Chapter Twelve

Building It Safe: Security & Privacy by Design

Security isn't a feature you add at the end — it's a thread through everything. This chapter covers the security a developer needs to understand: thinking about safety in every phase (shift-left), the common ways software gets attacked, the building blocks of identity, secrets, and encryption, and the modern frontiers of supply-chain risk and data privacy.

4 topics

Software holds people's data, money, and trust, which makes it a target. Security is the discipline of protecting it — and the key insight of this chapter is that it can't be bolted on at the end. It has to be designed in, from the start, in every phase.

Four topics. First, "shift-left" — why security belongs in every phase, not a final checkpoint. Then the common threats, through the well-known OWASP Top 10. Then the everyday building blocks: identity (who you are and what you can do), secrets, and encryption. And finally two modern frontiers — the software supply chain you depend on, and the privacy of the data you're trusted with.

Security woven through, not bolted on

Think about threats early

in design and requirements, not just at the end

Know the common attacks

the OWASP Top 10 and how they work

Use the building blocks

identity, secrets, encryption

Guard the edges

dependencies and the data you keep