Secure, Resilient, and Agile Software Development
暫譯: 安全、韌性與敏捷軟體開發

Merkow, Mark

Secure, Resilient, and Agile Software Development
  • 出版商: Auerbach Publication
  • 出版日期: 2019-12-09
  • 售價: $2,980
  • 貴賓價: 9.5$2,831
  • 語言: 英文
  • 頁數: 216
  • 裝訂: Hardcover - also called cloth, retail trade, or trade
  • ISBN: 0367332590
  • ISBN-13: 9780367332594
  • 相關分類: Agile Software

    • 立即出貨 (庫存 < 3)

相關主題

商品描述

A collection of best practices and effective implementation recommendations that are proven to work, Secure, Resilient, and Agile Software Development leaves the boring details of software security theory out of the discussion as much as possible to concentrate on practical applied software security for practical people. Written to aid your career as well as your organization, the book shows how to gain skills in secure and resilient software development and related tasks. The book explains how to integrate these development skills into your daily duties, thereby increasing your professional value to your company, your management, your community, and your industry. Secure, Resilient, and Agile Software Development was written for the following professionals:

 

  • AppSec architects and program managers in information security organizations
  • Enterprise architecture teams with application development focus
  • Scrum teams
  • DevOps teams
  • Product owners and their managers
  • Project managers
  • Application security auditors

With a detailed look at Agile and Scrum software development methodologies, this book explains how security controls need to change in light of an entirely new paradigm on how software is developed. It focuses on ways to educate everyone who has a hand in any software development project with appropriate and practical skills to Build Security In. After covering foundational and fundamental principles for secure application design, this book dives into concepts, techniques, and design goals to meet well-understood acceptance criteria on features an application must implement. It also explains how the design sprint is adapted for proper consideration of security as well as defensive programming techniques. The book concludes with a look at white box application analysis and sprint-based activities to improve the security and quality of software under development.

商品描述(中文翻譯)

一系列最佳實踐和有效的實施建議,經證實有效的《安全、韌性與敏捷軟體開發》盡可能地將軟體安全理論的無聊細節排除在討論之外,專注於實用的應用軟體安全,為實務工作者提供指導。本書旨在幫助您的職業生涯以及您的組織,展示如何在安全和韌性軟體開發及相關任務中獲得技能。本書解釋了如何將這些開發技能整合到您的日常工作中,從而提高您對公司、管理層、社區和行業的專業價值。《安全、韌性與敏捷軟體開發》是為以下專業人士撰寫的:

- 資訊安全組織中的應用安全架構師和計畫經理
- 專注於應用開發的企業架構團隊
- Scrum 團隊
- DevOps 團隊
- 產品負責人及其經理
- 專案經理
- 應用安全審計員

本書詳細探討了敏捷和 Scrum 軟體開發方法論,解釋了在全新軟體開發範式下,安全控制需要如何改變。它專注於教育所有參與任何軟體開發專案的人,提供適當且實用的技能以內建安全。在涵蓋安全應用設計的基礎和基本原則後,本書深入探討了概念、技術和設計目標,以滿足應用必須實現的明確接受標準。它還解釋了設計衝刺如何調整以適當考慮安全性以及防禦性程式設計技術。本書最後探討了白盒應用分析和基於衝刺的活動,以改善正在開發中的軟體的安全性和質量。

作者簡介

Mark S. Merkow, CISSP, CISM, CSSLP, works at WageWorks in Tempe, Arizona, leading application security architecture and engineering efforts in the office of the CISO. Mark has over 40 years of experience in IT in a variety of roles, including application development, systems analysis and design, security engineering, and security management. Mark holds a Master of Science in Decision and Information Systems from Arizona State University (ASU), a Master of Education in Distance Education from ASU, and a Bachelor of Science in Computer Information Systems from ASU. In addition to his day job, Mark engages in a number of extracurricular activities, including consulting, course development, online course instruction, and book writing. Mark has authored or co-authored 17 books on IT and has been a contributing editor to four others. Mark remains very active in the information security community, working in a variety of volunteer roles for the Phoenix Chapter of (ISC)2(R), ISACA(R), and OWASP. You can find Mark's LinkedIn(R) profile at: linkedin.com/in/markmerkow

作者簡介(中文翻譯)

Mark S. Merkow, CISSP, CISM, CSSLP,目前在亞利桑那州坦佩的WageWorks工作,負責CISO辦公室的應用安全架構和工程工作。Mark擁有超過40年的IT經驗,涵蓋多種角色,包括應用開發、系統分析與設計、安全工程和安全管理。Mark擁有亞利桑那州立大學(ASU)決策與資訊系統碩士學位、亞利桑那州立大學的遠程教育碩士學位,以及亞利桑那州立大學的計算機資訊系統學士學位。除了日常工作外,Mark還參與多項課外活動,包括顧問工作、課程開發、線上課程教學和書籍撰寫。Mark已撰寫或共同撰寫17本IT相關書籍,並擔任另外四本書的貢獻編輯。Mark在資訊安全社群中非常活躍,擔任(ISC)2(R)、ISACA(R)和OWASP的菲尼克斯分會的多個志願者角色。您可以在以下網址找到Mark的LinkedIn(R)個人資料:linkedin.com/in/markmerkow

類似商品