Practical Core Software Security: A Reference Framework
Autor James F. Ransome, Anmol Misra, Mark S. Merkowen Limba Engleză Paperback – 2 aug 2022
The text outlines a step-by-step process for software security that is relevant to today’s technical, operational, business, and development environments. It focuses on what humans can do to control and manage a secure software development process using best practices and metrics. Although security issues will always exist, students learn how to maximize an organization’s ability to minimize vulnerabilities in software products before they are released or deployed by building security into the development process.
The authors have worked with Fortune 500 companies and have often seen examples of the breakdown of security development lifecycle (SDL) practices. The text takes an experience-based approach to apply components of the best available SDL models in dealing with the problems described above. Software security best practices, an SDL model, and framework are presented in this book. Starting with an overview of the SDL, the text outlines a model for mapping SDL best practices to the software development life cycle (SDLC). It explains how to use this model to build and manage a mature SDL program. Exercises and an in-depth case study aid students in mastering the SDL model.
Professionals skilled in secure software development and related tasks are in tremendous demand today. The industry continues to experience exponential demand that should continue to grow for the foreseeable future. This book can benefit professionals as much as students. As they integrate the book’s ideas into their software security practices, their value increases to their organizations, management teams, community, and industry.
| Toate formatele și edițiile | Preț | Express |
|---|---|---|
| Paperback (1) | 493.52 lei 3-5 săpt. | +21.97 lei 4-10 zile |
| CRC Press – 2 aug 2022 | 493.52 lei 3-5 săpt. | +21.97 lei 4-10 zile |
| Hardback (1) | 1395.57 lei 6-8 săpt. | |
| CRC Press – 2 aug 2022 | 1395.57 lei 6-8 săpt. |
Preț: 493.52 lei
Preț vechi: 616.90 lei
-20% Nou
Puncte Express: 740
Preț estimativ în valută:
94.45€ • 98.24$ • 77.97£
94.45€ • 98.24$ • 77.97£
Carte disponibilă
Livrare economică 24 martie-07 aprilie
Livrare express 07-13 martie pentru 31.96 lei
Preluare comenzi: 021 569.72.76
Specificații
ISBN-13: 9781032276038
ISBN-10: 1032276037
Pagini: 286
Ilustrații: 14 Tables, black and white; 49 Halftones, black and white; 49 Illustrations, black and white
Dimensiuni: 178 x 254 x 25 mm
Greutate: 0.54 kg
Ediția:1
Editura: CRC Press
Colecția Auerbach Publications
ISBN-10: 1032276037
Pagini: 286
Ilustrații: 14 Tables, black and white; 49 Halftones, black and white; 49 Illustrations, black and white
Dimensiuni: 178 x 254 x 25 mm
Greutate: 0.54 kg
Ediția:1
Editura: CRC Press
Colecția Auerbach Publications
Cuprins
1. Introduction 2. The Security Development Lifecycle 3. Security Assessment (A1): SDL Activities and Best Practices 4. Architecture (A2): SDL Activities and Best Practices 5. Design and Development (A3): SDL Activities and Best Practices 6. Design and Development (A4): SDL Activities and Best Practices 7. Ship (A5): SDL Activities and Best Practices 8. Post-Release Support (PRSA1–5) 9. Adapting Our Reference Framework to Your Environment A. Case Study for Chapters 3 Through 8 Exercises B. Answers to Quick-Check Questions
Notă biografică
James Ransome, PhD, CISSP, CISM is the Chief Scientist for CYBERPHOS, an early-stage cybersecurity startup. He is also a member of the board of directors for the Bay Area Chief Security Officer Council. Most recently, James was the Senior Director of Security Development Lifecycle Engineering for Intel’s Product Assurance and Security (IPAS). In that capacity, he led a team of SDL engineers, architects, and product security experts to drive and implement security practices across the company. Prior to that, James was the Senior Director of Product Security and PSIRT at Intel Security (formerly McAfee).
Anmol Misra is an accomplished leader, researcher, author, and security expert, with over 16 years of experience in technology and cybersecurity. His engineering, security, and consulting background makes him uniquely suited to drive the adoption of disruptive technologies. He is a team builder focused on mentoring and nurturing high-potential leaders, fostering excellence, and building industry partnerships. He is known for his pragmatic approach to security.
Mark S. Merkow, CISSP, CISM, CSSLP has over 25 years of experience in corporate information security and 17 years in the AppSec space helping to establish and lead application security initiatives to success and sustainment. Mark is a faculty member at the University of Denver, where he works developing and instructing online courses in topics across the Information Security spectrum, with a focus on secure software development. He also works as an advisor to the University of Denver’s Information and Computing Technology Curriculum Team for new course development and changes to the curriculum and for Strayer University as an advisor to the undergraduate and graduate programs in information security.
Anmol Misra is an accomplished leader, researcher, author, and security expert, with over 16 years of experience in technology and cybersecurity. His engineering, security, and consulting background makes him uniquely suited to drive the adoption of disruptive technologies. He is a team builder focused on mentoring and nurturing high-potential leaders, fostering excellence, and building industry partnerships. He is known for his pragmatic approach to security.
Mark S. Merkow, CISSP, CISM, CSSLP has over 25 years of experience in corporate information security and 17 years in the AppSec space helping to establish and lead application security initiatives to success and sustainment. Mark is a faculty member at the University of Denver, where he works developing and instructing online courses in topics across the Information Security spectrum, with a focus on secure software development. He also works as an advisor to the University of Denver’s Information and Computing Technology Curriculum Team for new course development and changes to the curriculum and for Strayer University as an advisor to the undergraduate and graduate programs in information security.
Descriere
This textbook explains developer-centric software security, a holistic process to engage security. As long as software is developed by humans, it requires the human element to fix it. It outlines a step-by-step process for software security that is focused on educating graduate and undergraduate students.