This book is written with a contemporary view on securing all types of software development practices or methodologies with in-depth, practical, and accessible advice. It is complete with successful secure, resilient, and agile software development practices that meet or exceed the demands of todayâ s increasingly digital world.
This book is written with a contemporary view on securing all types of software development practices or methodologies with in-depth, practical, and accessible advice. It is complete with successful secure, resilient, and agile software development practices that meet or exceed the demands of todayâ s increasingly digital world.Hinweis: Dieser Artikel kann nur an eine deutsche Lieferadresse ausgeliefert werden.
Mark S. Merkow, CISSP, CISM, CSSLP, works at WageWorks in Tempe, Arizona, leading application security architecture and engineering efforts in the office of the CISO. Mark has over 40 years of experience in IT in a variety of roles, including application development, systems analysis and design, security engineering, and security management. Mark holds a Master of Science in Decision and Information Systems from Arizona State University (ASU), a Master of Education in Distance Education from ASU, and a Bachelor of Science in Computer Information Systems from ASU. In addition to his day job, Mark engages in a number of extracurricular activities, including consulting, course development, online course instruction, and book writing. Mark has authored or co-authored 17 books on IT and has been a contributing editor to four others. Mark remains very active in the information security community, working in a variety of volunteer roles for the Phoenix Chapter of (ISC)2®, ISACA®, and OWASP. You can find Mark's LinkedIn® profile at: linkedin.com/in/markmerkow
Inhaltsangabe
Dedication Contents Preface About the Author Chapter 1: Today's Software Development Practices Shatter Old Security Practices Chapter 2: Deconstructing Agile and Scrum Chapter 3: Learning Is FUNdamental! Chapter 4: Product Backlog Development-Building Security In Chapter 5: Secure Design Considerations Chapter 6: Security in the Design Sprint Chapter 7: Defensive Programming Chapter 8: Testing Part 1: Static Code Analysis Chapter 9: Testing Part 2: Penetration Testing/Dynamic Analysis/IAST/RASP Chapter 10: Securing DevOps Chapter 11: Metrics and Models for AppSec Maturity Chapter 12: Frontiers for AppSec Chapter 13: AppSec Is a Marathon-Not a Sprint! Appendix A: Sample Acceptance Criteria for Security Controls Appendix B: Resources for AppSec Index
Dedication
Contents
Preface
About the Author
Chapter 1: Today's Software Development Practices Shatter Old Security Practices
Chapter 2: Deconstructing Agile and Scrum
Chapter 3: Learning Is FUNdamental!
Chapter 4: Product Backlog Development-Building Security In
Chapter 5: Secure Design Considerations
Chapter 6: Security in the Design Sprint
Chapter 7: Defensive Programming
Chapter 8: Testing Part 1: Static Code Analysis
Chapter 9: Testing Part 2: Penetration Testing/Dynamic Analysis/IAST/RASP
Chapter 10: Securing DevOps
Chapter 11: Metrics and Models for AppSec Maturity
Chapter 12: Frontiers for AppSec
Chapter 13: AppSec Is a Marathon-Not a Sprint!
Appendix A: Sample Acceptance Criteria for Security Controls
Dedication Contents Preface About the Author Chapter 1: Today's Software Development Practices Shatter Old Security Practices Chapter 2: Deconstructing Agile and Scrum Chapter 3: Learning Is FUNdamental! Chapter 4: Product Backlog Development-Building Security In Chapter 5: Secure Design Considerations Chapter 6: Security in the Design Sprint Chapter 7: Defensive Programming Chapter 8: Testing Part 1: Static Code Analysis Chapter 9: Testing Part 2: Penetration Testing/Dynamic Analysis/IAST/RASP Chapter 10: Securing DevOps Chapter 11: Metrics and Models for AppSec Maturity Chapter 12: Frontiers for AppSec Chapter 13: AppSec Is a Marathon-Not a Sprint! Appendix A: Sample Acceptance Criteria for Security Controls Appendix B: Resources for AppSec Index
Dedication
Contents
Preface
About the Author
Chapter 1: Today's Software Development Practices Shatter Old Security Practices
Chapter 2: Deconstructing Agile and Scrum
Chapter 3: Learning Is FUNdamental!
Chapter 4: Product Backlog Development-Building Security In
Chapter 5: Secure Design Considerations
Chapter 6: Security in the Design Sprint
Chapter 7: Defensive Programming
Chapter 8: Testing Part 1: Static Code Analysis
Chapter 9: Testing Part 2: Penetration Testing/Dynamic Analysis/IAST/RASP
Chapter 10: Securing DevOps
Chapter 11: Metrics and Models for AppSec Maturity
Chapter 12: Frontiers for AppSec
Chapter 13: AppSec Is a Marathon-Not a Sprint!
Appendix A: Sample Acceptance Criteria for Security Controls
Appendix B: Resources for AppSec
Index
Rezensionen
Modern software development breaks the old ways of security. This book is practical, actionable, relatable, and most importantly, current. It should be required reading for all Agile and DevOps teams.-Ed Adams, Chief Executive Officer, Security Innovation, Inc.
Es gelten unsere Allgemeinen Geschäftsbedingungen: www.buecher.de/agb
Impressum
www.buecher.de ist ein Internetauftritt der buecher.de internetstores GmbH
Geschäftsführung: Monica Sawhney | Roland Kölbl | Günter Hilger
Sitz der Gesellschaft: Batheyer Straße 115 - 117, 58099 Hagen
Postanschrift: Bürgermeister-Wegele-Str. 12, 86167 Augsburg
Amtsgericht Hagen HRB 13257
Steuernummer: 321/5800/1497
USt-IdNr: DE450055826
