Full Stack Python Security E-BOOK

Full Stack Python Security teaches you everything you’ll need to build secure Python web applications.

Summary
In Full Stack Python Security: Cryptography, TLS, and attack resistance, you’ll learn how to:

    Use algorithms to encrypt, hash, and digitally sign data
    Create and install TLS certificates
    Implement authentication, authorization, OAuth 2.0, and form validation in Django
    Protect a web application with Content Security Policy
    Implement Cross Origin Resource Sharing
    Protect against common attacks including clickjacking, denial of service attacks, SQL injection, cross-site scripting, and more

Full Stack Python Security: Cryptography, TLS, and attack resistance teaches you everything you’ll need to build secure Python web applications. As you work through the insightful code snippets and engaging examples, you’ll put security standards, best practices, and more into action. Along the way, you’ll get exposure to important libraries and tools in the Python ecosystem.

Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications.

About the technology
Security is a full-stack concern, encompassing user interfaces, APIs, web servers, network infrastructure, and everything in between. Master the powerful libraries, frameworks, and tools in the Python ecosystem and you can protect your systems top to bottom. Packed with realistic examples, lucid illustrations, and working code, this book shows you exactly how to secure Python-based web applications.

About the book
Full Stack Python Security: Cryptography, TLS, and attack resistance teaches you everything you need to secure Python and Django-based web apps. In it, seasoned security pro Dennis Byrne demystifies complex security terms and algorithms. Starting with a clear review of cryptographic foundations, you’ll learn how to implement layers of defense, secure user authentication and third-party access, and protect your applications against common hacks.

What's inside

    Encrypt, hash, and digitally sign data
    Create and install TLS certificates
    Implement authentication, authorization, OAuth 2.0, and form validation in Django
    Protect against attacks such as clickjacking, cross-site scripting, and SQL injection

About the reader
For intermediate Python programmers.

About the author
Dennis Byrne is a tech lead for 23andMe, where he protects the genetic data of more than 10 million customers.

Table of Contents
1 Defense in depth
PART 1 - CRYPTOGRAPHIC FOUNDATIONS
2 Hashing
3 Keyed hashing
4 Symmetric encryption
5 Asymmetric encryption
6 Transport Layer Security
PART 2 - AUTHENTICATION AND AUTHORIZATION
7 HTTP session management
8 User authentication
9 User password management
10 Authorization
11 OAuth 2
PART 3 - ATTACK RESISTANCE
12 Working with the operating system
13 Never trust input
14 Cross-site scripting attacks
15 Content Security Policy
16 Cross-site request forgery
17 Cross-Origin Resource Sharing
18 Clickjacking