“The common mistake that many developers do is that they more or less dump inputs blindly.”
— Daniel Deogun
The Authors
Dan Bergh Johnsson is a co-founder of the Öredev Conference and a long-time consultant who has dedicated much of his career to the intersection of domain-driven design and software security. His focus is on showing how sound design principles can naturally lead to safer systems without forcing developers into a purely defensive mindset.
Daniel Deogun brings his background as a senior developer and security expert, with years of experience in Java, distributed systems, and performance-critical applications. He is passionate about helping teams understand how secure coding can be an organic part of clean, testable, and maintainable code, rather than an afterthought.
Daniel Sawano complements this with his expertise in system integration, large-scale enterprise development, and mission-critical applications. His work emphasizes pragmatic approaches to applying domain-driven design and security principles in real-world projects, where both reliability and robustness are non-negotiable.
Together, the three authors combine their deep knowledge of software architecture, domain modeling, and application security to advocate a simple but powerful idea: that by embracing good design practices, developers can create systems that are inherently more secure.
The Book
Secure by Design is a practical guide that shows how good software design naturally leads to more secure systems. Instead of treating security as a separate checklist or an afterthought, the authors—Dan Bergh Johnsson, Daniel Deogun, and Daniel Sawano—demonstrate how techniques like domain-driven design, immutability, strong typing, and clear boundaries can make code both easier to maintain and harder to exploit.
The book blends real-world examples with design principles, emphasizing that many vulnerabilities arise not from obscure attacks but from poor modeling and careless handling of data. By introducing concepts such as domain primitives, valid-by-construction objects, and layered validation, the authors show how to prevent whole classes of bugs before they even occur.
At its core, the message of the book is simple: secure systems are the natural outcome of well-designed systems. When developers focus on clarity, correctness, and robustness in their code, they also reduce the attack surface and strengthen security by default.
What I liked
The book doesn’t just list security principles; it shows concrete design techniques you can apply in everyday code.
Instead of teaching you how to detect or patch vulnerabilities later, it shows you how to design systems so those vulnerabilities don’t appear in the first place
Many developers see design and security as separate concerns; the book elegantly unifies them, showing that good design is good security.
While tools and frameworks come and go, the patterns in this book (immutability, strong types, clear boundaries) remain relevant across languages and platforms.
What I disliked
Although clear overall, some sections are text-heavy and could benefit from more diagrams, summaries, or visuals.
The authors revisit “domain primitives” and “valid-by-construction” multiple times; some readers feel it gets repetitive.
What to expect?
You’ll learn to think of security as a natural outcome of good design rather than a separate concern or a checklist at the end.
Many examples come from enterprise-grade, business-critical applications, making the content grounded in reality.
Rather than “patching holes,” the authors show how to build systems where common classes of vulnerabilities simply don’t arise.
Conclusion
Secure by Design stands out because it reframes the way developers and architects think about software security. Instead of treating security as a checklist of defenses to apply after the fact, the authors argue persuasively that it should flow naturally from how we model and build our systems. By showing how practices like domain-driven design, immutability, strong typing, and valid-by-construction objects can lead to safer systems, they connect two disciplines—software design and security—that are too often seen as separate. The result is a book that feels just as much about writing better software as it is about defending against attacks.
One of the book’s strongest contributions is its practicality. The techniques are illustrated with clear examples, mostly in Java, that show exactly how to prevent vulnerabilities from appearing in the first place. Concepts like layered input validation (origin, size, lexical, syntax, semantics) and domain primitives are simple but powerful, and they have value far beyond the realm of security. They encourage developers to write code that is easier to test, reason about, and maintain, while also reducing the attack surface. This dual benefit—improving both quality and security—is what makes the book especially relevant for modern software teams.
Of course, readers should be prepared for the book’s focus and scope. It is aimed more at developers and architects building enterprise-style applications than at penetration testers or operations teams. It does not attempt to catalog specific exploits or provide step-by-step instructions for hardening systems against every possible threat. Instead, it focuses on the structural aspects of building systems that are inherently safer, which makes the lessons timeless and transferable across languages and frameworks.
In the end, the book’s conclusion can be summed up in a single idea: secure systems are not bolted on—they are designed from the start. By adopting the practices described in Secure by Design, developers can move away from firefighting vulnerabilities and toward building software where many common classes of bugs and attacks simply cannot occur. For any team that wants to build robust, maintainable, and trustworthy software, this book offers both a compelling philosophy and a practical path forward.