Software Supply Chain Security: Securing the End-To-End Supply Chain for Software, Firmware, and Hardware (Paperback)
暫譯: 軟體供應鏈安全:保護軟體、韌體與硬體的端到端供應鏈
Crossley, Cassie
買這商品的人也買了...
-
基於 CUDA 的 GPU 並行程序開發指南 (GPU Parallel Program Development Using CUDA)$1,074$1,020 -
中台架構與實現:基於 DDD 和微服務$534$507 -
OpenMP 核心技術指南$474$450 -
$454高效能團隊模式:支持軟件快速交付的組織架構 (Team Topologies: Organizing Business and Technology Teams for Fast Flow) -
測試架構師修煉之道:從測試工程師到測試架構師, 2/e$654$621 -
多處理器編程的藝術, 2/e (The Art of Multiprocessor Programming, 2/e)$894$849 -
並行計算與高性能計算$834$792 -
高並發系統實戰派:集群、Redis 緩存、海量存儲、Elasticsearch、RocketMQ、微服務、持續集成等$654$621 -
系統分析與設計, 9/e$1,014$963 -
Building an Event-Driven Data Mesh: Patterns for Designing & Building Event-Driven Architectures (Paperback)$2,185$2,070 -
計算機底層的秘密$708$673 -
C++20 代碼整潔之道:可持續軟件開發模式實踐 (原書第2版) (Clean C++20: Sustainable Software Development Patterns and Best Practices, 2/e)$774$735 -
$509數以達理:量化研發管理指南 -
現代 C++ 軟件架構:方法與實踐$834$792 -
Automating Data Quality Monitoring: Scaling Beyond Rules with Machine Learning (Paperback)$2,261$2,142 -
$2,446Deciphering Data Architectures: Choosing Between a Modern Data Warehouse, Data Fabric, Data Lakehouse, and Data Mesh (Paperback) -
The Engineering Executive's Primer: Impactful Technical Leadership (Paperback)$1,425$1,350 -
$301基於近鄰思想和同步模型的聚類算法 -
Defensive Security Handbook: Best Practices for Securing Infrastructure (Paperback)$2,242$2,124 -
$621C++ 之美:代碼簡潔、安全又跑得快的 30個要訣 (Beautiful C++: 30 Core Guidelines for Writing Clean, Safe, and Fast Code)
商品描述
Trillions of lines of code help us in our lives, companies, and organizations. But just a single software cybersecurity vulnerability can stop entire companies from doing business and cause billions of dollars in revenue loss and business recovery. Securing the creation and deployment of software, also known as software supply chain security, goes well beyond the software development process.
This practical book gives you a comprehensive look at security risks and identifies the practical controls you need to incorporate into your end-to-end software supply chain. Author Cassie Crossley demonstrates how and why everyone involved in the supply chain needs to participate if your organization is to improve the security posture of its software, firmware, and hardware.
With this book, you'll learn how to:
- Pinpoint the cybersecurity risks in each part of your organization's software supply chain
- Find the cybersecurity frameworks and resources that can improve security
- Identify the roles that participate in the supply chain--including IT, development, operations, manufacturing, and procurement
- Design initiatives and controls for each part of the supply chain using existing frameworks and references
- Evaluate third-party risk in your supply chain
商品描述(中文翻譯)
數兆行的程式碼在我們的生活、公司和組織中發揮著重要作用。然而,僅僅一個軟體的網路安全漏洞就可能使整個公司無法運營,並造成數十億美元的收入損失和業務恢復困難。確保軟體的創建和部署安全,也就是所謂的軟體供應鏈安全,遠遠超出了軟體開發過程。
這本實用的書籍為您提供了對安全風險的全面了解,並確定了您需要納入端到端軟體供應鏈的實用控制措施。作者 Cassie Crossley 展示了如果您的組織希望改善其軟體、韌體和硬體的安全狀態,供應鏈中每個參與者都需要參與的原因和方式。
通過這本書,您將學會如何:
- 確定您組織的軟體供應鏈中每個部分的網路安全風險
- 找到可以改善安全性的網路安全框架和資源
- 確定參與供應鏈的角色,包括 IT、開發、運營、製造和採購
- 使用現有框架和參考資料為供應鏈的每個部分設計倡議和控制措施
- 評估您供應鏈中的第三方風險
