Processing ......
FreeComputerBooks.com
Links to Free Computer, Mathematics, Technical Books all over the World
 
The Security Development Lifecycle: A Process for Developing Demonstrably More Secure Software
News, News, News - the one place to read news all over the world. Mobile App too.
  • Title: The Security Development Lifecycle: A Process for Developing Demonstrably More Secure Software
  • Author(s) Michael Howard, Steve Lipner
  • Publisher: Microsoft Press; 1 edition (June 28, 2006)
  • Paperback: 352 Pages
  • eBook: PDF (348 pages, 20.52 MB)
  • Language: English
  • ISBN-10: 0735622140
  • ISBN-13: 978-0735622142
  • Share This:  

Book Description

Your customers demand and deserve better security and privacy in their software. This book is the first to detail a rigorous, proven methodology that measurably minimizes security bugs—the Security Development Lifecycle (SDL). In this long-awaited book, security experts Michael Howard and Steve Lipner from the Microsoft Security Engineering Team guide you through each stage of the SDL—from education and design to testing and post-release. You get their first-hand insights, best practices, a practical history of the SDL, and lessons to help you implement the SDL in any development organization.

Discover how to:

  • Use a streamlined risk-analysis process to find security design issues before code is committed
  • Apply secure-coding best practices and a proven testing process
  • Conduct a final security review before a product ships
  • Arm customers with prescriptive guidance to configure and deploy your product more securely
  • Establish a plan to respond to new security vulnerabilities
  • Integrate security discipline into agile methods and processes, such as Extreme Programming and Scrum
About the Authors
  • Michael Howard, CISSP, is a leading security expert. He is a senior security program manager at Microsoft® and has worked on Windows security since 1992 and now focuses on secure design, programming, and testing techniques.
  • Steve Lipner, CISSP, is the senior director of Security Engineering Strategy for Microsoft. He is responsible for defining and updating the Security Development Lifecycle and has pioneered numerous security techniques.
Reviews, Ratings, and Recommendations: Related Book Categories: Read and Download Links: Similar Books:
  • Security of Ubiquitous Computing Systems (Gildas Avoine, et al)

    It is to improve and adapt existent cryptanalysis methodologies and tools to the ubiquitous computing framework that lies along four axes: cryptographic models, cryptanalysis of building blocks, security engineering, and security assessment.

  • Security Concepts (Subspacefield)

    This is a book about computer, network, technical, physical, information and cryptographic security, illustrated with interesting and entertaining examples. It is not intended to be an introductory text, although a beginner could gain something from it.

  • Rational Cybersecurity for Business (Daniel Blum)

    This open access book presents six priority areas to focus on to maximize the effectiveness of your cybersecurity program: risk management, control baseline, security culture, IT rationalization, access control, and cyber-resilience.

  • Security Engineering: Building Dependable Distributed Systems

    It makes it clear just how difficult it is to protect information systems from corruption, eavesdropping, unauthorized use, and general malice, offers a lot of thoughts on how information can be made more secure by both technologies and strategies.

  • Web Application Security: Exploitation and Countermeasures

    This practical guide provides both offensive and defensive security concepts that software engineers can easily learn and apply. It introduces three pillars of web application security: recon, offense, and defense.

  • Demystifying Internet of Things Security (Sunil Cheruvu, et al)

    This open access book reviews the threat pyramid, secure boot, chain of trust, and the SW stack leading up to defense-in-depth. It provides clarity to industry professionals and provides and overview of different security solutions.

Book Categories
:
Other Categories
Resources and Links