Go programming language secure coding practices guide
Go HTML

README.md

The GitBook version of this book, for easy online reading, can be found here: https://checkmarx.gitbooks.io/go-scp

The book can be downloaded in PDF, Mobi and ePub formats here: https://www.gitbook.com/book/checkmarx/go-scp

Introduction

Go Language - Web Application Secure Coding Practices is a guide written for anyone who is using the Go Programming Language and aims to use it for web development.

This book is collaborative effort of Checkmarx Security Research Team and it follows the OWASP Secure Coding Practices - Quick Reference Guide v2 (stable) release.

The main goal of this book is to help developers avoid common mistakes while at the same time, learning a new programming language through a "hands-on approach". This book provides a good level of detail on "how to do it securely" showing what kind of security problems could arise during development.

About Checkmarx

Checkmarx is an Application Security software company, whose mission is to provide enterprise organizations with application security testing products and services that empower developers to deliver secure applications. Amongst the company's 1,000 customers are five of the world's top 10 software vendors, four of the top American banks, and many Fortune 500 and government organizations, including SAP, Samsung and Salesforce.com.

For more information about Checkmarx, visit checkmarx.com or follow us on Twitter: @checkmarx

About OWASP Secure Coding Practices

This book was adapted for Go Language from The Secure Coding Practices Quick Reference Guide, an OWASP - Open Web Application Security Project. It is a "technology agnostic set of general software security coding practices, in a comprehensive checklist format, that can be integrated into the development lifecycle" (source).

OWASP itself is "an open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security" (source).

How To Contribute

This book was created using a few open source tools. If you're curious about how we built it from scratch, read the How To contribute section.

License

This document is released under the Creative Commons Attribution-ShareAlike 4.0 International license (CC BY-SA 4.0). For any reuse or distribution, you must make clear to others the license terms of this work. https://creativecommons.org/licenses/by-sa/4.0/