The Security Development Lifecycle: Sdl - A Process For Developing Demonstrably More Secure Software
معرفی کتاب «The Security Development Lifecycle: Sdl - A Process For Developing Demonstrably More Secure Software» نوشتهٔ Howard, Michael; Lipner, Steve، منتشرشده توسط نشر O'Reilly Media در سال 2009. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است. «The Security Development Lifecycle: Sdl - A Process For Developing Demonstrably More Secure Software» در دستهٔ بدون دستهبندی قرار دارد.
Your customers demand and deserve better security and privacy in their software. This book is the first to detail a rigorous, proven methodology that measurably minimizes security bugsthe Security Development Lifecycle (SDL). In this long-awaited book, security experts Michael Howard and Steve Lipner from the Microsoft Security Engineering Team guide you through each stage of the SDLfrom education and design to testing and post-release. You get their first-hand insights, best practices, a practical history of the SDL, and lessons to help you implement the SDL in any development organization.;The Security Development Lifecycle: SDL: A Process for Developing Demonstrably More Secure Software; Introduction; Organization of This Book; Part II, "The Security Development Lifecycle Process"; Part III, "SDL Reference Material"; The Future Evolution of the SDL; What's on the Companion Disc?; System Requirements; Acknowledgments; References; I. The Need for the SDL; Another Factor That Influences Security: Reliability; It's Really About Quality; Why Major Software Vendors Should Create More Secure Software; Why In-House Software Developers Should Create More Secure Software. Your customers demand and deserve better security and privacy in their software. This book is the first to detail a rigorous, proven methodology that measurably minimizes security bugs—the Security Development Lifecycle (SDL). In this long-awaited book, security experts Michael Howard and Steve Lipner from the Microsoft Security Engineering Team guide you through each stage of the SDL—from education and design to testing and post-release. You get their first-hand insights, best practices, a practical history of the SDL, and lessons to help you implement the SDL in any development organization. Discover how to: Use a streamlined risk-analysis process to find security design issues before code is committed Apply secure-coding best practices and a proven testing process Conduct a final security review before a product ships Arm customers with prescriptive guidance to configure and deploy your product more securely Establish a plan to respond to new security vulnerabilities Integrate security discipline into agile methods and processes, such as Extreme Programming and Scrum Includes a CD featuring: A six-part security class video conducted by the authors and other Microsoft security experts Sample SDL documents and fuzz testing tool PLUS—Get book updates on the Web. A Note Regarding the CD or DVD The print version of this book ships with a CD or DVD. For those customers purchasing one of the digital formats in which this book is available, we are pleased to offer the CD/DVD content as a free download via O'Reilly Media's Digital Distribution services. To download this content, please visit O'Reilly's web site, search for the title of this book to find its catalog page, and click on the link below the cover image (Examples, Companion Content, or Practice Files). Note that while we provide as much of the media content as we are able via free download, we are sometimes limited by licensing restrictions. Please direct any questions or concerns to booktech@oreilly.com. Your customers demand and deserve better security and privacy in their software. This book is the first to detail a rigorous, proven methodology that measurably minimizes security bugs—the Security Development Lifecycle (SDL). In this long-awaited book, security experts Michael Howard and Steve Lipner from the Microsoft Security Engineering Team guide you through each stage of the SDL—from education and design to testing and post-release. You get their first-hand insights, best practices, a practical history of the SDL, and lessons to help you implement the SDL in any development organization.
Discover how to:
Use a streamlined risk-analysis process to find security design issues before code is committed
Apply secure-coding best practices and a proven testing process
Conduct a final security review before a product ships
Arm customers with prescriptive guidance to configure and deploy your product more securely
Establish a plan to respond to new security vulnerabilities
Integrate security discipline into agile methods and processes, such as Extreme Programming and Scrum
Includes a CD featuring:
A six-part security class video conducted by the authors and other Microsoft security experts
Sample SDL documents and fuzz testing tool
PLUS—Get book updates on the Web. The Security Development Lifecycle: SDL: A Process for Developing Demonstrably More Secure Software Introduction Organization of This Book Part II, "The Security Development Lifecycle Process" Part III, "SDL Reference Material" The Future Evolution of the SDL What's on the Companion Disc? System Requirements Acknowledgments References I. The Need for the SDL Another Factor That Influences Security: Reliability It's Really About Quality Why Major Software Vendors Should Create More Secure Software Why In-House Software Developers Should Create More Secure Software. Why Small Software Developers Should Create More Secure SoftwareSummary References 2. Current Software Development Methods Fail to Produce Secure Software Understanding Security Bugs Critical Mass "Many Eyeballs" Misses the Point Altogether Proprietary Software Development Methods Agile Development Methods Common Criteria Summary References 3. A Short History of the SDL at Microsoft New Threats, New Responses Windows 2000 an.
دانلود کتاب The Security Development Lifecycle: Sdl - A Process For Developing Demonstrably More Secure Software
Discover how to:
Use a streamlined risk-analysis process to find security design issues before code is committed
Apply secure-coding best practices and a proven testing process
Conduct a final security review before a product ships
Arm customers with prescriptive guidance to configure and deploy your product more securely
Establish a plan to respond to new security vulnerabilities
Integrate security discipline into agile methods and processes, such as Extreme Programming and Scrum
Includes a CD featuring:
A six-part security class video conducted by the authors and other Microsoft security experts
Sample SDL documents and fuzz testing tool
PLUS—Get book updates on the Web. The Security Development Lifecycle: SDL: A Process for Developing Demonstrably More Secure Software Introduction Organization of This Book Part II, "The Security Development Lifecycle Process" Part III, "SDL Reference Material" The Future Evolution of the SDL What's on the Companion Disc? System Requirements Acknowledgments References I. The Need for the SDL Another Factor That Influences Security: Reliability It's Really About Quality Why Major Software Vendors Should Create More Secure Software Why In-House Software Developers Should Create More Secure Software. Why Small Software Developers Should Create More Secure SoftwareSummary References 2. Current Software Development Methods Fail to Produce Secure Software Understanding Security Bugs Critical Mass "Many Eyeballs" Misses the Point Altogether Proprietary Software Development Methods Agile Development Methods Common Criteria Summary References 3. A Short History of the SDL at Microsoft New Threats, New Responses Windows 2000 an.