Publisher: Addison-Wesley Professional; 1 book (May 11, 2008)
Julia H. Allen
Sean Barnum
Robert J. Ellison
Gary McGraw
Nancy R. Mead
Software which is grown from a commencement with confidence in thoughts will resist, tolerate, as good as redeem from attacks some-more effectively than would differently be possible. While there might be no china bullet for security, there have been practices which plan managers will find beneficial. With this government guide, we can name from a series of receptive to advice practices expected to enlarge a confidence as good as dependability of your software, both during a growth as good as subsequently in a operation.
“This book’s extended general outlook can assistance an classification name a set of processes, policies, as good as techniques which have been suitable for a confidence maturity, risk tolerance, as good as growth style. This book will assistance we assimilate how to soak up unsentimental confidence techniques in to all phases of a growth lifecycle.”
–Steve Riley, comparison confidence strategist, Microsoft Corporation
“There have been books created upon a little of a topics addressed in this book, as good as there have been alternative books upon secure systems engineering. Few residence a complete hold up cycle with a extensive general outlook as good as contention of rising trends as good as topics as good as this one.”
–Ronda Henning, comparison scientist-software/security queen, Harris Corporation
Software which is grown from a commencement with confidence in thoughts will resist, tolerate, as good as redeem from attacks some-more effectively than would differently be possible. While there might be no china bullet for security, there have been practices which plan managers will find beneficial. With this government guide, we can name from a series of receptive to advice practices expected to enlarge a confidence as good as dependability of your software, both during a growth as good as subsequently in a operation.
Software Security Engineering draws during length upon a one after another proceed grown for a Build Security In (BSI) Web site. Sponsored by a Department of Homeland Security Software Assurance Program, a BSI site offers a horde of tools, guidelines, rules, principles, as good as alternative resources to assistance plan managers residence confidence issues in each proviso of a program growth hold up cycle (SDLC). The book’s consultant authors, themselves visit contributors to a BSI site, paint dual obvious resources in a confidence world: a CERT Program during a Software Engineering Institute (SEI) as good as Cigital, Inc., a consulting organisation specializing in program security.
This book will assistance we assimilate why
Software confidence is about some-more than only expelling vulnerabilities as good as conducting invasion tests
Network confidence mechanisms as good as IT infrastructure confidence services do not amply strengthen focus program from confidence risks
Software confidence initiatives should follow a risk-management proceed to brand priorities as good as to conclude what is “good enough”–understanding which program confidence risks will shift via a SDLC
Project managers as good as program engineers need to sense to consider similar to an assailant in sequence to residence a operation of functions which program should not do, as good as how program can improved resist, tolerate, as good as redeem when underneath attack
No comments:
Post a Comment