Fixing an insecure software life cycle : practical techniques for building security into existing software development programs /

In the race to remain competitive, development teams in many companies are under tremendous pressure to create software on tight deadlines. And in most cases, that means dealing with security bugs only after software is released. But offensive testing and incident response are poor substitutes for g...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Wright, April C. (Autor)
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Sebastopol, CA : O'Reilly Media, [2018]
Edición:First edition.
Temas:
Computer software > Development.
Computer networks > Security measures.
Réseaux d'ordinateurs > Sécurité > Mesures.
Computer networks > Security measures
Computer software > Development
Acceso en línea:Texto completo (Requiere registro previo con correo institucional)
Descripción
Sumario:In the race to remain competitive, development teams in many companies are under tremendous pressure to create software on tight deadlines. And in most cases, that means dealing with security bugs only after software is released. But offensive testing and incident response are poor substitutes for good code, strong architecture, and threat-based design. In this ebook, April C. Wright--security risk and compliance program advisor for a Fortune 15 company--teaches InfoSec professionals how to promote security as an integral part of an organization's software development life cycle (SDLC). You'll learn how to analyze existing development processes, gain insight into how developers and other stakeholders view software development, receive practical advice for including secure practices throughout the lifecycle, and learn how to track performance and success of your program. Get guidelines for evaluating your SDLC and rebuilding your development program Understand how developers, project managers, business execs, customers, and other key stakeholders each approach software development Gain active stakeholder participation and management support for SDLC security improvements Work directly with stakeholders to explain secure development, and push for change through policy and compliance Increase software security awareness by integrating development teams with security teams Get started through sample checklists and planning documents.
Descripción Física:1 online resource (1 volume) : illustrations
Bibliografía:Includes bibliographical references.

Ejemplares similares