Cyber Security Engineering: A Practical Approach for Systems and Software Assurance (SEI Series in Software Engineering)
暫譯: 網路安全工程:系統與軟體保證的實務方法(軟體工程SEI系列)
Nancy R. Mead, Carol Woody
- 出版商: Addison Wesley
- 出版日期: 2016-11-10
- 售價: $1,710
- 貴賓價: 9.5 折 $1,625
- 語言: 英文
- 頁數: 384
- 裝訂: Paperback
- ISBN: 0134189809
- ISBN-13: 9780134189802
-
相關分類:
資訊安全、軟體工程
已絕版
買這商品的人也買了...
-
$2,280Working Effectively with Legacy Code (Paperback) -
Spring in Action, 4/e (Paperback)$1,900$1,805 -
Arduino 官方正版 Genuino 101$1,700$1,700 -
Raspberry Pi 3 Model B+ (UK製)$4,620$4,389 -
JVM Performance Engineering: Inside OpenJDK and the HotSpot Java Virtual Machine (Paperback)$1,980$1,881 -
$1,330Behavior-Driven Development with Cucumber: Better Collaboration for Better Software -
晉昇軟體最高殿堂:Jenkins2 持續整合大師之路$600$474 -
Deep Learning with JavaScript: Neural Networks in Tensorflow.Js$1,650$1,568 -
JavaScript 技術手冊$560$442 -
管理技術債 (Managing Technical Debt)$520$411 -
Building a Future-Proof Cloud Infrastructure: A Unified Architecture for Network, Security and Storage Services (Paperback)$1,998$1,898 -
Microservices Security in Action$1,980$1,881 -
Java SE 14 技術手冊$680$537 -
Parallel and High Performance Computing (Paperback)$2,450$2,328 -
$1,840Multithreaded JavaScript: Concurrency Beyond the Event Loop -
$2,475Software Architecture: The Hard Parts: Modern Trade-Off Analyses for Distributed Architectures (Paperback) -
Structure and Interpretation of Computer Programs: JavaScript Edition (Paperback)$2,680$2,626 -
$1,824Mastering API Architecture: Design, Operate, and Evolve Api-Based Systems (Paperback) -
OAuth 2.0 從入門到實戰:利用驗證和授權守護 API 的安全$600$510 -
$2,233Functional and Concurrent Programming: Core Concepts and Features -
$1,805Functional Design: Principles, Patterns, and Practices (Paperback) -
OpenTelemetry 入門指南:建立全面可觀測性架構(iThome鐵人賽系列書)【軟精裝】$750$585 -
$2,043Learning Systems Thinking: Essential Nonlinear Skills and Practices for Software Professionals (Paperback) -
Collaborative Software Design: How to Facilitate Domain Modeling Decisions$1,980$1,881 -
$2,119Mastering Opentelemetry and Observability: Enhancing Application and Infrastructure Performance and Avoiding Outages
商品描述
Cyber Security Engineering is the definitive modern reference and tutorial on the full range of capabilities associated with modern cyber security engineering. Pioneering software assurance experts Dr. Nancy R. Mead and Dr. Carol C. Woody bring together comprehensive best practices for building software systems that exhibit superior operational security, and for considering security throughout your full system development and acquisition lifecycles.
Drawing on their pioneering work at the Software Engineering Institute (SEI) and Carnegie Mellon University, Mead and Woody introduce seven core principles of software assurance, and show how to apply them coherently and systematically. Using these principles, they help you prioritize the wide range of possible security actions available to you, and justify the required investments.
Cyber Security Engineering guides you through risk analysis, planning to manage secure software development, building organizational models, identifying required and missing competencies, and defining and structuring metrics. Mead and Woody address important topics, including the use of standards, engineering security requirements for acquiring COTS software, applying DevOps, analyzing malware to anticipate future vulnerabilities, and planning ongoing improvements.
This book will be valuable to wide audiences of practitioners and managers with responsibility for systems, software, or quality engineering, reliability, security, acquisition, or operations. Whatever your role, it can help you reduce operational problems, eliminate excessive patching, and deliver software that is more resilient and secure.
商品描述(中文翻譯)
網路安全工程是現代網路安全工程全方位能力的權威參考與教程。開創性的軟體保證專家Dr. Nancy R. Mead和Dr. Carol C. Woody匯集了建立具有卓越操作安全性的軟體系統的全面最佳實踐,並在整個系統開發和採購生命週期中考慮安全性。
基於他們在軟體工程研究所(SEI)和卡內基梅隆大學的開創性工作,Mead和Woody介紹了七個核心的軟體保證原則,並展示如何一致且系統性地應用這些原則。利用這些原則,他們幫助您優先考慮可用的各種安全行動,並為所需的投資提供合理的依據。
網路安全工程指導您進行風險分析、規劃以管理安全的軟體開發、建立組織模型、識別所需和缺失的能力,以及定義和結構化指標。Mead和Woody討論了重要主題,包括標準的使用、為獲取商用現成軟體(COTS)工程安全需求、應用DevOps、分析惡意軟體以預測未來的漏洞,以及規劃持續改進。
本書對於負責系統、軟體或質量工程、可靠性、安全性、採購或運營的廣泛從業者和管理者將具有重要價值。無論您的角色是什麼,它都能幫助您減少操作問題、消除過度修補,並交付更具韌性和安全性的軟體。
