Brook S. E. Schoenfield
Secrets of a Cyber Security Architect
Brook S. E. Schoenfield
Secrets of a Cyber Security Architect
- Broschiertes Buch
- Merkliste
- Auf die Merkliste
- Bewerten Bewerten
- Teilen
- Produkt teilen
- Produkterinnerung
- Produkterinnerung
This book is filled with techniques, tips, and tricks that secure software architects and developers can apply directly. From assessing the sensitivity of data in a system through actually getting requirements implemented, this book offers readers practical, how-to advice in small, focused and directly applicable gems of insight, knowledge, and
Andere Kunden interessierten sich auch für
- Peter YaworskiReal-World Bug Hunting35,99 €
- James Ransome (Senior Director, Product Security, McAfee - An IntelBuilding in Security at Agile Speed68,99 €
- James F. RansomePractical Core Software Security68,99 €
- AI-Based Metaheuristics for Information Security and Digital Media104,99 €
- Abu Sayed MahfuzSoftware Quality Assurance36,99 €
- Brook S. E. SchoenfieldSecuring Systems71,99 €
- Nicholas SherwoodEnterprise Security Architecture69,99 €
-
-
-
This book is filled with techniques, tips, and tricks that secure software architects and developers can apply directly. From assessing the sensitivity of data in a system through actually getting requirements implemented, this book offers readers practical, how-to advice in small, focused and directly applicable gems of insight, knowledge, and
Hinweis: Dieser Artikel kann nur an eine deutsche Lieferadresse ausgeliefert werden.
Hinweis: Dieser Artikel kann nur an eine deutsche Lieferadresse ausgeliefert werden.
Produktdetails
- Produktdetails
- Verlag: Taylor & Francis Ltd
- Seitenzahl: 252
- Erscheinungstermin: 21. Januar 2023
- Englisch
- Abmessung: 254mm x 178mm x 14mm
- Gewicht: 484g
- ISBN-13: 9781032475028
- ISBN-10: 1032475021
- Artikelnr.: 70254499
- Herstellerkennzeichnung
- Books on Demand GmbH
- In de Tarpen 42
- 22848 Norderstedt
- info@bod.de
- 040 53433511
- Verlag: Taylor & Francis Ltd
- Seitenzahl: 252
- Erscheinungstermin: 21. Januar 2023
- Englisch
- Abmessung: 254mm x 178mm x 14mm
- Gewicht: 484g
- ISBN-13: 9781032475028
- ISBN-10: 1032475021
- Artikelnr.: 70254499
- Herstellerkennzeichnung
- Books on Demand GmbH
- In de Tarpen 42
- 22848 Norderstedt
- info@bod.de
- 040 53433511
Brook S. E. Schoenfield is the author of Securing Systems: Applied Security Architecture and Threat Models and Chapter 9: Applying the SDL Framework to the Real World, in Core Software Security: Security at the Source. He has been published by CRC Press, SANS Institute, Cisco, SAFECode, and the IEEE. Occasionally, he even posts to his security architecture blog, brookschoenfield.com. He is the Master Security Architect at a global cyber security consultancy, where he leads the company's secure design services. He has held security architecture leadership positions at high-tech enterprises for nearly 20 years, at which he has trained and coached hundreds of people in their journey to becoming security architects. Several thousand people have taken his participatory threat modeling classes. Brook has presented and taught at conferences such as RSA, BSIMM, OWASP, and SANS What Works Summits on subjects within security architecture, including threat models, DevOps security, information security risk, and other aspects of secure design and software security. Brook lives in Montana's Bitterroot Mountains. When he's not thinking about, practicing, writing about, and speaking on secure design and software security, he can be found telemark skiing, hiking, and fly fishing in his beloved mountains, exploring new cooking techniques, or playing various genres of guitar-from jazz to percussive fingerstyle.
Introduction. What Is This Thing Called "Security Architecture"?. What Is
Security Assessment. Architecture Risk Assessment. Threat Modeling. ATASM.
Background knowledge: The Three S's. Architecture. Threats. Attack
Surfaces. Mitigations. Requirements. Security Architecture Programs.
Secure Development Lifecycle. Tips and Tricks. Relationships Are (Almost)
Everything. Know the Policies and Standards. Start With Context. Work
Holistically. Assessment is Fractal and Recursive . Don't Get Sidetracked
By Presenting Problems. The Early Requirement Gets the Worm. Break the Kill
Chain to Mitigate. Probability Can Be Reduced To Booleans. Becoming Part of
a Team. We Are Not Cops. Playing a Long Game. Conflict Builds Trust. Give
Risks to Decision Makers. Making Friends with Exceptions. Interjections and
Release Scheduling. What to Do When Brought in Late. Transparency!. Post
Threat Models. The Rule of the Most Sensitive. External to Internal? Build
a mini-DMZ. Peer Review Rules. When Policies Make Sense, When They Don't.
Working with Eyeball-to-Eyeball Security. Measuring Success. Measuring
Architect Performance.
Security Assessment. Architecture Risk Assessment. Threat Modeling. ATASM.
Background knowledge: The Three S's. Architecture. Threats. Attack
Surfaces. Mitigations. Requirements. Security Architecture Programs.
Secure Development Lifecycle. Tips and Tricks. Relationships Are (Almost)
Everything. Know the Policies and Standards. Start With Context. Work
Holistically. Assessment is Fractal and Recursive . Don't Get Sidetracked
By Presenting Problems. The Early Requirement Gets the Worm. Break the Kill
Chain to Mitigate. Probability Can Be Reduced To Booleans. Becoming Part of
a Team. We Are Not Cops. Playing a Long Game. Conflict Builds Trust. Give
Risks to Decision Makers. Making Friends with Exceptions. Interjections and
Release Scheduling. What to Do When Brought in Late. Transparency!. Post
Threat Models. The Rule of the Most Sensitive. External to Internal? Build
a mini-DMZ. Peer Review Rules. When Policies Make Sense, When They Don't.
Working with Eyeball-to-Eyeball Security. Measuring Success. Measuring
Architect Performance.
Introduction. What Is This Thing Called "Security Architecture"?. What Is
Security Assessment. Architecture Risk Assessment. Threat Modeling. ATASM.
Background knowledge: The Three S's. Architecture. Threats. Attack
Surfaces. Mitigations. Requirements. Security Architecture Programs.
Secure Development Lifecycle. Tips and Tricks. Relationships Are (Almost)
Everything. Know the Policies and Standards. Start With Context. Work
Holistically. Assessment is Fractal and Recursive . Don't Get Sidetracked
By Presenting Problems. The Early Requirement Gets the Worm. Break the Kill
Chain to Mitigate. Probability Can Be Reduced To Booleans. Becoming Part of
a Team. We Are Not Cops. Playing a Long Game. Conflict Builds Trust. Give
Risks to Decision Makers. Making Friends with Exceptions. Interjections and
Release Scheduling. What to Do When Brought in Late. Transparency!. Post
Threat Models. The Rule of the Most Sensitive. External to Internal? Build
a mini-DMZ. Peer Review Rules. When Policies Make Sense, When They Don't.
Working with Eyeball-to-Eyeball Security. Measuring Success. Measuring
Architect Performance.
Security Assessment. Architecture Risk Assessment. Threat Modeling. ATASM.
Background knowledge: The Three S's. Architecture. Threats. Attack
Surfaces. Mitigations. Requirements. Security Architecture Programs.
Secure Development Lifecycle. Tips and Tricks. Relationships Are (Almost)
Everything. Know the Policies and Standards. Start With Context. Work
Holistically. Assessment is Fractal and Recursive . Don't Get Sidetracked
By Presenting Problems. The Early Requirement Gets the Worm. Break the Kill
Chain to Mitigate. Probability Can Be Reduced To Booleans. Becoming Part of
a Team. We Are Not Cops. Playing a Long Game. Conflict Builds Trust. Give
Risks to Decision Makers. Making Friends with Exceptions. Interjections and
Release Scheduling. What to Do When Brought in Late. Transparency!. Post
Threat Models. The Rule of the Most Sensitive. External to Internal? Build
a mini-DMZ. Peer Review Rules. When Policies Make Sense, When They Don't.
Working with Eyeball-to-Eyeball Security. Measuring Success. Measuring
Architect Performance.