Building in Security at Agile Speed - James Ransome, Brook Schoenfield

Building in Security at Agile Speed

Buch | Softcover
326 Seiten
2023
Auerbach (Verlag)
978-1-032-01005-2 (ISBN)
56,10 inkl. MwSt
The authors bring a “voice from the trenches” describing best practices for effective security development. This book is a must-read for product security practitioners, managers, and advocates for a safer cyber world. Its successful secure, resilient, and agile software development practices exceed the demands of today’s digital world.
Today's high-speed and rapidly changing development environments demand equally high-speed security practices. Still, achieving security remains a human endeavor, a core part of designing, generating and verifying software. Dr. James Ransome and Brook S.E. Schoenfield have built upon their previous works to explain that security starts with people; ultimately, humans generate software security. People collectively act through a particular and distinct set of methodologies, processes, and technologies that the authors have brought together into a newly designed, holistic, generic software development lifecycle facilitating software security at Agile, DevOps speed.

—Eric. S. Yuan, Founder and CEO, Zoom Video Communications, Inc.

It is essential that we embrace a mantra that ensures security is baked in throughout any development process. Ransome and Schoenfield leverage their abundance of experience and knowledge to clearly define why and how we need to build this new model around an understanding that the human element is the ultimate key to success.

—Jennifer Sunshine Steffens, CEO of IOActive

Both practical and strategic, Building in Security at Agile Speed is an invaluable resource for change leaders committed to building secure software solutions in a world characterized by increasing threats and uncertainty. Ransome and Schoenfield brilliantly demonstrate why creating robust software is a result of not only technical, but deeply human elements of agile ways of working.

—Jorgen Hesselberg, author of Unlocking Agility and Cofounder of Comparative Agility

The proliferation of open source components and distributed software services makes the principles detailed in Building in Security at Agile Speed more relevant than ever. Incorporating the principles and detailed guidance in this book into your SDLC is a must for all software developers and IT organizations. —George K Tsantes, CEO of Cyberphos, former partner at Accenture and Principal at EY

Detailing the people, processes, and technical aspects of software security, Building in Security at Agile Speed emphasizes that the people element remains critical because software is developed, managed, and exploited by humans. This book presents a step-by-step process for software security that uses today’s technology, operational, business, and development methods with a focus on best practice, proven activities, processes, tools, and metrics for any size or type of organization and development practice.

Dr. James Ransome is the Chief Scientist for CyberPhos, an early-stage cybersecurity startup, and continues to do ad hoc consulting. He also serves on the Board of Directors for the Bay Area CSO Council. Most recently, Dr. Ransome was the Senior Director, Security Development Lifecycle (SDL) Engineering, in the Intel Product Security and Assurance, Governance and Operations (IPAS GO) Group, where he led and developed a team of SDL engineers, architects, and product security experts that implemented and drove security practices across all of Intel. Prior to that, he was the Senior Director of Product Security and PSIRT at Intel Security and McAfee, LLC. Over a six-year period, he built, managed, and enhanced a developer-centric, self-sustaining, and scalable software security program, with an extended team of 120 software security architects embedded in each product team. All of this was a result of implementing and enhancing the model described in his most recent book, Core Software Security: Security at the Source, which has become a standard reference for many corporate security leaders who are responsible for developing their own SDLs. Brook S. E. Schoenfield is the author of Secrets of a Cyber Security Architect, Securing Systems: Applied Security Architecture and Threat Models, and Chapter 9: Applying the SDL Framework to the Real World in Core Software Security: Security at the Source. He has been published by CRC Press, Auerbach, SANS Institute, Cisco, SAFECode, and the IEEE. Occasionally, he even posts to his security architecture blog, brookschoenfield.com.

Dedications. Contents. Foreword by Dr. David Brumley. Preface. Acknowledgments. About the Authors. 1. Setting the Stage. 2. Software Development Security Management in an Agile World. 3. A Generic Security Development Lifecycle (SDL). 4. Secure Design through Threat Modeling. 5. Enhancing Software Development Security Management in an Agile World. 6. Culture Hacking. Appendix A: The Generic Security Development Lifecycle. Index.

Erscheinungsdatum
Verlagsort London
Sprache englisch
Maße 178 x 254 mm
Gewicht 453 g
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Mathematik / Informatik Informatik Theorie / Studium
Recht / Steuern Privatrecht / Bürgerliches Recht IT-Recht
ISBN-10 1-032-01005-3 / 1032010053
ISBN-13 978-1-032-01005-2 / 9781032010052
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich
Das Lehrbuch für Konzepte, Prinzipien, Mechanismen, Architekturen und …

von Norbert Pohlmann

Buch | Softcover (2022)
Springer Vieweg (Verlag)
34,99
Management der Informationssicherheit und Vorbereitung auf die …

von Michael Brenner; Nils gentschen Felde; Wolfgang Hommel

Buch (2024)
Carl Hanser (Verlag)
69,99