Security-Driven Software Development: Learn to analyze and mitigate risks in your software projects
$37.11
Price: $37.11
(as of Oct 18, 2024 17:02:56 UTC – Details)
Trace security requirements through each development phase, mitigating multiple-layer attacks with practical examples, and emerge equipped with the skills to build resilient applications
Key FeaturesExplore the practical application of secure software development methodologiesModel security vulnerabilities throughout the software development lifecycle (SDLC)Develop the skills to trace requirements, from requirements gathering through to implementationPurchase of the print or Kindle book includes a free PDF eBookBook Description
Extend your software development skills to integrate security into every aspect of your projects. Perfect for any programmer or developer working on mission-critical applications, this hands-on guide helps you adopt secure software development practices. Explore core concepts like security specifi cation, modeling, and threat mitigation with the iterative approach of this book that allows you to trace security requirements through each phase of software development. You won’t stop at the basics; you’ll delve into multiple-layer att acks and develop the mindset to prevent them. Through an example application project involving an entertainment ticketing software system, you’ll look at high-profi le security incidents that have aff ected popular music stars and performers. Drawing from the author’s decades of experience building secure applications in this domain, this book off ers comprehensive techniques where problem-solving meets practicality for secure development.
By the end of this book, you’ll have gained the expertise to systematically secure software projects, from crafting robust security specifi cations to adeptly mitigating multifaceted threats, ensuring your applications stand resilient in the face of evolving cybersecurity challenges.
What you will learnFind out non-functional requirements crucial for software security, performance, and reliabilityDevelop the skills to identify and model vulnerabilities in software design and analysisAnalyze and model various threat vectors that pose risks to software applicationsAcquire strategies to mitigate security threats specific to web applicationsAddress threats to the database layer of an applicationTrace non-functional requirements through secure software designWho this book is for
Many software development jobs require developing, maintaining, enhancing, administering, and defending software applications, websites, and scripts. This book is designed for software developers and web developers seeking to excel in these roles, offering concise explanations and applied example use-cases.
Table of ContentsSecurity PrinciplesDesigning a Secure Functional ModelDesigning a Secure Object ModelDesigning a Secure Dynamic ModelDesigning a Secure System ModelThreat ModelingAuthentication and AuthorizationInput Validation and SanitizationStandard Web Application VulnerabilitiesDatabase SecurityUnit TestingRegression TestingIntegration, System, and Acceptance TestingSoftware Penetration Testing
Publisher : Packt Publishing – ebooks Account (March 15, 2024)
Language : English
Paperback : 262 pages
ISBN-10 : 1835462839
ISBN-13 : 978-1835462836
Item Weight : 1.76 ounces
Dimensions : 0.49 x 7.5 x 9.25 inches
6 reviews for Security-Driven Software Development: Learn to analyze and mitigate risks in your software projects
Add a review
You must be logged in to post a review.
Related Products
![TurboTax Deluxe 2023 Tax Software, Federal & State Tax Return [Amazon Exclusive] [PC/Mac Download]](https://i0.wp.com/m.media-amazon.com/images/I/719rCYQpjdL._AC_SL1500_.jpg?w=300&resize=300,300&ssl=1)
$37.11
Paul Marinos –
This is an Excellent Compilation of Knowledge
This book is excellent reading and an extremely helpful reference guide for any beginner or advanced computer science (or computer science-like) student, software (or security, or technology-related) professional, or serious project hobbyists / enthusiasts. The formatting style is very organized and modern, making it very readable and quick to navigate to any of its essential sub topics, which range from Design Principles, to Web Application Vulnerabilities, to Database Security, to Threat Modeling, and much more, which ultimately leads to a very comprehensive security overview, and also includes detailed, practical, leading industry standards, from design paradigms to the specific software tools that are most popularly used in today’s day and age. The author of this book, Aspen Olmsted, is both a seasoned veteran of the software development industry, and also a professor, educator, and mentor at top universities. The knowledge and wisdom regarding proper, security conscious software development that he gained through many years of both diverse hands-on industry and education experience, is organized and shared here as a guide that I’ll likely reference many times over while working through my projects and gradually improving in the art of professional software development. It will likely save me and my future coworkers many headaches, lead to much cleaner, more professionally designed projects, and help us save time while mitigating potential design-flaw mistakes. This one book alone organizes knowledge from several semesters worth of graduate level security-driven classes into one convenient reference source, which makes its value immense. In this way it pays for itself many times over. If you’re involved in this industry, pick up this guide written, reviewed, and compiled by folks who clearly know what they’re doing.
Alzi –
Must Have for Software Developers
I am so glad that I acquired this book. I have a BS in CS and an MS in Cybersecurity, and I am currently building a website for commercial use. This book is invaluable in guiding and “reminding” me what to watch out for as I build my site. You can build the best program but if it doesn’t adhere to basic security practices, then it’s going to be a flop. I love this book, it will be my go-to book on developing secure software. I always wanted a book like this, it’s easy to read and thorough.
ClickHead –
Invaluable resource for understanding the process around fortifying software projects
This is a gem in the realm of software development literature. Approachable for the beginner and an invaluable resource for the seasoned developer. What sets this book apart is its meticulous attention to detail and focus on practical applications.The case studies, especially the one involving an entertainment ticketing software system, offer real-world context that makes grasping complex security concepts a breeze. Moreover, Olmsted’s ability to draw from his extensive experience in building secure applications in the performing arts domain adds a layer of authenticity to the book.I really liked that I could trace security requirements from inception to implementation, allowing me to relate them to my own work. For the more seasoned developer, the chapters are great reference points for reminding you of a concept to look up further. It is as if you have a quick guide handy!
Mohammed Salah Djaballah –
Essential Resource for Secure Software Development
“Security-Driven Software Development” is a vital resource for developers. It offers practical examples, clear insights, and actionable steps to seamlessly integrate security throughout the development lifecycle. From foundational principles to advanced threat modeling, this book covers it all. With its accessible approach and emphasis on practical methodologies, it’s a must-have for developers at all levels. Highly recommended for building resilient and secure applications.
Alliance Software –
Secure Methodology
We have utilized this methodology for years to build many secure applications. It is great to read it in print!
Jorge Deflon –
An excellent guide to creating secure applications.
Security-oriented software development is crucial in our current society. We depend on software for many activities, so it is essential that it is secure and protects the integrity, confidentiality and privacy of information. This book addresses key aspects of security throughout the software development lifecycle, from requirements to deployment.