Full Stack Python Security teaches you everything you'll need to
build secure Python web applications.
Summary
In Full Stack Python Security: Cryptography, TLS, and attack
resistance, you'll learn how to:
Use algorithms to encrypt, hash, and digitally sign data
Create and install TLS certificates
Implement authentication, authorization, OAuth 2.0, and form validation
in Django
Protect a web application with Content Security Policy
Implement Cross Origin Resource Sharing
Protect against common attacks including clickjacking, denial of service
attacks, SQL injection, cross-site scripting, and more
Full Stack Python Security: Cryptography, TLS, and attack resistance
teaches you everything you'll need to build secure Python web
applications. As you work through the insightful code snippets and
engaging examples, you'll put security standards, best practices, and
more into action. Along the way, you'll get exposure to important
libraries and tools in the Python ecosystem.
Purchase of the print book includes a free eBook in PDF, Kindle, and
ePub formats from Manning Publications.
About the technology
Security is a full-stack concern, encompassing user interfaces, APIs,
web servers, network infrastructure, and everything in between. Master
the powerful libraries, frameworks, and tools in the Python ecosystem
and you can protect your systems top to bottom. Packed with realistic
examples, lucid illustrations, and working code, this book shows you
exactly how to secure Python-based web applications.
About the book
Full Stack Python Security: Cryptography, TLS, and attack resistance
teaches you everything you need to secure Python and Django-based web
apps. In it, seasoned security pro Dennis Byrne demystifies complex
security terms and algorithms. Starting with a clear review of
cryptographic foundations, you'll learn how to implement layers of
defense, secure user authentication and third-party access, and protect
your applications against common hacks.
What's inside
Encrypt, hash, and digitally sign data
Create and install TLS certificates
Implement authentication, authorization, OAuth 2.0, and form validation
in Django
Protect against attacks such as clickjacking, cross-site scripting, and
SQL injection
About the reader
For intermediate Python programmers.
About the author
Dennis Byrne is a tech lead for 23andMe, where he protects the
genetic data of more than 10 million customers.
Table of Contents
1 Defense in depth
PART 1 - CRYPTOGRAPHIC FOUNDATIONS
2 Hashing
3 Keyed hashing
4 Symmetric encryption
5 Asymmetric encryption
6 Transport Layer Security
PART 2 - AUTHENTICATION AND AUTHORIZATION
7 HTTP session management
8 User authentication
9 User password management
10 Authorization
11 OAuth 2
PART 3 - ATTACK RESISTANCE
12 Working with the operating system
13 Never trust input
14 Cross-site scripting attacks
15 Content Security Policy
16 Cross-site request forgery
17 Cross-Origin Resource Sharing
18 Clickjacking
