, the book covers troubleshooting techniques when locking becomes a pain point. Several of the lock types in MySQL have a duration of a transaction. For this reason, it is important to understand how transactions work. This book covers the basics of transactions as well as transaction isolation levels and how they affect locking. The book is meant to be your go-to resource for solving locking contention and similar problems in high-performance MySQL database applications. Detecting locking issues when they occur is the first key to resolving such issues. MySQL Concurrency provides techniques for detecting locking issues such as co ...
Data Parallel C++
Learn how to accelerate C++ programs using data parallelism. This open book enables C++ programmers to be at the forefront of this exciting and important new development that is helping to push computing to new levels. It is full of practical advice, detailed explanations, and code examples to illustrate key topics. Data parallelism in C++ enables access to parallel resources in a modern heterogeneous system, freeing you from being locked into any particular computing device. Now a single C++ application can use any combination of devices - including GPUs, CPUs, FPGAs and AI ASICs - that are suitable to the problems at hand. This book teaches data-parallel programming using C++ and the SYCL standard from the Khronos Group and walks through everything needed to use SYCL for programming heterogeneous systems. The book begins by introducing data parallelism and foundational topics for effective use of SYCL and Data Parallel C++ (DPC++), the open source compiler used in this book. La ...
Learn how to accelerate C++ programs using data parallelism. This open book enables C++ programmers to be at the forefront of this exciting and important new development that is helping to push computing to new levels. It is full of practical advice, detailed explanations, and code examples to illustrate key topics. Data parallelism in C++ enables access to parallel resources in a modern heterogeneous system, freeing you from being locked into any particular computing device. Now a single C++ application can use any combination of devices - including GPUs, CPUs, FPGAs and AI ASICs - that are suitable to the problems at hand. This book teaches data-parallel programming using C++ and the SYCL standard from the Khronos Group and walks through everything needed to use SYCL for programming heterogeneous systems. The book begins by introducing data parallelism and foundational topics for effective use of SYCL and Data Parallel C++ (DPC++), the open source compiler used in this book. La ...
Spring Boot: Up and Running
With over 75 million downloads per month, Spring Boot is the most widely used Java framework available. Its ease and power have revolutionized application development from monoliths to microservices. Yet Spring Boot's simplicity can also be confounding. How do developers learn enough to be productive immediately? This practical book shows you how to use this framework to write successful mission-critical applications. Mark Heckler from VMware, the company behind Spring, guides you through Spring Boot's architecture and approach, covering topics such as debugging, testing, and deployment. If you want to develop cloud native Java or Kotlin applications with Spring Boot rapidly and effectively (using reactive programming, building APIs, and creating database access of all kinds) this book is for you. Learn how Spring Boot simplifies cloud native application development and deployment; Build reactive applications and extend communication across the network boundary to create distribu ...
With over 75 million downloads per month, Spring Boot is the most widely used Java framework available. Its ease and power have revolutionized application development from monoliths to microservices. Yet Spring Boot's simplicity can also be confounding. How do developers learn enough to be productive immediately? This practical book shows you how to use this framework to write successful mission-critical applications. Mark Heckler from VMware, the company behind Spring, guides you through Spring Boot's architecture and approach, covering topics such as debugging, testing, and deployment. If you want to develop cloud native Java or Kotlin applications with Spring Boot rapidly and effectively (using reactive programming, building APIs, and creating database access of all kinds) this book is for you. Learn how Spring Boot simplifies cloud native application development and deployment; Build reactive applications and extend communication across the network boundary to create distribu ...