相關主題
商品描述
Internet attack on computer systems is pervasive. It can take from less than a minute to as much as eight hours for an unprotected machine connected to the Internet to be completely compromised. It is the information security architect's job to prevent attacks by securing computer systems. This book describes both the process and the practice of assessing a computer system's existing information security posture. Detailing the time-tested practices of experienced security architects, it explains how to deliver the right security at the right time in the implementation lifecycle.
Securing Systems: Applied Security Architecture and Threat Models covers all types of systems, from the simplest applications to complex, enterprise-grade, hybrid cloud architectures. It describes the many factors and prerequisite information that can influence an assessment. The book covers the following key aspects of security analysis:
- When should the security architect begin the analysis?
- At what points can a security architect add the most value?
- What are the activities the architect must execute?
- How are these activities delivered?
- What is the set of knowledge domains applied to the analysis?
- What are the outputs?
- What are the tips and tricks that make security architecture risk assessment easier?
To help you build skill in assessing architectures for security, the book presents six sample assessments. Each assessment examines a different type of system architecture and introduces at least one new pattern for security analysis. The goal is that after you've seen a sufficient diversity of architectures, you'll be able to understand varied architectures and can better see the attack surfaces and prescribe security solutions.
商品描述(中文翻譯)
對於電腦系統的網路攻擊無處不在。對於一台未受保護且連接到網路的機器,從不到一分鐘到多達八小時的時間內,可能會被完全攻陷。資訊安全架構師的工作是通過保護電腦系統來防止攻擊。本書描述了評估電腦系統現有資訊安全狀態的過程和實踐。詳細介紹了經驗豐富的安全架構師的經典實踐,解釋了如何在實施生命週期中適時提供正確的安全性。
《系統安全:應用安全架構與威脅模型》涵蓋了各種類型的系統,從最簡單的應用程式到複雜的企業級混合雲架構。它描述了許多因素和先決資訊,這些因素和資訊可能會影響評估。本書涵蓋了安全分析的以下關鍵方面:
- 安全架構師應該何時開始分析?
- 安全架構師在哪些時點可以增加最大的價值?
- 架構師必須執行哪些活動?
- 這些活動是如何交付的?
- 應用於分析的知識領域有哪些?
- 產出是什麼?
- 有哪些技巧和竅門可以使安全架構風險評估變得更容易?
為了幫助您建立評估架構安全性的技能,本書提供了六個範例評估。每個評估檢查不同類型的系統架構,並介紹至少一種新的安全分析模式。目標是讓您在看到足夠多樣的架構後,能夠理解各種架構,並能更好地識別攻擊面並開出安全解決方案。
作者簡介
Brook S.E. Schoenfield is Director of Product Security Architecture at Intel Security Group. He is the senior technical leader for software security across the division's broad product portfolio. He has held leadership security architecture positions at high-tech companies for many years. Brook has presented at conferences such as RSA, BSIMM, and SANS What Works Summits on subjects within security architecture, including architecture risk assessment and threat models, information security risk, SaaS/Cloud security, and Agile security. He has been published by CRC Press, SANS, Cisco, and the IEEE.
作者簡介(中文翻譯)
Brook S.E. Schoenfield 是英特爾安全集團的產品安全架構總監。他是該部門廣泛產品組合中軟體安全的高級技術領導者。他在高科技公司擔任安全架構領導職位已有多年。Brook 曾在 RSA、BSIMM 和 SANS What Works Summit 等會議上發表演講,主題涵蓋安全架構中的架構風險評估和威脅模型、資訊安全風險、SaaS/雲端安全以及敏捷安全。他的著作已由 CRC Press、SANS、Cisco 和 IEEE 出版。
