Secure, Resilient, and Agile Software Development

Secure, Resilient, and Agile Software Development

Show other versions (2)

A collection of best practices and effective implementation recommendations that are proven to work, Secure, Resilient, and Agile Software Development leaves the boring details of software security theory out of the discussion as much as possible to concentrate on practical applied software security...

Full description

Bibliographic Details
Main Author: Merkow, Mark S
Format: Electronic Book
Language:English
Published: Milton : Auerbach Publishers, Incorporated, 2019
Subjects:
Agile software development
Computer software > Development
Méthodes agiles (Développement de logiciels)
LEADER 06799nam a2200625Mu 4500
001 b105b859-5f10-46b4-a6c7-dc0f7c58ff8e
005 20230616000000.0
008 191207s2019 xx o 000 0 eng d
019 |a 1152256163  |a 1274938819  |a 1289837013 
020 |a 1000041735 
020 |a 1000041751 
020 |a 1003025390 
020 |a 9781000041736 
020 |a 9781000041750 
020 |a 9781003025399 
020 |z 9780367332594 (hbk.)  |q (e-book) 
020 |z 9781000041743 (Mobipocket ebook) 
024 7 |a 10.1201/9781003025399  |2 doi 
035 |a (OCoLC)1303511131  |z (OCoLC)1152256163  |z (OCoLC)1274938819   |z (OCoLC)1289837013 
037 |a 9781000041750  |b Ingram Content Group 
037 |a 9781000041750  |b O'Reilly Media 
040 |a VHC  |b eng  |c VHC  |d OCLCO  |d NLW  |d UKAHL  |d OCLCF  |d ORMDA  |d OCLCQ 
049 |a MAIN 
050 4 |a QA76.76.D47  |b .M475 2020 
072 7 |a COM  |x 051230  |2 bisacsh 
072 7 |a COM  |x 051240  |2 bisacsh 
072 7 |a COM  |x 053000  |2 bisacsh 
072 7 |a UR  |2 bicssc 
082 0 4 |a 005.1  |2 23 
100 1 |a Merkow, Mark S 
245 1 0 |a Secure, Resilient, and Agile Software Development  |h [electronic resource] 
260 |a Milton :  |b Auerbach Publishers, Incorporated,  |c 2019 
300 |a 1 online resource (239 pages) 
336 |a text  |b txt  |2 rdacontent 
337 |a computer  |b c  |2 rdamedia 
338 |a online resource  |b cr  |2 rdacarrier 
500 |a 6.6.5 Discoverability 
500 |a Description based upon print version of record 
504 |a Includes bibliographical references and index 
505 0 |a Cover; Half Title; Title Page; Copyright Page; Trademarks Used in This Publication; Contents; Dedication; Preface; About the Author; Chapter 1: Today's Software Development Practices Shatter Old Security Practices; 1.1 Over the Waterfall; 1.2 What Is Agile?; 1.3 Shift Left!; 1.4 Principles First!; 1.5 Summary; References; Chapter 2: Deconstructing Agile and Scrum; 2.1 The Goals of Agile and Scrum; 2.2 Agile/Scrum Terminology; 2.3 Agile/Scrum Roles; 2.4 Unwinding Sprint Loops; 2.5 Development and Operations Teams Get Married; 2.6 Summary; References; Chapter 3: Learning Is FUNdamental! 
505 8 |a 3.1 Education Provides Context and Context Is Key3.2 Principles for Software Security Education; 3.3 Getting People's Attention; 3.4 Awareness versus Education; 3.5 Moving into the Education Phase; 3.6 Strategies for Rolling Out Training; 3.7 Encouraging Training Engagement and Completion; 3.8 Measuring Success; 3.9 Keeping the Drumbeat Alive; 3.10 Create and Mature a Security Champion Network; 3.11 A Checklist for Establishing a Software Security Education, Training, and Awareness Program; 3.12 Summary; References; Chapter 4: Product Backlog Development-Building Security In 
505 8 |a 4.1 Chapter Overview4.2 Functional versus Nonfunctional Requirements; 4.3 Testing NFRs; 4.4 Families of Nonfunctional Requirements; 4.4.1 Availability; 4.5 Capacity; 4.6 Efficiency; 4.7 Interoperability; 4.8 Manageability; 4.8.1 Cohesion; 4.8.2 Coupling; 4.9 Maintainability; 4.10 Performance; 4.11 Portability; 4.12 Privacy; 4.13 Recoverability; 4.14 Reliability; 4.15 Scalability; 4.16 Security; 4.17 Serviceability/Supportability; 4.18 Characteristics of Good Requirements; 4.19 Eliciting Nonfunctional Requirements; 4.20 NFRs as Acceptance Criteria and Definition of Done; 4.21 Summary 
505 8 |a 5.5.9 Practice 9: Don't Trust Services5.5.10 Practice 10: Establish Secure Defaults; 5.6 Mapping Best Practices to Nonfunctional Requirements (NFRs) as Acceptance Criteria; 5.7 Summary; References; Chapter 6: Security in the Design Sprint; 6.1 Chapter Overview; 6.2 Design Phase Recommendations; 6.3 Modeling Misuse Cases; 6.4 Conduct Security Design and Architecture Reviews in Design Sprint; 6.5 Perform Threat and Application Risk Modeling; 6.5.1 Brainstorming Threats; 6.6 Risk Analysis and Assessment; 6.6.1 Damage Potential; 6.6.2 Reproducibility; 6.6.3 Exploitability; 6.6.4 Affected Users 
506 1 |a Legal Deposit;  |c Only available on premises controlled by the deposit library and to one user at any one time;  |e The Legal Deposit Libraries (Non-Print Works) Regulations (UK)  |5 WlAbNL 
520 |a A collection of best practices and effective implementation recommendations that are proven to work, Secure, Resilient, and Agile Software Development leaves the boring details of software security theory out of the discussion as much as possible to concentrate on practical applied software security for practical people. Written to aid your career as well as your organization, the book shows how to gain skills in secure and resilient software development and related tasks. The book explains how to integrate these development skills into your daily duties, thereby increasing your professional value to your company, your management, your community, and your industry. Secure, Resilient, and Agile Software Development was written for the following professionals: AppSec architects and program managers in information security organizations Enterprise architecture teams with application development focus Scrum teams DevOps teams Product owners and their managers Project managers Application security auditors With a detailed look at Agile and Scrum software development methodologies, this book explains how security controls need to change in light of an entirely new paradigm on how software is developed. It focuses on ways to educate everyone who has a hand in any software development project with appropriate and practical skills to Build Security In. After covering foundational and fundamental principles for secure application design, this book dives into concepts, techniques, and design goals to meet well-understood acceptance criteria on features an application must implement. It also explains how the design sprint is adapted for proper consideration of security as well as defensive programming techniques. The book concludes with a look at white box application analysis and sprint-based activities to improve the security and quality of software under development 
588 |a Description based on print version record 
596 |a 22 
650 0 |a Agile software development 
650 0 |a Computer software  |x Development 
650 6 |a Méthodes agiles (Développement de logiciels) 
650 7 |a Agile software development  |2 fast 
650 7 |a Computer software  |x Development  |2 fast 
776 0 8 |i Print version:  |z 0367332590 
999 1 0 |i b105b859-5f10-46b4-a6c7-dc0f7c58ff8e  |l a14459860  |s US-CST  |m secure_resilient_and_agile_software_development_______________________elect2019_______auerba________________________________________merkow__mark_s_____________________e 
999 1 1 |l a14459860  |s ISIL:US-CST  |t BKS  |a SUL INTERNET  |b 14459860-1001  |c INTERNET RESOURCE  |d ASIS  |x SUL  |y 14459860-1001  |p UNLOANABLE 

Similar Items