Software Security: Building Security In
Beginning where the best-selling book Building Secure Software left off, Software Security teaches you how to put software security into practice.The software security best practices, or touchpoints, described in this book have their basis in good software engineering and involve explicitly pondering security throughout the software development lifecycle. This means knowing and understanding common risks (including implementation bugsand architectural flaws), designing for security, and subjecting all software artifacts to thorough, objective risk analyses and testing.Software Security is about putting the touchpoints to work for you. Because you can apply these touchpoints to the software artifacts you already produce as you develop software, you can adopt this book’s methods without radically changing the way you work. Inside you’ll find detailed explanations of:
- Risk management frameworks and processes
- Code review using static analysis tools
- Architectural risk analysis
- Penetration testing
- Security testing
In addition to the touchpoints, Software Security covers knowledge management, training and awareness, and enterprise-level software security programs.
Now that the world agrees that software security is central to computer security, it is time to put philosophy into practice. Create your own secure development lifecycle by enhancing your existing software development lifecycle with the touchpoints described in this book. Let this expert author show you how to build more secure software by building security in.
TABLE OF CONTENT:
Chapter 01 - Defining a Discipline
Chapter 02 - A Risk Management Framework
Chapter 03 - Introduction to Software Security Touchpoints
Chapter 04 - Code Review with a Tool
Chapter 05 - Architectural Risk Analysis
Chapter 06 - Software Penetration Testing
Chapter 07 - Risk-Based Security Testing
Chapter 08 - Abuse Cases
Chapter 09 - Software Security Meets Security Operations
Chapter 10 - An Enterprise Software Security Program
Chapter 11 - Knowledge for Software Security
Chapter 12 - A Taxonomy of Coding Errors
Chapter 13 - Annotated Bibliography and References
Appendix A - Fortify Source Code Analysis Suite Tutorial
Appendix B - ITS4 Rules
Appendix C - An Exercise in Risk Analysis: Smurfware
Appendix D - Glossary
Password: ganelon
Random Posts
- The Cathedral and the Bazaar: Musings on Linux and Open Source by an Accidental Revolutionary
- Software Project Management For Dummies
- SAS for Mixed Models 2nd Edition
- Ruby by Example Concepts and Code - No Starch Press
- Pro PayPal E-Commerce
- Sams Teach Yourself Programming with Java in 24 Hours 4th Edition
- Beginning SQL Server 2005 Administration (with source code)
- Tricks of the Microsoft Office 2007 - Paul McFedries
- Microsoft Access VBA Programming for the Absolute Beginner, Second Edition
- Dollars and Sense for Kids - Bodnar Janet
May 5th, 2007 18:50
Find not found. Please re-upload the file.