In , you’ll learn how to: Use algorithms to encrypt, hash, and digitally sign data Create and install TLS certificates Implement authentication, authorization, OAuth 2.0, and form validation in Django Protect a web application with Content Security Policy Implement Cross Origin Resource Sharing Protect against common attacks including clickjacking, denial of service attacks, SQL injection, cross-site scripting, and more teaches you everything you’ll need to build secure Python web applications. As you work through the insightful code snippets and engaging examples, you’ll put security standards, best practices, and more into action. Along the way, you’ll get exposure to important libraries and tools in the Python ecosystem. Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications. Security is a full-stack concern, encompassing user interfaces, APIs, web servers, network infrastructure, and everything in between. Master the powerful libraries, frameworks, and tools in the Python ecosystem and you can protect your systems top to bottom. Packed with realistic examples, lucid illustrations, and working code, this book shows you exactly how to secure Python-based web applications. teaches you everything you need to secure Python and Django-based web apps. In it, seasoned security pro Dennis Byrne demystifies complex security terms and algorithms. Starting with a clear review of cryptographic foundations, you’ll learn how to implement layers of defense, secure user authentication and third-party access, and protect your applications against common hacks. Encrypt, hash, and digitally sign data Protect against attacks such as clickjacking, cross-site scripting, and SQL injection For intermediate Python programmers. is a tech lead for 23andMe, where he protects the genetic data of more than 10 million customers. 1 Defense in depth PART 1 - CRYPTOGRAPHIC FOUNDATIONS 2 Hashing 3 Keyed hashing 4 Symmetric encryption 5 Asymmetric encryption 6 Transport Layer Security PART 2 - AUTHENTICATION AND AUTHORIZATION 7 HTTP session management 8 User authentication 9 User password management 10 Authorization 11 OAuth 2 PART 3 - ATTACK RESISTANCE 12 Working with the operating system 13 Never trust input 14 Cross-site scripting attacks 15 Content Security Policy 16 Cross-site request forgery 17 Cross-Origin Resource Sharing 18 Clickjacking