This document is a collection of field notes to help developers write safe code using a platform's security controls and frameworks like OWASP and ESAPI. The notes are from our experience with working with developers at our day jobs. The information is presented in cookbook fashion to promote quick lookups and easy adoption.
If you want to contribute to the book then clone the repository, make pull requests and open bug reports. Techinical editing is especially welcomed. We would be happy to take contributions and add additional authors.
If you only want the field notes then download appsec-notes.pdf. If you find errors or omissions then make pull requests and open bug reports.
The book is built using DocBook. The instructions to setup DocBook on Ubuntu and Fedora with Apache FOP 2.9 are available at https://github.com/noloader/Dockbook-Install.