Sunday 28 February 2016

Thinking of writing a book called "Measuring Software Quality using Application Security"

This book will be based on the ideas I've been talking about in my "New Era of Software with modern Application Security" presentation.

The plan is to use my experience with Leanpub (where I have published 7 books), with the content being hosted on GitHub and published early and ofter.

I also want to use this book to capture and comment great analysis like this one where the authors says
So that's why I love software. It's not like modern art. You can't just keep spouting intellectual nonsense forever. At the end of the day, you have to translate your prescriptions into running code and that's when the bullshit meter activates. It may sound nice, but is the code better? If not, call bullshit.
What about the title?

I was debating between "Measuring Software Quality using Application Security" and "Using Application Security to define and measure Quality".

The 2nd one is what I used in the slides:

Update: The Git repo for this book is at and the book will be published at