Is there a good security primer for a non-security programmer?

Question

^ Basically, I didn't take any security-adjacent classes in school, and never had to consider these things for my previous work. I've heard about things like web cache poisoning but never thought closely about them. Is there a good place for me to get a primer?

gabrielsroka · Accepted Answer

https://web.stanford.edu/class/cs253/ by @feross

mooreds · Answer

If you're into dead tree formats, I suggest this book: https://www.cl.cam.ac.uk/~rja14/book.htmlIt's big but covers a lot of things and is pretty accessible.

ericalexander0 · Answer

https://securecodingdojo.owasp.org/public/index.html

joshcanhelp · Answer

I&rsquo;ve scanned this and have it in my reading list:https://github.com/veeral-patel/how-to-secure-anythingI&rsquo;ve been working with a very competent security team for several years and there were a lot of familiar terms and techniques.

greenie_beans · Answer

good course for web developers: https://www.pluralsight.com/courses/hack-yourself-first

giantg2 · Answer

NIST has a bunch of resources. Just search "NIST intro to security".