English | Vietnamese
 

banner

[Rule] Rules  [Home] Main Forum  [Portal] Portal  
[Members] Member Listing  [Statistics] Statistics  [Search] Search  [Reading Room] Reading Room 
[Register] Register   [Login] Loginhttp  | https  ]
 
Forum Index Thông tin về các địa chỉ và tài liệu hữu ích Software Security Engineering: A Guide for Project Managers  XML
  [Question]   Software Security Engineering: A Guide for Project Managers 21/05/2008 01:34:41 (+0700) | #1 | 131646
thư viện sách
Member
[Minus]    0    [Plus]
Joined: 10/02/2008 14:46:51
Messages: 317
Location: Người trong giang hồ
Offline
[Profile] [PM]
Software Security Engineering: A Guide for Project Managers, (The SEI Series in Software Engineering) (Paperback )




“This book’s broad overview can help an organization choose a set of
processes, policies, and techniques that are appropriate for its
security maturity, risk tolerance, and development style. This book will
help you understand how to incorporate practical security techniques
into all phases of the development lifecycle.”

–Steve Riley, senior security strategist, Microsoft Corporation

“There are books written on some of the topics addressed in this book,
and there are other books on secure systems engineering. Few address the
entire life cycle with a comprehensive overview and discussion of
emerging trends and topics as well as this one.”
–Ronda Henning, senior scientist-software/security queen, Harris
Corporation

Software that is developed from the beginning with security in mind will
resist, tolerate, and recover from attacks more effectively than would
otherwise be possible. While there may be no silver bullet for security,
there are practices that project managers will find beneficial. With
this management guide, you can select from a number of sound practices
likely to increase the security and dependability of your software, both
during its development and subsequently in its operation.

Software Security Engineering draws extensively on the systematic
approach developed for the Build Security In (BSI) Web site. Sponsored
by the Department of Homeland Security Software Assurance Program, the
BSI site offers a host of tools, guidelines, rules, principles, and
other resources to help project managers address security issues in
every phase of the software development life cycle (SDLC). The book’s
expert authors, themselves frequent contributors to the BSI site,
represent two well-known resources in the security world: the CERT
Program at the Software Engineering Institute (SEI) and Cigital, Inc., a
consulting firm specializing in software security.

This book will help you understand why
- Software security is about more than just eliminating
vulnerabilities and conducting penetration tests
- Network security mechanisms and IT infrastructure security services
do not sufficiently protect application software from security risks
- Software security initiatives should follow a risk-management
approach to identify priorities and to define what is “good
enough”–understanding that software security risks will change
throughout the SDLC
- Project managers and software engineers need to learn to think like
an attacker in order to address the range of functions that software
should not do, and how software can better resist, tolerate, and recover
when under attack

URL:
Code:
http://www.amazon.com/exec/obidos/tg/detail/-/032150917X/


Download:
Code:
http://rapidshare.com/files/114363881/Addison.Wesley.Software.Security.Engineering.May.2008.chm
[Up] [Print Copy]
[digg] [delicious] [google] [yahoo] [technorati] [reddit] [stumbleupon]
Go to: 
 Users currently in here 
1 Anonymous

Powered by JForum - Extended by HVAOnline
 hvaonline.net  |  hvaforum.net  |  hvazone.net  |  hvanews.net  |  vnhacker.org
1999 - 2013 © v2012|0504|218|