Secrets of a Cyber Security Architect
Autor Brook S. E. Schoenfielden Limba Engleză Hardback – 5 dec 2019
Cyber security is a big, messy, multivariate, multidimensional arena. A reasonable "defense-in-depth" requires many technologies; smart, highly skilled people; and deep and broad analysis, all of which must come together into some sort of functioning whole, which is often termed a security architecture. Secrets of a Cyber Security Architect is about security architecture in practice. Expert security architects have dozens of tricks of their trade in their kips. In this book, author Brook S. E. Schoenfield shares his tips and tricks, as well as myriad tried and true bits of wisdom that his colleagues have shared with him.
Creating and implementing a cyber security architecture can be hard, complex, and certainly frustrating work. This book is written to ease this pain and show how to express security requirements in ways that make the requirements more palatable and, thus, get them accomplished. It also explains how to surmount individual, team, and organizational resistance. The book covers:
- What security architecture is and the areas of expertise a security architect needs in practice
- The relationship between attack methods and the art of building cyber defenses
- Why to use attacks and how to derive a set of mitigations and defenses
- Approaches, tricks, and manipulations proven successful for practicing security architecture
- Starting, maturing, and running effective security architecture programs
- Secrets of the trade for the practicing security architecture
- Tricks to surmount typical problems
Toate formatele și edițiile | Preț | Express |
---|---|---|
Paperback (1) | 247.30 lei 6-8 săpt. | +57.65 lei 7-13 zile |
CRC Press – 21 ian 2023 | 247.30 lei 6-8 săpt. | +57.65 lei 7-13 zile |
Hardback (1) | 335.88 lei 6-8 săpt. | |
CRC Press – 5 dec 2019 | 335.88 lei 6-8 săpt. |
Preț: 335.88 lei
Preț vechi: 487.32 lei
-31% Nou
Puncte Express: 504
Preț estimativ în valută:
64.29€ • 67.00$ • 53.52£
64.29€ • 67.00$ • 53.52£
Carte tipărită la comandă
Livrare economică 04-18 ianuarie 25
Preluare comenzi: 021 569.72.76
Specificații
ISBN-13: 9781498741996
ISBN-10: 1498741991
Pagini: 250
Ilustrații: 30
Dimensiuni: 178 x 254 x 15 mm
Greutate: 0.51 kg
Ediția:1
Editura: CRC Press
Colecția Auerbach Publications
Locul publicării:Boca Raton, United States
ISBN-10: 1498741991
Pagini: 250
Ilustrații: 30
Dimensiuni: 178 x 254 x 15 mm
Greutate: 0.51 kg
Ediția:1
Editura: CRC Press
Colecția Auerbach Publications
Locul publicării:Boca Raton, United States
Public țintă
Professional Practice & DevelopmentCuprins
Introduction. What Is This Thing Called "Security Architecture"?. What Is Security Assessment. Architecture Risk Assessment. Threat Modeling. ATASM. Background knowledge: The Three S’s. Architecture. Threats. Attack Surfaces. Mitigations. Requirements. Security Architecture Programs. Secure Development Lifecycle. Tips and Tricks. Relationships Are (Almost) Everything. Know the Policies and Standards. Start With Context. Work Holistically. Assessment is Fractal and Recursive . Don’t Get Sidetracked By Presenting Problems. The Early Requirement Gets the Worm. Break the Kill Chain to Mitigate. Probability Can Be Reduced To Booleans. Becoming Part of a Team. We Are Not Cops. Playing a Long Game. Conflict Builds Trust. Give Risks to Decision Makers. Making Friends with Exceptions. Interjections and Release Scheduling. What to Do When Brought in Late. Transparency!. Post Threat Models. The Rule of the Most Sensitive. External to Internal? Build a mini-DMZ. Peer Review Rules. When Policies Make Sense, When They Don’t. Working with Eyeball-to-Eyeball Security. Measuring Success. Measuring Architect Performance.
Notă biografică
Brook S. E. Schoenfield is the author of Securing Systems: Applied Security Architecture and Threat Models and Chapter 9: Applying the SDL Framework to the Real World, in Core Software Security: Security at the Source. He has been published by CRC Press, SANS Institute, Cisco, SAFECode, and the IEEE. Occasionally, he even posts to his security architecture blog, brookschoenfield.com.
He is the Master Security Architect at a global cyber security consultancy, where he leads the company’s secure design services. He has held security architecture leadership positions at high-tech enterprises for nearly 20 years, at which he has trained and coached hundreds of people in their journey to becoming security architects. Several thousand people have taken his participatory threat modeling classes.
Brook has presented and taught at conferences such as RSA, BSIMM, OWASP, and SANS What Works Summits on subjects within security architecture, including threat models, DevOps security, information security risk, and other aspects of secure design and software security.
Brook lives in Montana’s Bitterroot Mountains. When he’s not thinking about, practicing, writing about, and speaking on secure design and software security, he can be found telemark skiing, hiking, and fly fishing in his beloved mountains, exploring new cooking techniques, or playing various genres of guitar—from jazz to percussive fingerstyle.
He is the Master Security Architect at a global cyber security consultancy, where he leads the company’s secure design services. He has held security architecture leadership positions at high-tech enterprises for nearly 20 years, at which he has trained and coached hundreds of people in their journey to becoming security architects. Several thousand people have taken his participatory threat modeling classes.
Brook has presented and taught at conferences such as RSA, BSIMM, OWASP, and SANS What Works Summits on subjects within security architecture, including threat models, DevOps security, information security risk, and other aspects of secure design and software security.
Brook lives in Montana’s Bitterroot Mountains. When he’s not thinking about, practicing, writing about, and speaking on secure design and software security, he can be found telemark skiing, hiking, and fly fishing in his beloved mountains, exploring new cooking techniques, or playing various genres of guitar—from jazz to percussive fingerstyle.
Descriere
This book is filled with techniques, tips, and tricks that secure software architects and developers can apply directly. From assessing the sensitivity of data in a system through actually getting requirements implemented, this book offers readers practical, how-to advice in small, focused and directly applicable gems of insight, knowledge, and wisdom from secure software principal architect Brook S.E. Schoenfield. The book is organized by applicability of topics that include getting security architecture started, helping architects be effective, working with partner teams, assessing systems, driving security requirements to completion, and programmatic hints.