Security Software Development de CISSP, Douglas A. Ashbaugh

Security Software Development: Assessing and Managing Security Risks

CISSP, Douglas A. Ashbaugh

Threats to application security continue to evolve just as quickly as the systems that protect against cyber-threats. In many instances, traditional firewalls and other conventional controls can no longer get the job done. The latest line of defense is to build security features into software as it is being developed.

Drawing from the author’s extensive experience as a developer, Secure Software Development: Assessing and Managing Security Risks illustrates how software application security can be best, and most cost-effectively, achieved when developers monitor and regulate risks early on, integrating assessment and management into the development life cycle. This book identifies the two primary reasons for inadequate security safeguards: Development teams are not sufficiently trained to identify risks; and developers falsely believe that pre-existing perimeter security controls are adequate to protect newer software. Examining current trends, as well as problems that have plagued software security for more than a decade, this useful guide:

Outlines and compares various techniques to assess, identify, and manage security risks and vulnerabilities, with step-by-step instruction on how to execute each approach

Explains the fundamental terms related to the security process

Elaborates on the pros and cons of each method, phase by phase, to help readers select the one that best suits their needs

Despite decades of extraordinary growth in software development, many open-source, government, regulatory, and industry organizations have been slow to adopt new application safety controls, hesitant to take on the added expense. This book improves understanding of the security environment and the need for safety measures. It shows readers how to analyze relevant threats to their applications and then implement time- and money-saving techniques

Citește tot Restrânge

Toate formatele și edițiile

	Preț	Express
Paperback (1)	446^.82 lei 6-8 săpt.
CRC Press – 5 sep 2019	446^.82 lei 6-8 săpt.
Hardback (1)	675^.50 lei 3-5 săpt.	+29^.51 lei 6-12 zile
CRC Press – 23 oct 2008	675^.50 lei 3-5 săpt.	+29^.51 lei 6-12 zile

Cuprins

Current trends in application security. Risk assessment methodologies. Identifying threats. Identification of Vulnerabilities. Identification of Assets. Analyzing Risks. Managing Risks. Looking at risk assessment and risk management within the phases of the software development life cycle. Maintaining a risk assessment and risk management process.

Descriere

Examining current trends and problems that have plagued application development for more than a decade, this book provides a foundation for security risk assessment and management during software development. It demonstrates how to achieve greater application security through assessing and managing risk throughout the entire software development life cycle using a test case based on the author’s personal experience in software development. The book covers methods used to assess risk, discussing the pros and cons of each method. Readers are then guided through each step of the process. The book concludes with discussions of how to sustain a risk assessment and risk management process within an organization.