Your First Look with the Authors

Securing software in a world moving at the speed of DevOps is a monumental challenge. So, we brought 29 security leaders together to take this challenge head-on, and write a modern reference book to address it.

We have also built a vibrant community supporting this mission, designed to create awareness, share challenges, and promote best practices to inspire your security efforts.

The book will be shared as a free resource with all. Join our coauthors as they walk through the first 3 chapters of the book in this virtual forum.
The Purple Book front cover


We are experiencing a paradigm shift. Software has become ubiquitous. It’s hard to find a device or machine – or even a toy – that doesn’t have software in it. That means software security can no longer be an afterthought. It must be baked into every decision and every process.
Shaun Khalfan
SVP, CIO at Discover Financial Services
Chapter 1
Software security issues now threaten our economies and our safety. Sadly, there is no magic formula for securing software. Ensuring the security of software requires diligence, awareness and close scrutiny at every step of the software development process.
Cassie Crossley
Director of Product and Systems Security,
Schneider Electric
Chapter 2
Security is and has always been an organizational discipline. Ultimately, the success of the security strategy depends significantly on the cooperation of many players and multiple teams.
Poornaprajna Udupi
CTO, Good Money, ex-Netflix Security
Chapter 3
Here’s the harsh truth: Billions of lines of new code are written every year. Each line represents a potential risk. When you add artificial intelligence and machine learning into the mix, the complexity of the security challenge expands to dangerous levels.
Nikhil Gupta
Founder and CEO ArmorCode Inc
Chapter 1
Dynamic multi-cloud and agile methodologies force us to confront application security with a new mindset. We must track vulnerabilities, exposures and compliance. We need to pay close attention to open source software bills of materials, versions, assets, configuration drift, APIs, regulation compliance, end-of-life products, licenses, sensitive data, dependencies, supply chains, etc. – and remediate accordingly.
Les Correia
Global Head of Application Security, Estee Lauder
Chapter 1
I am pretty stoked for the launch of The Purple Book & Community. It has been a few months in the making and it was great to exchange insights and experiences with solid security folks. Thank you, team!
Poornaprajna Udupi
CTO, Good Money, ex-Netflix Security

Coauthors of the Purple Book