Rating:
Author:
ISBN : B008ID3W8I
New from $19.80
Format: PDF
Direct download links available Free Secure and Resilient Software Development [Print Replica] [Kindle Edition] for everyone book mediafire, rapishare, and mirror link Although many software books highlight open problems in secure software development, few provide easily actionable, ground-level solutions. Breaking the mold, Secure and Resilient Software Development teaches you how to apply best practices and standards for consistent and secure software development. It details specific quality software development strategies and practices that stress resilience requirements with precise, actionable, and ground-level inputs. Providing comprehensive coverage, the book illustrates all phases of the secure software development life cycle. It shows developers how to master non-functional requirements including reliability, security, and resilience. The authors provide expert-level guidance through all phases of the process and supply many best practices, principles, testing practices, and design methodologies. For updates to this book and ongoing activities of interest to the secure and resilient software community, please visit: www.srsdlc.com " Secure and Resilient Software Development provides a strong foundation for anyone getting started in application security. Most application security books fall into two categories: business-oriented and vague or ridiculously super technical. Mark and Laksh draw on their extensive experience to bridge this gap effectively. The book consistently links important technical concepts back to the business reasons for application security with interesting stories about real companies dealing with application security issues ." —Jeff Williams, Chair, The OWASP FoundationBooks with free ebook downloads available Free Secure and Resilient Software Development
- File Size: 5949 KB
- Print Length: 392 pages
- Publisher: Auerbach Publication; 1 edition (May 14, 2012)
- Sold by: Amazon Digital Services, Inc.
- Language: English
- ASIN: B008ID3W8I
- Text-to-Speech: Not enabled
X-Ray for Textbooks:
- Lending: Not Enabled
- Amazon Best Sellers Rank: #991,083 Paid in Kindle Store (See Top 100 Paid in Kindle Store)
Free Secure and Resilient Software Development
"Secure and Resilient Software Development" by Mark Merkow and Laksh Raghavan is a really good book. It addresses a key security area that is generally given short shrift, even though purportedly more than 70 percent of breaches result from attacks on the application layer. The book is one of only a handful of texts about information security written by practitioners for practitioners. Even fewer practitioner books address software security ... and most of those have been written or co-authored by Mark Merkow! The majority of publications in the field of software security are written by academics or vendors' employees, both of whom have their own agenda. The former group is dominated by publishing or perishing; whereas the latter generally promote particular products or methodologies supplied by their employers. The true value of Mark and Laksh's book is that it is both impartial and extremely informative.
The book is comprehensive. It covers areas with which most infosec professionals and software developers are not likely to be familiar. For example, the authors recount the history of application security testing as far back as the Orange Book and Common Criteria (CC). Incidentally, Mark co-authored an excellent book on the CC, namely "Computer Security Assurance Using the Common Criteria" (Thomson, 2005). In the current book, issues with the CC approach are raised ... and by someone who should know!
Among the many useful chapters, I personally derived the most from Chapters 8 and 9, which are about testing custom applications and commercial-off-the-shelf software respectively. I also was interested in reading Chapter 11 on metrics and maturity models.
-
Download Link 2