The authors bring a "voice from the trenches" describing best practices for effective security development. This book is a must-read for product security practitioners, managers, and advocates for a safer cyber world. Its successful secure, resilient, and agile software development practices exceed the demands of today's digital world.
The authors bring a "voice from the trenches" describing best practices for effective security development. This book is a must-read for product security practitioners, managers, and advocates for a safer cyber world. Its successful secure, resilient, and agile software development practices exceed the demands of today's digital world.
Dr. James Ransome is the Chief Scientist for CyberPhos, an early-stage cybersecurity startup, and continues to do ad hoc consulting. He also serves on the Board of Directors for the Bay Area CSO Council. Most recently, Dr. Ransome was the Senior Director, Security Development Lifecycle (SDL) Engineering, in the Intel Product Security and Assurance, Governance and Operations (IPAS GO) Group, where he led and developed a team of SDL engineers, architects, and product security experts that implemented and drove security practices across all of Intel. Prior to that, he was the Senior Director of Product Security and PSIRT at Intel Security and McAfee, LLC. Over a six-year period, he built, managed, and enhanced a developer-centric, self-sustaining, and scalable software security program, with an extended team of 120 software security architects embedded in each product team. All of this was a result of implementing and enhancing the model described in his most recent book, Core Software Security: Security at the Source, which has become a standard reference for many corporate security leaders who are responsible for developing their own SDLs. Brook S. E. Schoenfield is the author of Secrets of a Cyber Security Architect, Securing Systems: Applied Security Architecture and Threat Models, and Chapter 9: Applying the SDL Framework to the Real World in Core Software Security: Security at the Source. He has been published by CRC Press, Auerbach, SANS Institute, Cisco, SAFECode, and the IEEE. Occasionally, he even posts to his security architecture blog, brookschoenfield.com.
Inhaltsangabe
Dedications. Contents. Foreword by Dr. David Brumley. Preface. Acknowledgments. About the Authors. 1. Setting the Stage. 2. Software Development Security Management in an Agile World. 3. A Generic Security Development Lifecycle (SDL). 4. Secure Design through Threat Modeling. 5. Enhancing Software Development Security Management in an Agile World. 6. Culture Hacking. Appendix A: The Generic Security Development Lifecycle. Index.
Dedications. Contents. Foreword by Dr. David Brumley. Preface. Acknowledgments. About the Authors. 1. Setting the Stage. 2. Software Development Security Management in an Agile World. 3. A Generic Security Development Lifecycle (SDL). 4. Secure Design through Threat Modeling. 5. Enhancing Software Development Security Management in an Agile World. 6. Culture Hacking. Appendix A: The Generic Security Development Lifecycle. Index.
Es gelten unsere Allgemeinen Geschäftsbedingungen: www.buecher.de/agb
Impressum
www.buecher.de ist ein Shop der buecher.de GmbH & Co. KG Bürgermeister-Wegele-Str. 12, 86167 Augsburg Amtsgericht Augsburg HRA 13309
