Ask HN: Resources about building secure websites and web services?

2 points by sunday_serif ↗ HN
Hi all,

Can anyone recommend any resources (books, websites, papers, lectures, etc.) about building secure websites and software services generally? I know this is a very broad topic, and so I understand that there won't be a one size fits all resource.

Topics that are of interest include: - considerations for building a secure login on a website - interfaces for authentication & authorization in web apis - considerations for storing customer / user information - considerations for communication between backend services and 3rd party services - probably lots of other things that I haven't even considered!

2 comments

[ 2.6 ms ] story [ 10.0 ms ] thread
This may not be exactly what you are looking for but if you have specific topics you wish to learn more about then the Security [1] portion of StackExchange contains some decent questions and answers. ServerFault [2] also contains some server best practices. Stack Overflow [3] would have some of the coding best practices. Lurk on there for a while before asking questions as people expect a certain style of question formatting and some degree of research from someone in a related professional field prior to asking questions.

[1] - https://security.stackexchange.com/

[2] - https://serverfault.com/

[3] - https://stackoverflow.com/