Stack-Specific Secure Engineering
Section focus: Stack-Specific Secure Engineering.
Best use: start with the section map below, then move into the deeper pages that match your role or stack.
Design note: this index was refreshed to act as a cleaner GitBook landing page instead of a plain directory listing.
Start with these pages
| Page | Why open it first |
|---|---|
| 🛠️ Backend Service Security Guides by Stack | High-value page inside Stack-Specific Secure Engineering. |
| 🟩 Node.js Server Security — Practical Guide and Review Map | Focused Node.js backend review guidance with runtime, dependency, session, and SSRF priorities. |
| ☕ Spring Boot and Spring Security — Practical Guide | Focused Spring Boot / Spring Security review guidance with filter-chain, method-security, and actuator priorities. |
| 📱 Frontend Framework and Mobile Backend Security Guides | High-value page inside Stack-Specific Secure Engineering. |
| ✅ Stack-Specific Review Checklists and Release Criteria | High-value page inside Stack-Specific Secure Engineering. |
| 💻 Code Vulnerability Examples and Fixes by Language | Training-style vulnerable/safer snippets with business-impact commentary by language. |
| 🧪 Secure Coding Review Labs and Language-Specific Checklists | Converts the example pages into facilitator-ready labs, exercises, and language checklists. |
Related sections
Intro: Generic secure-coding guidance is useful, but real reviews become sharper when they are adapted to the framework, runtime, and rendering model the team actually ships.
What this page includes
- stack-aware review guides by ecosystem
- release criteria and common mistakes by stack family
- practical prompts for code review and design review
- a reusable secure-coding lab pack for training, onboarding, and champion practice
- cross-links into frontend, API, and CI/CD sections
Section map
| Page | Why it belongs here |
|---|---|
| Backend Service Security Guides by Stack | Cross-stack backend review summary. |
| Frontend Framework and Mobile Backend Security Guides | Overview of client-facing stack concerns. |
| Stack-Specific Review Checklists and Release Criteria | Compact checklist-style release guide. |
| Node.js Server Security — Practical Guide and Review Map | Deep Node.js backend guidance with practical trust boundaries and starter snippets. |
| Node.js, Next.js, and React Security Review Guide | Adds stack-aware review prompts for JavaScript-heavy services and frontends. |
| Spring Boot and Spring Security — Practical Guide | Deep Spring Boot / Spring Security guidance with modern Boot-first review anchors. |
| Python, FastAPI, and Django Security Review Guide | Covers common Python framework security review themes. |
| Spring, ASP.NET, and Go Service Security Review Guide | Summarizes practical review prompts for mature backend stacks. |
| Stack-Specific Release Criteria and Common Mistakes | Turns stack observations into enforceable release gates. |
| 💻 Code Vulnerability Examples and Fixes by Language | Short training-style overview page for recurring code mistakes. |
| 🧪 Secure Coding Review Labs and Language-Specific Checklists | The training pack that turns the snippet pages into guided practice. |
Lab pack pages
- 🎓 Secure Coding Review Labs — Facilitator Guide
- ✅ Language-Specific Secure Coding Review Checklists
- 🧩 Secure Coding Review Lab Scenarios by Language
Language example pages
- 🐘 PHP Vulnerability Examples and Fixes
- 🐍 Python Vulnerability Examples and Fixes
- 🪙 Golang Vulnerability Examples and Fixes
- ☕ Java Vulnerability Examples and Fixes
- 🟨 JavaScript Vulnerability Examples and Fixes
- 🟦 TypeScript Vulnerability Examples and Fixes
- 🗄️ SQL Vulnerability Examples and Fixes
Practical use
Use this section when a team asks, “What should a security review focus on for our stack?” rather than for generic application code.
Author attribution: Ivan Piskunov, 2026 - Educational and defensive-engineering use.