Warehouse Stock Clearance Sale

Grab a bargain today!

  2. Home

Sign Up for Fishpond's Best Deals Delivered to You Every Day
Go
Secure, Resilient, and ­Agile Software Development
By Merkow, Mark
Rating
Format
Hardback, 238 pages
Other Formats Available

Paperback : £34.90

Published
United Kingdom, 3 December 2019

A collection of best practices and effective implementation recommendations that are proven to work, Secure, Resilient, and Agile Software Development leaves the boring details of software security theory out of the discussion as much as possible to concentrate on practical applied software security for practical people. Written to aid your career as well as your organization, the book shows how to gain skills in secure and resilient software development and related tasks. The book explains how to integrate these development skills into your daily duties, thereby increasing your professional value to your company, your management, your community, and your industry. Secure, Resilient, and Agile Software Development was written for the following professionals:

  • AppSec architects and program managers in information security organizations
  • Enterprise architecture teams with application development focus
  • Scrum teams
  • DevOps teams
  • Product owners and their managers
  • Project managers
  • Application security auditors

With a detailed look at Agile and Scrum software development methodologies, this book explains how security controls need to change in light of an entirely new paradigm on how software is developed. It focuses on ways to educate everyone who has a hand in any software development project with appropriate and practical skills to Build Security In. After covering foundational and fundamental principles for secure application design, this book dives into concepts, techniques, and design goals to meet well-understood acceptance criteria on features an application must implement. It also explains how the design sprint is adapted for proper consideration of security as well as defensive programming techniques. The book concludes with a look at white box application analysis and sprint-based activities to improve the security and quality of software under development.

Show more

Our Price
£59.95
Elsewhere
£71.99
Save £12.04 (17%)
Ships from UK Estimated delivery date: 18th Apr - 22nd Apr from UK

Buy Together
+
Buy together with Secure and Resilient Software at a great price!
Buy Together
£114.81
Elsewhere Price
£116.94
You Save £2.13 (2%)

Product Description

A collection of best practices and effective implementation recommendations that are proven to work, Secure, Resilient, and Agile Software Development leaves the boring details of software security theory out of the discussion as much as possible to concentrate on practical applied software security for practical people. Written to aid your career as well as your organization, the book shows how to gain skills in secure and resilient software development and related tasks. The book explains how to integrate these development skills into your daily duties, thereby increasing your professional value to your company, your management, your community, and your industry. Secure, Resilient, and Agile Software Development was written for the following professionals:

With a detailed look at Agile and Scrum software development methodologies, this book explains how security controls need to change in light of an entirely new paradigm on how software is developed. It focuses on ways to educate everyone who has a hand in any software development project with appropriate and practical skills to Build Security In. After covering foundational and fundamental principles for secure application design, this book dives into concepts, techniques, and design goals to meet well-understood acceptance criteria on features an application must implement. It also explains how the design sprint is adapted for proper consideration of security as well as defensive programming techniques. The book concludes with a look at white box application analysis and sprint-based activities to improve the security and quality of software under development.

Show more
Product Details
EAN
9780367332594
ISBN
0367332590
Writer
Merkow, Mark
Publisher
Taylor & Francis Ltd
Dimensions
23.9 x 15.5 x 1.8 centimeters (0.60 kg)

Table of Contents

Dedication

Contents

Preface

About the Author

Chapter 1: Today’s Software Development Practices Shatter Old Security Practices

Chapter 2: Deconstructing Agile and Scrum

Chapter 3: Learning Is FUNdamental!

Chapter 4: Product Backlog Development—Building Security In

Chapter 5: Secure Design Considerations

Chapter 6: Security in the Design Sprint

Chapter 7: Defensive Programming

Chapter 8: Testing Part 1: Static Code Analysis

Chapter 9: Testing Part 2: Penetration Testing/Dynamic Analysis/IAST/RASP

Chapter 10: Securing DevOps

Chapter 11: Metrics and Models for AppSec Maturity

Chapter 12: Frontiers for AppSec

Chapter 13: AppSec Is a Marathon—Not a Sprint!

Appendix A: Sample Acceptance Criteria for Security Controls

Appendix B: Resources for AppSec

Index

About the Author

Mark S. Merkow, CISSP, CISM, CSSLP, works at WageWorks in Tempe, Arizona, leading application security architecture and engineering efforts in the office of the CISO. Mark has over 40 years of experience in IT in a variety of roles, including application development, systems analysis and design, security engineering, and security management. Mark holds a Master of Science in Decision and Information Systems from Arizona State University (ASU), a Master of Education in Distance Education from ASU, and a Bachelor of Science in Computer Information Systems from ASU. In addition to his day job, Mark engages in a number of extracurricular activities, including consulting, course development, online course instruction, and book writing. Mark has authored or co-authored 17 books on IT and has been a contributing editor to four others. Mark remains very active in the information security community, working in a variety of volunteer roles for the Phoenix Chapter of (ISC)2®, ISACA®, and OWASP. You can find Mark’s LinkedIn® profile at: linkedin.com/in/markmerkow

Reviews

Modern software development breaks the old ways of security. This book is practical, actionable, relatable, and most importantly, current. It should be required reading for all Agile and DevOps teams.—Ed Adams, Chief Executive Officer, Security Innovation, Inc.

Modern software development breaks the old ways of security. This book is practical, actionable, relatable, and most importantly, current. It should be required reading for all Agile and DevOps teams.—Ed Adams, Chief Executive Officer, Security Innovation, Inc.Secure, Resilient, and Agile Software development is in touch with where the modern software development world is today and highlights the importance of security in a DevOps world. Mark captures the essence of how to educate developers and connect with them as Security Champions and the importance of a strong organizational security culture. Education, requirements, secure design principles, threat modeling, defensive programming, testing, code review, tools, and metrics; this book has it all. This book is a reference for those starting new programs, and for established programs that need new ideas.—Chris Romeo, CEO of Security Journey, co-host of the Application Security Podcast

Show more
Review this Product
Ask a Question About this Product More...
 
Look for similar items by category
Home » Books » Computers » Security » Networking
People also searched for
Item ships from and is sold by Fishpond World Ltd.

Back to top
We use essential and some optional cookies to provide you the best shopping experience. Visit our cookies policy page for more information.