Identity Security for Software Development: Best Practices That Every Developer Must Know

Maintaining secrets, credentials, and machine identities in secure ways is an important, though often overlooked, aspect of secure software development. DevOps security often addresses vulnerabilities, but it neglects broader discussions like authentication, authorization, and access control, potentially leaving the door open for breaches. That’s where an identity security strategy integrated in your code, infrastructure, and environments from day one can help.

In this practical book, authors John Walsh, Uzi Ailon, and Matt Barker provide conceptual frameworks, technology overviews, and useful code snippets to bridge the gap between development, IT, and security to integrate robust identity security across apps, CI/CD pipelines, Kubernetes and cloud native, hybrid and multicloud, process automation, IoT, and more. You’ll learn:

• What developers need to know about managing secrets and identity to build safer apps
• What machine identities, secrets, and credentials are–and how to secure them
• How to secure the software supply chain to build safer apps
• How identity security fits into modern software development practices