Manning Early Access Program (MEAP) Read chapters as they are written, get the finished eBook as soon as it’s ready, and receive the pBook long before it's in bookstores.

all chapters available

Safeguard Your Code Against Cyber Threats read this article now in
Manning's Free Content Center

Resources

Book forum Safeguard Your Code Against Cyber Threats more

Become a
Reviewer

Help us create great books

Grokking Web Application Security you own this product

Malcolm McDonald

MEAP began May 2023
Publication in May 2024 (estimated)

ISBN 9781633438262
388 pages (estimated)

Included with a Manning Online subscription

printed in black & white

read now

pro $24.99 per month

access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
choose one free eBook per month to keep
exclusive 50% discount on all purchases

lite $19.99 per month

access to all Manning books, including MEAPs!

team

5, 10 or 20 seats+ for your team - learn more

eBook

$47.99 $30.23

you save $17.76 (37%)

Look inside

When you launch an application on the web, every hacker in the world has access to it. Are you sure your web apps can stand up to the most sophisticated attacks?

Grokking Web Application Security is a brilliantly illustrated and clearly written guide that delivers detailed coverage on:

How the browser security model works, including sandboxing, the same-origin policy, and methods of securing cookies
Securing web servers with input validation, escaping of output, and defense in depth
A development process that prevents security bugs
Protecting yourself from browser vulnerabilities such as cross-site scripting, cross-site request forgery, and clickjacking
Network vulnerabilities like man-in-the-middle attacks, SSL-stripping, and DNS poisoning
Preventing authentication vulnerabilities that allow brute forcing of credentials by using single sign-on or multi-factor authentication
Authorization vulnerabilities like broken access control and session jacking
How to use encryption in web applications
Injection attacks, command execution attacks, and remote code execution attacks
Malicious payloads that can be used to attack XML parsers, and file upload functions

Grokking Web Application Security teaches you how to build web apps that are ready for and resilient to any attack. It’s laser-focused on what the working programmer needs to know about web security, and is fully illustrated with concrete examples and essential advice from author Malcolm McDonald’s extensive career. You’ll learn what motivates hackers to hack a site, discover the latest tools for identifying security issues, and set up a development lifecycle that catches security issues early. Read it cover to cover for a comprehensive overview of web security, and dip in as a reference whenever you need to tackle a specific vulnerability.

about the technology

Security is vital for any application, especially those deployed on the web! The internet is full of scripts, bots, and hackers who will seize any opportunity to attack, crack, and hack your site for their own ends. It doesn’t matter which part of a web app you work with—security vulnerabilities can be found in both frontends and backends. Luckily, this comprehensive guide is here with no-nonsense advice that will keep your web apps safe.

about the book

Grokking Web Application Security teaches you everything you need to know to secure your web applications in the browser, on the server, and even at the code level. The book is perfect for both junior and experienced learners. It’s written to be language-agnostic, with advice and vulnerability insights that will work with any stack.

You’ll begin with the foundations of web security and then dive into dozens of practical security recommendations for both common and not-so-common vulnerabilities—everything from SQL injection to cross-site scripting inclusion attacks. Explore growing modern threats like supply-chain attacks and attacks on APIs, learn about cryptography and how it applies to the web, and discover how to pick up the pieces after a hacker has successfully gotten inside your app.

about the reader

For junior web developers who know the basics of web programming, or more experienced developers looking for concrete advice on solving vulnerabilities.

about the author

Malcolm McDonald is the creator of hacksplaining.com, a comprehensive and interactive security training solution that helps working web developers brush up on their security knowledge. He is a security engineer with 20 years of experience across investment banking, start-ups, and PayPal. He has personally trained thousands of developers in web security over his career.

eBook

$47.99 $30.23

you save $17.76 (37%)

choose your plan

pro

monthly

annual

$24.99

$249.99
only $20.83 per month

access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
choose another free product every time you renew
choose twelve free products per year
exclusive 50% discount on all purchases
Grokking Web Application Security ebook for free

team

monthly

annual

$49.99

$499.99
only $41.67 per month

five seats for your team
access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
choose another free product every time you renew
choose twelve free products per year
exclusive 50% discount on all purchases
Grokking Web Application Security ebook for free

more seats?

choose your plan

pro

monthly

annual

$24.99

$249.99
only $20.83 per month

access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
choose another free product every time you renew
choose twelve free products per year
exclusive 50% discount on all purchases
Grokking Web Application Security ebook for free

team

monthly

annual

$49.99

$499.99
only $41.67 per month

five seats for your team
access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
choose another free product every time you renew
choose twelve free products per year
exclusive 50% discount on all purchases
Grokking Web Application Security ebook for free

more seats?