4 Code constructs promoting security
This chapter covers
- How immutability solves security problems
- How fail-fast contracts secure your design
- Types of validation and the order in which to do them
As developers, we’re constantly reminded about priorities and deadlines. Cutting corners and dirty hacks are sometimes part of reality that we must accept—or are they? The truth is, at the end of the day, you decide what syntax to use, what algorithms to apply, and how to steer the flow of execution. If you truly understand why certain code constructs are better than others, then using them becomes second nature and no more time-consuming than writing bad code. The same applies to security. Attackers don’t care about deadlines or priorities—a weak system is exploitable, regardless of why or under what circumstances it was built.
We all share the responsibility of designing secure software. In this chapter, you’ll learn why that doesn’t take any longer than building weak, exploitable software. To this end, we’ve organized this chapter into three sections, each discussing different strategies to solve security problems you might encounter in your daily work (table 4.1).
Table 4.1 Problem areas addressed (view table figure)
| Section | Problem area |
| Immutability | Security problems involving data integrity and availability |
| Failing fast | Security problems involving illegal input and state |
| Validation | Security problems involving input validation |