1 Defense in depth


This chapter covers

  • Defining your attack surface
  • Introducing defense in depth
  • Adhering to standards, best practices, and fundamentals
  • Identifying Python security tools

You trust organizations with your personal information more now than ever before. Unfortunately, some of these organizations have already surrendered your information to attackers. If you find this hard to believe, visit https://haveibeenpwned.com. This site allows you to easily search a database containing the email addresses for billions of compromised accounts. With time, this database will only grow larger. As software users, we have developed an appreciation for security through this common experience.

Because you’ve opened this book, I’m betting you appreciate security for an additional reason. Like me, you don’t just want to use secure systems; you want to create them as well. Most programmers value security, but they don’t always have the background to make it happen. I wrote this book to provide you with a tool set for building this background.

Security is the ability to resist attack. This chapter decomposes security from the outside in, starting with attacks. The subsequent chapters cover the tools you need to implement layers of defense, from the inside out, in Python.

1.1 Attack surface

1.2 Defense in depth

1.2.1 Security standards

1.2.2 Best practices

1.2.3 Security fundamentals

1.3 Tools

1.3.1 Staying practical