Agile Security
Addison Wesley (Verlag)
978-0-13-444820-6 (ISBN)
Neher starts with a key truth: the challenge of modern software security now belongs to the entire team, not just security engineers or information assurance professionals. Drawing on immense personal experience, Neher shows how to imbue agile teams with a security mindset, change what they need to change, and embed fully agile approaches to security throughout all they do.
Throughout, she introduces proven practices, measures, and tools -- including powerful “Abuser Stories” which adapt the familiar “user stories” approach to help teams understand exactly who and what they’re up against.
Part I: Getting Started
1. Why Read This Book?
2. A Brief History of Security Practices
3. An Agile Overview
4. Security Requirements
5. The Definition of Done and Its Role in Security-Driven Agile Development
6. An Introduction to Abuser Stories. Thinking Like the Bad Guy
7. Writing Abuser Stories
8. Abuser Roles
9. Gathering Abuser Stories
10. Roles and Responsibilities. Who Writes What?
11. Refutation Criteria and Acceptable Risk
12. Writing Good Abuser Stories
Part II: Estimating and Planning
13. Ranking Abuser Stories on the Product Backlog
14. Estimating Abuser Stories
15. Planning an Iteration with a Security-Driven Mindset
16. Planning a Release with a Security-Driven Mindset
Part III: Frequently Asked Questions
Part IV: An Example
Part V: Appendices
| Erscheinungsdatum | 02.05.2018 |
|---|---|
| Verlagsort | Boston |
| Sprache | englisch |
| Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
| Informatik ► Software Entwicklung ► Agile Software Entwicklung | |
| ISBN-10 | 0-13-444820-0 / 0134448200 |
| ISBN-13 | 978-0-13-444820-6 / 9780134448206 |
| Zustand | Neuware |
| Haben Sie eine Frage zum Produkt? |
aus dem Bereich
