^
Basically, I didn't take any security-adjacent classes in school, and never had to consider these things for my previous work. I've heard about things like web cache poisoning but never thought closely about them. Is there a good place for me to get a primer?
<a href="https://web.stanford.edu/class/cs253/" rel="nofollow">https://web.stanford.edu/class/cs253/</a> by @feross
If you're into dead tree formats, I suggest this book: <a href="https://www.cl.cam.ac.uk/~rja14/book.html" rel="nofollow">https://www.cl.cam.ac.uk/~rja14/book.html</a><p>It's big but covers a lot of things and is pretty accessible.
I’ve scanned this and have it in my reading list:<p><a href="https://github.com/veeral-patel/how-to-secure-anything" rel="nofollow">https://github.com/veeral-patel/how-to-secure-anything</a><p>I’ve been working with a very competent security team for several years and there were a lot of familiar terms and techniques.
good course for web developers: <a href="https://www.pluralsight.com/courses/hack-yourself-first" rel="nofollow">https://www.pluralsight.com/courses/hack-yourself-first</a>