In 2020, I started working on a project that always seemed very necessary to me: a book about security for developers. The original repository and the first ideas can be found here: fguisso/seguranca-para-desenvolvedores
The initial inspiration came somewhat from the path followed by other authors, such as Gomex, who created the excellent book “Docker for Developers”. I also consulted some friends along the way, such as Roz, Vrech, and Lucas Santos. Lucas, by the way, is an author I admire a lot and has an amazing book dedicated to Kubernetes: book-kubernetes
At the beginning, my idea was quite clear: to teach developers how to code better and to absorb the mindset of secure development. I believe this is the only way to advance the security maturity of the market: incorporating security into the day-to-day workflow so that it is not just another task on the project’s to-do list, but something natural, just like many developers today already perform unit and integration tests to ensure code quality.
I am still gathering information and trying to better define the book’s format, but throughout 2024, as I started writing more on my blog, I realized that some posts could easily be turned into book chapters. This motivated me even more to continue with this idea.
Since I already write everything in Markdown and generate the blog using Hugo, the idea now is to develop the book within the blog, in an open source manner, keeping everything open so that friends and others can collaborate. Perhaps, by the end of 2025, I will take the content to a publisher for production, but if that doesn’t work out, at least we will have a good material documented on the blog.
At this moment, I am gathering more feedback and suggestions from the community. I created a form to understand what readers expect from this book, and in the coming months, I hope to gather enough data to start 2025 with a solid foundation to define the direction of this project. If you would like to participate, the form link is: typeform
To make reading on the blog easier, I am developing a page dedicated to these posts that will be part of the book, allowing for a more fluid reading experience on the web. I am using Hugo templates to create this feature, and it is looking great — it will be available soon.
Thinking about future projects, I am considering writing two more books. One would be about threat modeling, as I have been studying and applying an interesting methodology in my work. The other would be something similar to “Hack Tricks”: a handbook with several deep and interesting articles to have at hand in daily life. Stay tuned for more news!
Thank you to everyone who has followed and supported this project. With the help of the community, I believe we can create material that truly makes a difference for those developing software with a focus on security.