Designing Secure Software: A Guide for Developers
Kohnfelder, Loren你有多喜欢这本书?
下载文件的质量如何?
下载该书,以评价其质量
下载文件的质量如何?
What every software professional should know about security.
Designing Secure Software consolidates Loren Kohnfelder’s more than twenty years of experience into a concise, elegant guide to improving the security of technology products. Written for a wide range of software professionals, it emphasizes building security into software design early and involving the entire team in the process.
The book begins with a discussion of core concepts like trust, threats, mitigation, secure design patterns, and cryptography. The second part, perhaps this book’s most unique and important contribution to the field, covers the process of designing and reviewing a software design with security considerations in mind. The final section details the most common coding flaws that create vulnerabilities, making copious use of code snippets written in C and Python to illustrate implementation vulnerabilities.
You’ll learn how to:
• Identify important assets, the attack surface, and the trust boundaries in a system
• Evaluate the effectiveness of various threat mitigation candidates
• Work with well-known secure coding patterns and libraries
• Understand and prevent vulnerabilities like XSS and CSRF, memory flaws, and more
• Use security testing to proactively identify vulnerabilities introduced into code
• Review a software design for security flaws effectively and without judgment
Kohnfelder’s career, spanning decades at Microsoft and Google, introduced numerous software security initiatives, including the co-creation of the STRIDE threat modeling framework used widely today. This book is a modern, pragmatic consolidation of his best practices, insights, and ideas about the future of software.
Designing Secure Software consolidates Loren Kohnfelder’s more than twenty years of experience into a concise, elegant guide to improving the security of technology products. Written for a wide range of software professionals, it emphasizes building security into software design early and involving the entire team in the process.
The book begins with a discussion of core concepts like trust, threats, mitigation, secure design patterns, and cryptography. The second part, perhaps this book’s most unique and important contribution to the field, covers the process of designing and reviewing a software design with security considerations in mind. The final section details the most common coding flaws that create vulnerabilities, making copious use of code snippets written in C and Python to illustrate implementation vulnerabilities.
You’ll learn how to:
• Identify important assets, the attack surface, and the trust boundaries in a system
• Evaluate the effectiveness of various threat mitigation candidates
• Work with well-known secure coding patterns and libraries
• Understand and prevent vulnerabilities like XSS and CSRF, memory flaws, and more
• Use security testing to proactively identify vulnerabilities introduced into code
• Review a software design for security flaws effectively and without judgment
Kohnfelder’s career, spanning decades at Microsoft and Google, introduced numerous software security initiatives, including the co-creation of the STRIDE threat modeling framework used widely today. This book is a modern, pragmatic consolidation of his best practices, insights, and ideas about the future of software.
种类:
年:
2021
出版社:
No Starch Press
语言:
english
页:
332
ISBN 10:
1718501935
ISBN 13:
9781718501935
文件:
PDF, 9.20 MB
您的标签:
IPFS:
CID , CID Blake2b
english, 2021
在1-5分钟内,文件将被发送到您的电子邮件。
该文件将通过电报信使发送给您。 您最多可能需要 1-5 分钟才能收到它。
注意:确保您已将您的帐户链接到 Z-Library Telegram 机器人。
该文件将发送到您的 Kindle 帐户。 您最多可能需要 1-5 分钟才能收到它。
请注意:您需要验证要发送到Kindle的每本书。检查您的邮箱中是否有来自亚马逊Kindle的验证电子邮件。
正在转换
转换为 失败